[Bug 11013] New: [patch] Mention that privileges are dropped, when "use chroot" is enabled in rsyncd.conf manpage

Kevin Korb kmk at sanitarium.net
Tue Dec 16 19:45:15 MST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Only root can chown.  If rsync isn't running as root then it ignores
the --owner part of --archive.  This also makes --numeric-ids inert.

Simply put, if you aren't running as root then you can only create
files owned by your UID.  Rsync knows this.  Rsync assumes that if you
aren't root you didn't intend the --owner (or --group) part of
- --archive and it ignores those features.

On 12/16/2014 09:41 PM, samba-bugs at samba.org wrote:
> https://bugzilla.samba.org/show_bug.cgi?id=11013
> 
> Bug ID: 11013 Summary: [patch] Mention that privileges are dropped,
> when "use chroot" is enabled in rsyncd.conf manpage Product: rsync 
> Version: 3.1.1 Hardware: All OS: All Status: NEW Severity: trivial 
> Priority: P5 Component: core Assignee: wayned at samba.org Reporter:
> m at mmap.at QA Contact: rsync-qa at samba.org
> 
> Created attachment 10544 -->
> https://bugzilla.samba.org/attachment.cgi?id=10544&action=edit 
> Proposed patch for rsyncd.conf.yo
> 
> The manpage of rsyncd.conf says when "use chroot" is enabled this
> is "as though --numeric-ids had been specified".
> 
> When rsyncing a file from host A to host B using: rsync -av
> sometestfile rsync://some_test_user@hostB/backup/
> 
> the uid and the gid of the source file on host A are not set
> accordingly on host B. Even not if --numeric-ids is specified
> explicitly, on both server and client side.
> 
> Relevant part of the server config:
> 
> use chroot = yes
> 
> [backup] list = yes path = /zdata/backup/ comment = Some comment 
> read only = no auth users = some_test_user secrets file =
> /usr/local/etc/rsync/rsyncd.secrets numeric ids = yes
> 
> I fixed that by adding "uid = root" to rsyncd.conf.
> 
> The manpage does not mention that behavior at all.
> 

- -- 
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
	Kevin Korb			Phone:    (407) 252-6853
	Systems Administrator		Internet:
	FutureQuest, Inc.		Kevin at FutureQuest.net  (work)
	Orlando, Florida		kmk at sanitarium.net (personal)
	Web page:			http://www.sanitarium.net/
	PGP public key available on web site.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlSQ7jsACgkQVKC1jlbQAQdldACfROGAvzkt8+nKufR5SGpjhywj
wMwAn0c20owgq3dsMs9qYe3J0qpQWRok
=1D2O
-----END PGP SIGNATURE-----

More information about the rsync mailing list