The Samba-Bugzilla – Attachment 10544 Details for
Bug 11013
[patch] Mention that privileges are dropped, when "use chroot" is enabled in rsyncd.conf manpage
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch for rsyncd.conf.yo
0001-Improved-chroot-section-of-the-rsyncd.conf-manpage.patch (text/plain), 1.15 KB, created by
Manuel Wiesinger
on 2014-12-17 02:41:13 UTC
(
hide
)
Description:
Proposed patch for rsyncd.conf.yo
Filename:
MIME Type:
Creator:
Manuel Wiesinger
Created:
2014-12-17 02:41:13 UTC
Size:
1.15 KB
patch
obsolete
>From 7998f0bd495f5cc42a730fd60af3b08528064f5d Mon Sep 17 00:00:00 2001 >From: Manuel Wiesinger <m@mmap.at> >Date: Wed, 17 Dec 2014 02:59:05 +0100 >Subject: [PATCH] Improved chroot section of the rsyncd.conf-manpage > >Added a note that privileges are dropped, when "use chroot" is enabled >and "uid" is not set to a privileged user. >--- > rsyncd.conf.yo | 4 ++++ > 1 file changed, 4 insertions(+) > >diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo >index 9f9f6ac..fa89373 100644 >--- a/rsyncd.conf.yo >+++ b/rsyncd.conf.yo >@@ -203,6 +203,10 @@ process in the chroot hierarchy will need to have access to the resources > used by these library functions (traditionally /etc/passwd and > /etc/group, but perhaps additional dynamic libraries as well). > >+Note that the daemon will by default drop privileges to nobody, if running >+as privileged user and uid is not set. And thus is not able to change >+ownership or extended attributes of received files. >+ > If you copy the necessary resources into the module's chroot area, you > should protect them through your OS's normal user/group or ACL settings (to > prevent the rsync module's user from being able to change them), and then >-- >1.7.10.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 11013
: 10544