rsyncd + scripting

Bill Carlson wcarlson at vh.org
Tue Jun 18 09:45:02 EST 2002 

Hey all,

Here's a patch that implements the following for daemon mode, against 
2.5.5 source:

     refuse file
          If "refuse file" exists,  then  the  contents  will  be
          displayed  to the client, similiar to motd and the client
          will be informed this module is down and not available.
          This  option  is handy if you have background jobs that
          occassionally run against a module's files and you  want
          to  deny  access  while  it is running or if there is a
          problem and you  want  to  prevent  any  syncs  against
          potentially  bad  file  trees. The default is no refuse
          file.


Later,

Bill Carlson
-- 
Systems Programmer    wcarlson at vh.org         | Anything is possible,
Virtual Hospital      http://www.vh.org/      | given time and money.
University of Iowa Hospitals and Clinics      |       
Opinions are mine, not my employer's.         | 
-------------- next part --------------
--- clientserver.c	2002/06/17 21:26:47	1.1
+++ clientserver.c	2002/06/18 16:14:18
@@ -185,6 +185,7 @@
 	extern int am_sender;
 	extern int remote_version;
 	extern int am_root;
+	char *refuse=NULL;
 
 	if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) {
 		rprintf(FERROR,"rsync denied on module %s from %s (%s)\n",
@@ -194,6 +195,30 @@
 		return -1;
 	}
 
+	/* Check whether this module should be accessible */
+	refuse = lp_refuse_file(i);
+	if (refuse && *refuse) {
+		FILE *f = fopen(refuse,"r");
+		while (f && !feof(f)) {
+			int len = fread(line, 1, sizeof(line)-1, f);
+			if (len > 0) {
+                               line[len] = 0;
+                               io_printf(fd,"%s", line);
+                        }
+                }
+                if (f) {
+			fclose(f);
+			rprintf(FERROR,"rsync denied on module %s from %s (%s): module down\n",
+				name,host,addr);
+			io_printf(fd,"@ERROR: access denied to %s from %s (%s): module down\n",
+				name, host, addr);
+                	io_printf(fd,"\n");
+		
+			return -1;
+		}
+	}
+
+
 	if (!claim_connection(lp_lock_file(i), lp_max_connections(i))) {
 		if (errno) {
 			rprintf(FERROR,"failed to open lock file %s : %s\n",
--- proto.h	2002/06/18 14:42:27	1.1
+++ proto.h	2002/06/18 16:14:19
@@ -123,6 +123,7 @@
 char *lp_comment(int );
 char *lp_path(int );
 char *lp_lock_file(int );
+char *lp_refuse_file(int );
 BOOL lp_read_only(int );
 BOOL lp_list(int );
 BOOL lp_use_chroot(int );
--- loadparm.c	2002/06/18 14:30:45	1.1
+++ loadparm.c	2002/06/18 16:14:18
@@ -140,6 +140,7 @@
 	int timeout;
 	int max_connections;
 	BOOL ignore_nonreadable;
+	char *refuse_file;
 } service;
 
 
@@ -180,7 +181,8 @@
 	"*.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz",    /* dont compress */
 	0,        /* timeout */
 	0,        /* max connections */
-	False     /* ignore nonreadable */
+	False,     /* ignore nonreadable */
+	NULL	/* refuse file not used */
 };
 
 
@@ -274,6 +276,7 @@
   {"name",             P_STRING,  P_LOCAL,  &sDefault.name,        NULL,   0},
   {"comment",          P_STRING,  P_LOCAL,  &sDefault.comment,     NULL,   0},
   {"lock file",        P_STRING,  P_LOCAL,  &sDefault.lock_file,   NULL,   0},
+  {"refuse file",      P_STRING,  P_LOCAL,  &sDefault.refuse_file, NULL,   0},
   {"path",             P_STRING,  P_LOCAL,  &sDefault.path,        NULL,   0},
   {"read only",        P_BOOL,    P_LOCAL,  &sDefault.read_only,   NULL,   0},
   {"list",             P_BOOL,    P_LOCAL,  &sDefault.list,        NULL,   0},
@@ -352,6 +355,7 @@
 FN_LOCAL_STRING(lp_comment, comment)
 FN_LOCAL_STRING(lp_path, path)
 FN_LOCAL_STRING(lp_lock_file, lock_file)
+FN_LOCAL_STRING(lp_refuse_file, refuse_file)
 FN_LOCAL_BOOL(lp_read_only, read_only)
 FN_LOCAL_BOOL(lp_list, list)
 FN_LOCAL_BOOL(lp_use_chroot, use_chroot)
--- rsyncd.conf.5	2002/06/18 16:18:30	1.1
+++ rsyncd.conf.5	2002/06/18 16:37:15
@@ -160,6 +160,13 @@
 locking on this file to ensure that the max connections limit is not
 exceeded\&. The default is \f(CW/var/run/rsyncd\&.lock\fP\&.
 .IP 
+.IP "\fBrefuse file\fP" 
+If "refuse file" exists, then the contents will be displayed to the client,
+similiar to motd and the client will be informed this module is down and not available\&.
+This option is handy if you have background jobs that occassionally run against a module's
+files and you want to deny access while it is running or if there is a problem and you want
+to prevent any syncs against potentially bad file trees\&. The default is no refuse file\&.
+.IP 
 .IP "\fBread only\fP" 
 The "read only" option determines whether clients
 will be able to upload files or not\&. If "read only" is true then any
--- rsyncd.conf.yo	2002/06/18 16:18:38	1.1
+++ rsyncd.conf.yo	2002/06/18 16:38:44
@@ -150,6 +150,13 @@
 locking on this file to ensure that the max connections limit is not
 exceeded. The default is tt(/var/run/rsyncd.lock).
 
+dit(bf(refuse file)) If "refuse file" exists, then the contents will be displayed
+to the client, similiar to motd and the client will be informed this module is
+down and not available.  This option is handy if you have background jobs that
+occassionally run against a module's files and you want to deny access while it
+is running or if there is a problem and you w ant to prevent any syncs against
+potentially bad file trees. The default is no refuse file.
+
 dit(bf(read only)) The "read only" option determines whether clients
 will be able to upload files or not. If "read only" is true then any
 attempted uploads will fail. If "read only" is false then uploads will

More information about the rsync mailing list