rsyncd - 全局部分中常用模块参数配置说明

# 本文件的默认位置是/etc/rsyncd.conf
# GLOBAL PARAMETERS
motd file = /var/rsync/welcome.msg
pid file = /var/run/rsyncd.pid
# DEFAULT MODULE PARAMETERS
# use chroot
# If "use chroot" is true, the rsync daemon will chroot to the "path" before starting the file transfer with the client. This has the advantage of extra protection against possible implementation security holes, but it has the disadvantages of requiring super-user privileges, of not being able to follow symbolic links that are either absolute or outside of the new root path, and of complicating the preservation of users and groups by name (see below).
# 当"use chroot"是true时，rsync守护进程将在客户端开始文件传输之前chroot到"path"，这对于可能的执行安全漏洞提供额外的保护。但是 也有需要超级用户权限的缺陷，也不能展开绝对路径或新root路径之外的符号链接，而且保持用户名和组名（参见下面）
use chroot = no
# max connections
# This parameter allows you to specify the maximum number of simultaneous connections you will allow. Any clients connecting when the maximum has been reached will receive a message telling them to try later. The default is 0, which means no limit. A negative value disables the module. See also the "lock file" parameter.
# 该参数允许指定允许最大并发连接，在达到最大时任何客户端链接都将收到一个重试的消息，默认值是0，代表无限连接。负值将禁止该模块，参见"lock file"参数。
max connections = 20
# log file
# When the "log file" parameter is set to a non-empty string, the rsync daemon will log messages to the indicated file rather than using syslog. This is particularly useful on systems (such as AIX) where syslog() doesn't work for chrooted programs. The file is opened before chroot() is called, allowing it to be placed outside the transfer. If this value is set on a per-module basis instead of globally, the global log will still contain any authorization failures or config-file error messages.
# If the daemon fails to open the specified file, it will fall back to using syslog and output an error about the failure. (Note that the failure to open the specified log file used to be a fatal error.)
# 当"log file"参数设置为非空字符串，rsync守护进程将记录消息到该文件而不使用syslog。特别用于在某些系统（例如AIX）在程序chroot后不 能使用syslog()的情况。该文件在调用chroot()前打开，允许放置在转输之外。如果该值不是全局而是基于每模块设置，全局日志中仍将包含任何 认证错误或配置文件错误的消息。
# 当守候进程打开指定文件失败时，它将退回使用syslog并输出关于该失败的错误。（注意打开指定日志文件的失败通常是一个致命错误）
log file = /var/log/rsyncd.log
# lock file
# This parameter specifies the file to use to support the "max connections" parameter. The rsync daemon uses record locking on this file to ensure that the max connections limit is not exceeded for the modules sharing the lock file. The default is /var/run/rsyncd.lock.
# 该参数指示用于支持"max connections"参数的文件。rsync守护进程使用该文件上的模块共享该文件的锁定记录来保证最大连接限制不超限。默认值是/var/run/rsyncd.lock
lock file = /var/run/rsync.lock
# uid
# The "uid" option specifies the user name or user ID that file transfers to and from that module should take place as when the daemon was run as root. In combination with the "gid" option this determines what file permissions are available. The default is uid -2, which is normally the user "nobody".
# "uid"选项指定守护程序以root方式运行时模块应当替换的文件传入和传出的用户名或用户ID，与"gid"选项共同使用来检测文件权限是否有效。默认值是uid -2，也就是通常使用的"nobody"用户。
uid = nobody
# gid
# The "gid" option specifies the group name or group ID that file transfers to and from that module should take place as when the daemon was run as root. This complements the "uid" option. The default is gid -2, which is normally the group "nobody".
# "gid"选项指定守护程序以root方式运行时模块应当替换的文件传入和传出的组名或组ID，配合"uid"选项。默认值是gid -2，也就是通常使用的"nobody"组。
gid = nobody
# MODULE PARAMETERS
[module]
comment = module comment
path = /path/to/module/
read only = yes
list = no
hosts allow = 192.168.1.2

[rsync - 官方网站]

http://rsync.samba.org/

[rsync - 关键词]

rsync
rsyncd

[rsync - 相关问题]

全局部分中常用全局参数配置说明

全局部分中常用模块参数配置说明

模块常用配置说明

客户端常用参数

for Windows (cygwin)

远程shell模式和rsync守护进程模式

22.6. File Synchronization. Building Internet Firewalls, 2nd Edition

Hack 92 Mirroring Web Sites with wget and rsync. Spidering Hacks

Linux Security Cookbook - Recipe 1.16 Integrity Checking with rsync

Linux Security Cookbook - Recipe 1.6 Remote Integrity Checking

Linux Security Cookbook - Recipe 6.3 Copying Files Remotely