[DominikHoffmann]

On an Xserve I am running rsync in daemon mode. I incorporated it into the xinetd infrastructure. My rsync file in /etc/xinetd.d/ looks like this

Code:
#
# rsync Service for doing incremental synchronizations
#
# For details check
# 
# man rsync
# man rsyncd.conf
# http://rsync.samba.org/
# man xinetd
# man xinetd.conf
#

service rsync
{
        disable         = no
        log_on_failure  += USERID
        socket_type     = stream
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        wait            = no
        only_from       = 10.55.200.0
}

# This "only_from = 10.55.200.0" Covers this network.
# Enter the IP or range of which machine can access this sever.

Obviously, the rsync service is set to run as root. Yet, when I try to sync a source directory to the rsync daemon host as a target, I get these errors in the rsyncd log file:

Code:
2005/06/03 17:10:00 [20785] rsync to RDC2/ from rdc2.cddl.tgen.org (10.55.200.24)
2005/06/03 17:10:00 [20785] Client is very old version of rsync, upgrade recommended.
2005/06/03 17:10:01 [20785] recv_generator: mkdir "/dominik" (in RDC2) failed: Permission denied
2005/06/03 17:10:01 [20785] stat "/dominik" (in RDC2) failed: No such file or directory
2005/06/03 17:10:01 [20785] recv_generator: mkdir "/dominik" (in RDC2) failed: Permission denied
2005/06/03 17:10:01 [20785] stat "/dominik" (in RDC2) failed: No such file or directory
2005/06/03 17:10:01 [20786] wrote 28 bytes  read 137 bytes  total size 0

I don't understand how any daemon running as root could get a "Permission denied" error for creating a directory.

By the way, the line "Client is very old version of rsync, upgrade recommended." is because the client is rsync under Cygwin on a Windows machine.

Any ideas?

Dominik

[Deicide]

what does your rsyncd.conf file look like? You need to define a path, users, etc. for rsync to use.

[DominikHoffmann]

My rsyncd.conf file looks like this:

Code:
#
# Configuration file for rsync server
#
# For more information see
#
# man rsync
# man rsyncd.conf
#

# Use chroot with rsync
use chroot = yes 
max connections = 20 

# log and pid file options 
pid file = /var/run/rsyncd.pid  
log file = /var/log/rsync.log 
syslog facility = local5 

# Clients we want to allow to connect to our rsync server 
hosts allow = xx.xx.xx.0/23
hosts deny = * 

[RDC2]  
path = /Volumes/RAID/Shared/Test/
comment = Test connection with RDC2 
strict modes = true 
read only = false

[INCell]

[EnVision]

Originally Posted by Deicide

what does your rsyncd.conf file look like? You need to define a path, users, etc. for rsync to use.

This comment led me to do a

Code:
man rsyncd.conf

and to search for the term "uid". This is what it came up with:

Code:
       uid    The  "uid"  option  specifies the user name or user ID that file
              transfers to and from that module should take place as when  the
              daemon  was  run  as  root. In combination with the "gid" option
              this determines what file permissions are available. The default
              is uid -2, which is normally the user "nobody".

       gid    The  "gid" option specifies the group name or group ID that file
              transfers to and from that module should take place as when  the
              daemon  was  run as root. This complements the "uid" option. The
              default is gid -2, which is normally the group "nobody".

In other words, the daemon runs as root, whereas individual copy operations are processes that are spawned with a user ID uid or "nobody", if uid is not specified in rsyncd.conf. This would explain my situation, as "nobody" has no privileges in the parth specified in the module [RDC2].

Dominik

[DominikHoffmann]

So, does anybody with an rsync daemon use

Code:
uid = root
gid = wheel

?

The more I study this, I come to the conclusion there are three levels of user IDs and corresponding passwords here. Can anyone confirm this?

1. The user ID as which the daemon runs. This is set by the entry

Code:
user            = root

in /etc/xinetd.conf/rsync.

2. The user ID the rsync daemon uses to run any particular rsync operation is set by the uid and gid in /etc/rsyncd.conf.

3. The user ID used by the client to authenticate with the rsync daemon while using a specific module from /etc/rsyncd.conf. This user ID can be specified with the "auth user" directive for each module in /etc/rsyncd.conf. The password, which the client has to match, is kept in a "secrets" file as specified using the "secrets file" directive, also in /etc/rsyncd.conf.

Dominik Hoffmann

[DominikHoffmann]

My rsyncd.conf file now looks like this:

Code:
#
# Configuration file for rsync server
#
# For more information see
#
# man rsync
# man rsyncd.conf
#

# User & Group for rsync to run as  
#uid = root
#gid = wheel

# Use chroot with rsync
use chroot = yes 
max connections = 20 

# log and pid file options 
pid file = /var/run/rsyncd.pid  
log file = /var/log/rsync.log 
syslog facility = local5 

# Clients we want to allow to connect to our rsync server 
hosts allow = xx.xx.xx.0/23 
hosts deny = * 

[RDC2]  
path = /Volumes/RAID/Shared/Test/
comment = Test connection with RDC2 
strict modes = true 
read only = false
auth users = rdc2
secrets file = /etc/rsyncd.secrets

[INCell]
auth users = incell

[EnVision]
auth users = envision

The client command that connects to this rsync server is

Code:
rsync -av --delete ./TestFolder/ rdc2@xserve::RDC2

The log file at /var/log/rsync.log on the host xserve lists as the first few lines of the operation

Code:
2005/06/15 16:17:02 [11034] rsync: name lookup failed for xx.xx.xx.157: nodename nor servname provided, or not known
2005/06/15 16:17:06 [11034] rsync to RDC2 from rdc2@unknown (xx.xx.xx.157)
2005/06/15 16:17:06 [11034] failed to set permissions on "/." (in RDC2): Operation not permitted

I believe the first two lines are merely warnings. But what about the third line?

Dominik Hoffmann

[Deicide]

here is what my rsync server rsync.conf file looks like


secrets file = /etc/rsyncd.secrets
read only = no
list = yes
uid = root
gid = wheel
log file= /rsyncd.log
[backup1]
auth users = backup
path = /Volumes/stripeset1/rsync

[backup2]
auth users = backup
path = /Volumes/stripeset2/rsync


------------------------------------------

I'm not using Tigers rsync but the one that comes with rsyncX. Here is what one of my clinet scrips looks like

--------------------

Echo "=========== backup set 1 =============" >> /rsync/rsync.log;date >> /rsync/rsync.log;/rsync/rsync --rsync-path=/usr/local/bin/rsync -az --eahfs --showtogo --delete --exclude=Library/Font* --exclude=Library/Favorites --exclude=Library/Print* --exclude=Library/Icons/ --exclude=Library/Indexes/ --exclude=Library/iMovie/ --exclude=Library/iTunes/ --exclude=Library/Safari/Icons/ --exclude=*Cache* --exclude=.Trash/ --exclude=*cache* --exclude=Movies/ --exclude=Pictures/ --exclude=Music/ --exclude=*.mp3 --exclude=*.m4p --exclude=*.m4a --password-file="/etc/backup_rsyncd.pass" "/users/user/" "backup@servername::backup1//Name" >> /rsync/rsync.log

----------------------------

I use this system to sync over 100 home directories. If you want I can break down the client script above and explain what everything does.

[DominikHoffmann]

Debugging is hard!

When I remove the comment characters ("#") from the uid and gid lines, I get a working rsync file transfer.

I hope this mini blog can help other fellow forum readers.

Dominik Hoffmann