https://bugzilla.samba.org/show_bug.cgi?id=8445
Wayne Davison <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Summary|rsync crash when remote |Add a non-trusted |filter rule changes |filter-file option that | |would limit the rules and | |ignore syntax errors Severity|critical |enhancement --- Comment #1 from Wayne Davison <[email protected]> 2011-09-10 21:06:51 UTC --- (In reply to comment #0) > invalid modifier sequence at 't' in filter rule: -/tmp You'll note that rule is missing a space, so it was a fitler-rule syntax error. Rsync treats a failure to parse filter rules as something that it should complain about in a fatal error so that you get a chance to fix it. So, it seems to me that the issue here is that you're trusting user-generated filter rules in a backup situation, which may not be a good idea (e.g. consider the inclusion of a filter-rule import that references a secret file in order to try to sniff its contents). What you could do instead is to do a pre-copy restrictive parse of all the filter files in the backup hierarchy and turn them into a single set of global rules, dropping any syntax error lines and ignoring any rules that shouldn't be trusted (you'd have to massage the paths and such). Then, run rsync with that filtered global exclude list rather than the per-dir filter rules. Another option is to mark the rules in the filter files as only hide rules (aka a server-side-only exclude) which avoids an unwanted protect-from-deletion effect of a normal exclude (thus users can specify things not to copy, but not prevent things from being removed on the backup server). This also avoids any prefix/option interpretation in the per-dir files, so rsync won't generate an error reading when it is parsing the files. e.g.: --filter=':-s .rsync-exclude' You'd need to filter all the .rsync-filter files, changing the "- foo" rules into just "foo" in the per-dir .rsync-exclude files for this to work, and let your users know about the new filename (if you indeed change it) and the new syntax. -- Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
