Hi. Thanks for good program. I'm quite paranoid guy and dont beleave when some program offer me "use chroot = yes". Instead i jail program manually. I was at 3.0.9 and all was fine. Manual chroot only requires files dir, config and personal tmp. 3.1.1 now also want whole /proc only for /proc/self/fd/X instead just fd number. Whole /proc is serious security risk for me. Why?
starce log lstat64("tt", {st_mode=S_IFDIR|S_ISGID|0755, st_size=4096, ...}) = 0 fstatat64(AT_FDCWD, "tt", {st_mode=S_IFDIR|S_ISGID|0755, st_size=4096, ...}, AT _SYMLINK_NOFOLLOW) = 0 openat(AT_FDCWD, "tt", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 2 fstatat64(AT_FDCWD, "/proc/self/fd/2", 0x5bafe7f0, 0) = -1 ENOENT (No such file or directory) close(2) = 0 getpid() = 1395 sendto(0, "<28>Aug 1 00:35:51 rsyncd[1395]"..., 117, 0, NULL, 0) = -1 ENOTCONN (Socket not connected) connect(0, {sa_family=AF_LOCAL, sun_path="/dev/log"}, 12) = -1 ENOENT (No such file or directory) select(4, [1], [3], [1], {60, 0}) = 1 (out [3], left {59, 999915}) write(3, "V\0\0\10rsync: failed to set permiss"..., 361) = 361 -- Alexander.
-- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html