Re: [draft PATCH] whitelist support for refuse options
On Sun, Feb 9, 2020 at 2:06 PM Nick Cleaton via rsync wrote: > This adds support for whitelisting the acceptable options in the "refuse > options" setting in rsyncd.conf. It introduces "!" as a special option > string that refuses most options and interprets any following strings as > patterns of options to allow. > > For example, to allow only verbose and archive: > > refuse options = ! verbose archive > I had been thinking about doing something like this recently, so I appreciate the patch. I like your idea of (temporarily) using the descrip value to keep track of what gets refused, which I also used in my implementation. I went with a slightly different idiom of adding negated match terms instead of using "!" to toggle into a different mode that affects all the following match terms. The current git now has support for things like the following: refuse options = * !a !v refuse options = delete-* !delete-during c To make things easier, some vital options (such as "server" & "dry-run" & "no-iconv") are not matched by wild-card terms, so the above refusing of "*" leaves those options alone while still allowing someone who really, really wants to disable --dry-run the ability to do so by specifying "dry-run" (a non-wild match) in their refuse list. The new rsyncd.conf manpage lists the options that are not matched by wild-cards. ..wayne.. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
[SCM] The rsync repository. - branch master updated
The branch, master has been updated via c3986d4c More manpage improvements for "refuse options". from b3a1a0ca Add the ability to negate matches for the daemon's "refuse options". https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log - commit c3986d4c5affc383de11f052cb457c5334043d4e Author: Wayne Davison Date: Sun May 17 22:16:58 2020 -0700 More manpage improvements for "refuse options". --- Summary of changes: rsyncd.conf.yo | 34 +- 1 file changed, 25 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index c3bc3dd1..15b1b44c 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -736,7 +736,7 @@ default. A good choice for anonymous rsync daemons may be 600 (giving a 10 minute timeout). dit(bf(refuse options)) This parameter allows you to specify a space-separated -list of rsync command line options that will be refused by your rsync daemon. +list of rsync command-line options that will be refused by your rsync daemon. You may specify the full option name, its one-letter abbreviation, or a wild-card string that matches multiple options. Beginning in 3.2.0, you can also negate a match term by starting it with a "!". @@ -758,13 +758,13 @@ verb(refuse options = delete-* !delete-during) Negated matching can also turn your list of refused options into a list of accepted options. To do this, begin the list with a "*" (to refuse all options) -and then specify one or more negated matches to allow. For example: +and then specify one or more negated matches to accept. For example: verb(refuse options = * !a !v !compress*) -Don't worry that the "*" will refuse certain vital options such as +Don't worry that the "*" will refuse certain vital options such as bf(--dry-run), bf(--server), bf(--no-iconv), bf(--protect-args), etc. These important options -are not matched by a wild-card, so they must be overridden by their exact name. +are not matched by wild-card, so they must be overridden by their exact name. For instance, if you're forcing iconv transfers you could use something like this: @@ -781,7 +781,7 @@ As an additional safety feature, the refusal of "delete" also refuses bf(remove-source-files) when the daemon is the sender; if you want the latter without the former, instead refuse "delete-*" as that refuses all the delete modes without affecting bf(--remove-source-files). (Keep in mind that the -client's bf(--delete) option typically enables bf(--delete-during).) +client's bf(--delete) option typically results in bf(--delete-during).) When un-refusing delete options, you should either specify "!delete*" (to accept all delete options) or specify a limited set that includes "delete", @@ -794,14 +794,30 @@ verb(refuse options = * !a !delete !delete-during) verb(refuse options = * !a !delete* delete-after) A note on refusing "compress" -- it is better to set the "dont compress" daemon -option to "*" because that disables compression silently instead of returning +parameter to "*" because that disables compression silently instead of returning an error that forces the client to remove the bf(-z) option. If you are un-refusing the compress option, you probably want to match -"!compress*" so that you also allow the bf(--compress-level) option. +"!compress*" so that you also accept the bf(--compress-level) option. -Finally, the "write-devices" option is refused by default, but can be -explicitly enabled with "!write-devices". +Note that the "write-devices" option is refused by default, but can be +explicitly accepted with "!write-devices". + +Here are all the options that are not matched by wild-cards: + +quote(itemization( + it() bf(--server): Required for rsync to even work. + it() bf(-e): Required to convey compatibility flags to the server. + it() bf(--log-format): This is required to convey things like bf(--itemize-changes) to a remote receiver. Is an older name for bf(--out-format) that is still passed to the server for improved backward compatibility and should not be confused with bf(--log-file-format). + it() bf(--sender): Use "write only" parameter instead of refusing this. + it() bf(-n, --dry-run): Who would want to disable this? + it() bf(-s, --protect-args): This actually makes transfers safer. + it() bf(-0, --from0): Make it easier to accept/refuse bf(--files-from) without affecting this modifier. + it() bf(--iconv): This is auto-disabled based on "charset" parameter. + it() bf(--no-iconv): Most transfers use this option. + it() bf(--checksum-seed): Is a fairly rare, safe option. + it() bf(--write-devices): Is non-wild but also auto-disabled. +)) dit(bf(dont compress)) This parameter allows you to select filenames based on wildcard patterns that should not be compressed
[Bug 14371] Combined Exclude & Protect Filter Type
https://bugzilla.samba.org/show_bug.cgi?id=14371 --- Comment #3 from Haravikk --- If I remove --delete-excluded then how do I ensure my backups remove items matching new exclusion rules? For example, if I identify a new cache folder or such that I don't want to copy, and it add to my exclusion rules, then surely I'd end up with it stuck on the receiving side if it's already there? Don't really want to have to rely on myself remembering to clear these manually every time (especially as it may be for multiple sync operations). -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
[Bug 14371] Combined Exclude & Protect Filter Type
https://bugzilla.samba.org/show_bug.cgi?id=14371 Wayne Davison changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #1 from Wayne Davison --- Just don't use --delete-excluded. For anything that you want to exclude on the sending side without excluding it on the receiving side you should use a "hide" filter rule instead. This way you'll never have 2 rules, only either an "H" rule or a "-" rule. --- Comment #2 from Wayne Davison --- Just don't use --delete-excluded. For anything that you want to exclude on the sending side without excluding it on the receiving side you should use a "hide" filter rule instead. This way you'll never have 2 rules, only either an "H" rule or a "-" rule. -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
[Bug 14371] Combined Exclude & Protect Filter Type
https://bugzilla.samba.org/show_bug.cgi?id=14371 Wayne Davison changed: What|Removed |Added Resolution|--- |WONTFIX Status|NEW |RESOLVED --- Comment #1 from Wayne Davison --- Just don't use --delete-excluded. For anything that you want to exclude on the sending side without excluding it on the receiving side you should use a "hide" filter rule instead. This way you'll never have 2 rules, only either an "H" rule or a "-" rule. -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
[Bug 14365] 3.1.3 cygwin compilation failure
https://bugzilla.samba.org/show_bug.cgi?id=14365 Wayne Davison changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED Version|3.1.3 |3.2.0 --- Comment #2 from Wayne Davison --- Fixed in upcoming 3.2.0 release. -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html