rsyncd + scripting
Dave Dykstra
dwd at bell-labs.com
Tue Jun 18 15:05:01 EST 2002
Seems useful. If you supported something like "%M" in the file name
to be replaced with the module name, you could easily set up a global
option to be used for any module.
I'd start of the man page entry with
If "refuse file" is set to a filename and the file exists,
- Dave
On Tue, Jun 18, 2002 at 11:39:35AM -0500, Bill Carlson wrote:
> Hey all,
>
> Here's a patch that implements the following for daemon mode, against
> 2.5.5 source:
>
> refuse file
> If "refuse file" exists, then the contents will be
> displayed to the client, similiar to motd and the client
> will be informed this module is down and not available.
> This option is handy if you have background jobs that
> occassionally run against a module's files and you want
> to deny access while it is running or if there is a
> problem and you want to prevent any syncs against
> potentially bad file trees. The default is no refuse
> file.
>
>
> Later,
>
> Bill Carlson
> --
> Systems Programmer wcarlson at vh.org | Anything is possible,
> Virtual Hospital http://www.vh.org/ | given time and money.
> University of Iowa Hospitals and Clinics |
> Opinions are mine, not my employer's. |
> --- clientserver.c 2002/06/17 21:26:47 1.1
> +++ clientserver.c 2002/06/18 16:14:18
> @@ -185,6 +185,7 @@
> extern int am_sender;
> extern int remote_version;
> extern int am_root;
> + char *refuse=NULL;
>
> if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) {
> rprintf(FERROR,"rsync denied on module %s from %s (%s)\n",
> @@ -194,6 +195,30 @@
> return -1;
> }
>
> + /* Check whether this module should be accessible */
> + refuse = lp_refuse_file(i);
> + if (refuse && *refuse) {
> + FILE *f = fopen(refuse,"r");
> + while (f && !feof(f)) {
> + int len = fread(line, 1, sizeof(line)-1, f);
> + if (len > 0) {
> + line[len] = 0;
> + io_printf(fd,"%s", line);
> + }
> + }
> + if (f) {
> + fclose(f);
> + rprintf(FERROR,"rsync denied on module %s from %s (%s): module down\n",
> + name,host,addr);
> + io_printf(fd,"@ERROR: access denied to %s from %s (%s): module down\n",
> + name, host, addr);
> + io_printf(fd,"\n");
> +
> + return -1;
> + }
> + }
> +
> +
> if (!claim_connection(lp_lock_file(i), lp_max_connections(i))) {
> if (errno) {
> rprintf(FERROR,"failed to open lock file %s : %s\n",
> --- proto.h 2002/06/18 14:42:27 1.1
> +++ proto.h 2002/06/18 16:14:19
> @@ -123,6 +123,7 @@
> char *lp_comment(int );
> char *lp_path(int );
> char *lp_lock_file(int );
> +char *lp_refuse_file(int );
> BOOL lp_read_only(int );
> BOOL lp_list(int );
> BOOL lp_use_chroot(int );
> --- loadparm.c 2002/06/18 14:30:45 1.1
> +++ loadparm.c 2002/06/18 16:14:18
> @@ -140,6 +140,7 @@
> int timeout;
> int max_connections;
> BOOL ignore_nonreadable;
> + char *refuse_file;
> } service;
>
>
> @@ -180,7 +181,8 @@
> "*.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz", /* dont compress */
> 0, /* timeout */
> 0, /* max connections */
> - False /* ignore nonreadable */
> + False, /* ignore nonreadable */
> + NULL /* refuse file not used */
> };
>
>
> @@ -274,6 +276,7 @@
> {"name", P_STRING, P_LOCAL, &sDefault.name, NULL, 0},
> {"comment", P_STRING, P_LOCAL, &sDefault.comment, NULL, 0},
> {"lock file", P_STRING, P_LOCAL, &sDefault.lock_file, NULL, 0},
> + {"refuse file", P_STRING, P_LOCAL, &sDefault.refuse_file, NULL, 0},
> {"path", P_STRING, P_LOCAL, &sDefault.path, NULL, 0},
> {"read only", P_BOOL, P_LOCAL, &sDefault.read_only, NULL, 0},
> {"list", P_BOOL, P_LOCAL, &sDefault.list, NULL, 0},
> @@ -352,6 +355,7 @@
> FN_LOCAL_STRING(lp_comment, comment)
> FN_LOCAL_STRING(lp_path, path)
> FN_LOCAL_STRING(lp_lock_file, lock_file)
> +FN_LOCAL_STRING(lp_refuse_file, refuse_file)
> FN_LOCAL_BOOL(lp_read_only, read_only)
> FN_LOCAL_BOOL(lp_list, list)
> FN_LOCAL_BOOL(lp_use_chroot, use_chroot)
> --- rsyncd.conf.5 2002/06/18 16:18:30 1.1
> +++ rsyncd.conf.5 2002/06/18 16:37:15
> @@ -160,6 +160,13 @@
> locking on this file to ensure that the max connections limit is not
> exceeded\&. The default is \f(CW/var/run/rsyncd\&.lock\fP\&.
> .IP
> +.IP "\fBrefuse file\fP"
> +If "refuse file" exists, then the contents will be displayed to the client,
> +similiar to motd and the client will be informed this module is down and not available\&.
> +This option is handy if you have background jobs that occassionally run against a module's
> +files and you want to deny access while it is running or if there is a problem and you want
> +to prevent any syncs against potentially bad file trees\&. The default is no refuse file\&.
> +.IP
> .IP "\fBread only\fP"
> The "read only" option determines whether clients
> will be able to upload files or not\&. If "read only" is true then any
> --- rsyncd.conf.yo 2002/06/18 16:18:38 1.1
> +++ rsyncd.conf.yo 2002/06/18 16:38:44
> @@ -150,6 +150,13 @@
> locking on this file to ensure that the max connections limit is not
> exceeded. The default is tt(/var/run/rsyncd.lock).
>
> +dit(bf(refuse file)) If "refuse file" exists, then the contents will be displayed
> +to the client, similiar to motd and the client will be informed this module is
> +down and not available. This option is handy if you have background jobs that
> +occassionally run against a module's files and you want to deny access while it
> +is running or if there is a problem and you w ant to prevent any syncs against
> +potentially bad file trees. The default is no refuse file.
> +
> dit(bf(read only)) The "read only" option determines whether clients
> will be able to upload files or not. If "read only" is true then any
> attempted uploads will fail. If "read only" is false then uploads will
More information about the rsync
mailing list