<div dir="ltr"><div dir="ltr">On Sun, Feb 9, 2020 at 2:06 PM Nick Cleaton via rsync <<a href="mailto:rsync@lists.samba.org">rsync@lists.samba.org</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">This adds support for whitelisting the acceptable options in the "refuse options" setting in rsyncd.conf. It introduces "!" as a special option string that refuses most options and interprets any following strings as patterns of options to allow.<br>
<br>
For example, to allow only verbose and archive:<br>
<br>
refuse options = ! verbose archive<br></blockquote><div class="gmail_quote"><br></div>I had been thinking about doing something like this recently, so I appreciate the patch. I like your idea of (temporarily) using the descrip value to keep track of what gets refused, which I also used in my implementation. I went with a slightly different idiom of adding negated match terms instead of using "!" to toggle into a different mode that affects all the following match terms.</div><div class="gmail_quote"><br></div><div class="gmail_quote">The current git now has support for things like the following:</div><div class="gmail_quote"><font face="monospace"><br></font></div><div class="gmail_quote"><font face="monospace">refuse options = * !a !v</font></div><div class="gmail_quote"><font face="monospace"><br></font></div><div class="gmail_quote"><font face="monospace">refuse options = delete-* !delete-during c</font></div><div class="gmail_quote"><br></div><div class="gmail_quote">To make things easier, some vital options (such as "server" & "dry-run" & "no-iconv") are not matched by wild-card terms, so the above refusing of "*" leaves those options alone while still allowing someone who really, really wants to disable --dry-run the ability to do so by specifying "dry-run"
(a non-wild match)
in their refuse list. The new rsyncd.conf manpage lists the options that are not matched by wild-cards.</div><div class="gmail_quote"><br clear="all"><div>..wayne.. </div></div></div>