PATCH: rsyncd.conf permission options

Stefan Nehlsen sn at ParlaNet.de
Tue Mar 11 22:11:38 EST 2003 

This is a patch to control unix permissions when uploading to a rsyncd-server
by setting rsyncd.conf options.


cu, Stefan
-- 
Stefan Nehlsen | ParlaNet Administration | sn at parlanet.de | +49 431 988-1260
-------------- next part --------------
diff -ur rsync-2.5.5/loadparm.c rsync-2.5.5-umask/loadparm.c
--- rsync-2.5.5/loadparm.c	Mon Mar 25 05:04:23 2002
+++ rsync-2.5.5-umask/loadparm.c	Sun Mar  2 22:53:16 2003
@@ -140,6 +140,10 @@
 	int timeout;
 	int max_connections;
 	BOOL ignore_nonreadable;
+	int create_mask;
+	int force_create_mode;
+	int directory_mask;
+	int force_directory_mode;
 } service;
 
 
@@ -180,7 +184,11 @@
 	"*.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz",    /* dont compress */
 	0,        /* timeout */
 	0,        /* max connections */
-	False     /* ignore nonreadable */
+	False,    /* ignore nonreadable */
+	07777,	/* create mask  (~S_IFMT) */
+	0,	/* force create mode */
+	07777,	/* directory mask */
+	0	/* force directory mode */
 };
 
 
@@ -295,6 +303,10 @@
   {"log format",       P_STRING,  P_LOCAL,  &sDefault.log_format,  NULL,   0},
   {"refuse options",   P_STRING,  P_LOCAL,  &sDefault.refuse_options,NULL, 0},
   {"dont compress",    P_STRING,  P_LOCAL,  &sDefault.dont_compress,NULL,  0},
+  {"create mask",          P_OCTAL, P_LOCAL, &sDefault.create_mask,          NULL, 0},
+  {"force create mode",    P_OCTAL, P_LOCAL, &sDefault.force_create_mode,    NULL, 0},
+  {"directory mask",       P_OCTAL, P_LOCAL, &sDefault.directory_mask,       NULL, 0},
+  {"force directory mode", P_OCTAL, P_LOCAL, &sDefault.force_directory_mode, NULL, 0},
   {NULL,               P_BOOL,    P_NONE,   NULL,                  NULL,   0}
 };
 
@@ -374,6 +386,10 @@
 FN_LOCAL_STRING(lp_dont_compress, dont_compress)
 FN_LOCAL_INTEGER(lp_timeout, timeout)
 FN_LOCAL_INTEGER(lp_max_connections, max_connections)
+FN_LOCAL_INTEGER(lp_create_mask, create_mask)
+FN_LOCAL_INTEGER(lp_force_create_mode, force_create_mode)
+FN_LOCAL_INTEGER(lp_directory_mask, directory_mask)
+FN_LOCAL_INTEGER(lp_force_directory_mode, force_directory_mode)
 
 /* local prototypes */
 static int    strwicmp( char *psz1, char *psz2 );
diff -ur rsync-2.5.5/proto.h rsync-2.5.5-umask/proto.h
--- rsync-2.5.5/proto.h	Mon Mar 25 04:51:17 2002
+++ rsync-2.5.5-umask/proto.h	Sun Mar  2 21:59:03 2003
@@ -145,6 +145,10 @@
 char *lp_dont_compress(int );
 int lp_timeout(int );
 int lp_max_connections(int );
+int lp_create_mask(int );
+int lp_force_create_mode(int );
+int lp_directory_mask(int );
+int lp_force_directory_mode(int );
 BOOL lp_load(char *pszFname, int globals_only);
 int lp_numservices(void);
 int lp_number(char *name);
diff -ur rsync-2.5.5/rsync.c rsync-2.5.5-umask/rsync.c
--- rsync-2.5.5/rsync.c	Thu Dec 20 16:33:13 2001
+++ rsync-2.5.5-umask/rsync.c	Sun Mar  2 22:26:40 2003
@@ -150,6 +150,8 @@
 	int updated = 0;
 	STRUCT_STAT st2;
 	int change_uid, change_gid;
+	extern int am_daemon;
+	extern int module_id;
 
 	if (dry_run) return 0;
 
