rsync.yo doc patch

Wayne Davison wayned at samba.org
Fri Jan 23 09:43:41 GMT 2004 

On Thu, Jan 22, 2004 at 06:50:35PM -0800, jw schultz wrote:
> I'd leave it as is except to replace the paranthetic with
> the text regarding --numeric-ids in the --owner section

Unfortunately the text in the --owner section is wrong -- the
--numeric-ids option is not implied by anything.  If the chroot
area contains its own etc/passwd and etc/group files, the names
will be mapped even when chroot is enabled.  I've updated the
sections on --owner, --group, --numeric-ids, and the "use chroot"
setting.  See how you like it.

..wayne..
-------------- next part --------------
--- rsync.yo	23 Jan 2004 08:59:19 -0000	1.142
+++ rsync.yo	23 Jan 2004 09:29:16 -0000	1.143
@@ -512,15 +512,20 @@
 
 dit(bf(-o, --owner)) This option causes rsync to set the owner of the
 destination file to be the same as the source file.  On most systems,
-only the super-user can set file ownership.  Note that if the remote system
-is a daemon using chroot, the --numeric-ids option is implied because the
-remote system cannot get access to the usernames from /etc/passwd.
+only the super-user can set file ownership.  The preservation is done
+primarily by name, but falls back to using the ID number if the ID has
+no name on the sending side or has no match on the receiving side.
+See also the --numeric-ids option and the "use chroot" setting in the
+rsyncd.conf manpage.
 
 dit(bf(-g, --group)) This option causes rsync to set the group of the
 destination file to be the same as the source file.  If the receiving
 program is not running as the super-user, only groups that the
-receiver is a member of will be preserved (by group name, not group ID
-number).
+receiver is a member of will be preserved.  The preservation is done
+primarily by name, but falls back to using the ID number if the ID has
+no name on the sending side or has no match on the receiving side.
+See also the --numeric-ids option and the "use chroot" setting in the
+rsyncd.conf manpage.
 
 dit(bf(-D, --devices)) This option causes rsync to transfer character and
 block device information to the remote system to recreate these
@@ -756,9 +761,10 @@
 0 are never mapped via user/group names even if the --numeric-ids
 option is not specified.
 
-If the source system is a daemon using chroot, or if a user or group
-name does not exist on the destination system, then the numeric ID
-from the source system is used instead.
+If a user or group has no name on the source system or it has no match
+on the destination system, then the numeric ID
+from the source system is used instead.  See also the comments on the
+"use chroot" setting in the rsyncd.conf manpage.
 
 dit(bf(--timeout=TIMEOUT)) This option allows you to set a maximum I/O
 timeout in seconds. If no data is transferred for the specified time

--- rsyncd.conf.yo	1 Jan 2004 19:00:11 -0000	1.58
+++ rsyncd.conf.yo	23 Jan 2004 09:30:45 -0000	1.59
@@ -135,8 +135,10 @@
 the advantage of extra protection against possible implementation security
 holes, but it has the disadvantages of requiring super-user privileges, 
 of not being able to follow symbolic links outside of the new root path
-when reading, and of implying the --numeric-ids option because /etc/passwd
-becomes inaccessible.  When "use chroot" is false, for security reasons
+when reading, and of complicating the preservation of usernames and groups
+(you'll need to supply in-chroot versions of etc/passwd and etc/group if
+you want named-based user/group mapping to be performed).
+When "use chroot" is false, for security reasons,
 symlinks may only be relative paths pointing to other files within the root
 path, and leading slashes are removed from absolute paths.  The default for
 "use chroot" is true.

More information about the rsync mailing list