netgroups patch for rsync 2.6.0
jw at pegasys.ws
Sat Jan 31 21:47:47 GMT 2004
On Sat, Jan 31, 2004 at 11:39:11PM +1100, Travis Freeland wrote:
> I figured some others might benefit from this patch. It allows you to use
> the samba style @netgroup names in hosts allow and hosts deny.
> I've tested it on solaris and linux with no apparent problems..
> I'll get rid of the static string in a couple of days when I have to worry
> about trying to get this into prod .. but with any luck someone else may have
> done that for me.. :)
Very nice idea and good of you to produce a patch. With
improvements this would have a good chance of inclusion.
This would have to be conditional on an #ifdef from
autoconf regarding the existance of netgroups.
The code could be tightened a bit. To start with, the sscanf
is unnecessary. I've not done any netgroup programming and
lack manpages but it seems that iterating over getnetgrent()
is the wrong approach, especially since netgroup uses
recursive data, and something like a single call to
innetgr() would be more appropriate.
It seems to me that if we are to add netgroups it should
also apply to "auth users" as well. And given the
selectivity of netgroups the user authorization should
permit the by-host restrictions.
J.W. Schultz Pegasystems Technologies
email address: jw at pegasys.ws
Remember Cernan and Schmitt
More information about the rsync