@@ -203,9 +205,18 @@
 
 #ifdef HAVE_CHMOD
 	if (!S_ISLNK(st->st_mode)) {
-		if (st->st_mode != file->mode) {
+		mode_t mode = file->mode; /* file->mode shouldn't be modified */
+
+		if (am_daemon) {
+			if(S_ISDIR(st->st_mode)) {
+				mode = ( mode & lp_directory_mask(module_id)) | lp_force_directory_mode(module_id);
+			} else {
+				mode = ( mode & lp_create_mask(module_id)) | lp_force_create_mode(module_id);
+			}
+		}
+		if (st->st_mode != mode) {
 			updated = 1;
-			if (do_chmod(fname,file->mode) != 0) {
+			if (do_chmod(fname, mode) != 0) {
 				rprintf(FERROR,"failed to set permissions on %s : %s\n",
 					fname,strerror(errno));
 				return 0;
-------------- next part --------------
rsyncd.conf options to handle file permissions
(stolen from samba)

This patch is made to provide more control on the
permissions of files and directories that are
uploaded to a rsyncd-server.

Normally when files and directories are uploaded to
a rsyncd they are created with the permissions of the
source. Especially in the case that user and group
are set to special values using the uid and gid
directives it does not much sense to use the source
permission pattern.

There is a patch introducing a new chmod command line
option but normally you may want to control the permissions
on server side. The patch below will allow you to modify
file and directory permissions by using 4 new rsyncd.conf
directives. I'm sure that those 2 patches will not break
each other and it really makes sense to use them both.

You may know this options from samba :-)


create mask

	When a file is created (or touched) by rsyncd the
	permissions will be taken from the source file
	bit-wise 'AND'ed with this parameter. This
	parameter may be thought of as a bit-wise MASK for
	the UNIX modes of a file. Any bit not set here will
	be removed from the modes set on a file when it is
	created.

	The default value of this parameter is set to 07777
	to be provide the default behaviour of older versions.

	Following this rsync  will bit-wise 'OR' the UNIX
	mode created from this parameter with the value  of
	the force create mode parameter which is set to 000
	by default.

	This parameter does not affect directory modes. See
	the parameter "directory mask" for details.

	See also the "force create mode" parameter for
	forcing particular mode bits to be set on created
	files. See also the "directory mask" parameter for
	masking mode bits on created directories.

	Default: create mask = 07777

	Example: create mask = 0644


force create mode

	This parameter specifies a set of UNIX mode bit
	permissions that will always be set on a file created
	by rsyncd. This is done by bitwise 'OR'ing these bits
	onto the mode bits of a file that is being created or
	having its permissions changed.

	The default for this parameter is (in octal) 000.
	The modes in this parameter are bitwise 'OR'ed onto
	the file mode after the mask set in the "create mask"
	parameter is applied.

	See also the parameter "create mask" for details on
	masking mode bits on files.

	Default: force create mode = 000

	Example: force create mode = 0644


directory mask

	When a directory is created (or touched) by rsyncd the
        permissions will be taken from the source directory
        bit-wise 'AND'ed with this parameter. This
        parameter may be thought of as a bit-wise MASK for
        the UNIX modes of a file. Any bit not set here will
        be removed from the modes set on a file when it is
        created.

	The default value of this parameter is set to 07777
	to be provide the default behaviour of older versions.
 
	Following this rsync  will bit-wise 'OR' the UNIX
	mode created from this parameter with the value  of
	the "force directory mode" parameter which is set to 000
	by default.

	This parameter does not affect file modes. See
	the parameter "create mask" for details.
 
	See also the "force directory mode" parameter for
	forcing particular mode bits to be set on created
	directories. See also the "create mask" parameter for
	masking mode bits on created files.
 
	Default: directory mask = 07777

	Example: directory mask = 0755


force directory mode

	This parameter specifies a set of UNIX mode bit
	permissions that will always be set on a directory
	created by rsyncd. This is done by bitwise 'OR'ing
	these bits onto the mode bits of a directory that
	is being created. The default for this parameter is
	(in octal) 0000 which will not add any extra permission
	bits to a created directory. This operation is done
	after the mode mask in the parameter "directory mask"
	is applied.

	See also the parameter  directory mask for details
	on masking mode bits on created directories.

	Default: force directory mode = 000

	Example: force directory mode = 0755

More information about the rsync mailing list