If we would add an option to do that functionality, I would vote for one that was more general which could mask off any set of permission bits and possibly add any set of bits. Perhaps a chmod-like syntax if it could be implemented simply.
- Dave On Tue, Mar 12, 2002 at 10:28:43PM +1100, Scott Howard wrote: > > The attached patch adds an option --drop-suid which caused rsync to drop > setuid/setgid permissions from the destination files. > > ie, even if the source file is setuid, the target file will not be. > > Added as we want to rsync the same files to machines both inside and outside > our firewalls. For machines inside the firewall some files should be suid, > for machines outside the firewalls they should not be. This option allows > us to maintain one source tree and set if the target will be suid or not > using this option. > > Patch also available at http://www.docbert.org/outgoing/rsync-dropsuid.patch > > Scott. > > diff -r --unified rsync-2.5.4pre1-orig/flist.c rsync-2.5.4pre1/flist.c > --- rsync-2.5.4pre1-orig/flist.c Thu Feb 14 05:30:27 2002 > +++ rsync-2.5.4pre1/flist.c Tue Mar 12 21:57:27 2002 > @@ -36,7 +36,9 @@ > extern int verbose; > extern int do_progress; > extern int am_server; > +extern int am_sender; > extern int always_checksum; > +extern int drop_suid; > > extern int cvs_exclude; > > @@ -714,6 +716,10 @@ > #ifdef HAVE_STRUCT_STAT_ST_RDEV > file->rdev = st.st_rdev; > #endif > + > + if (am_sender && drop_suid && S_ISREG(st.st_mode)) { > + file->mode &= ~(S_ISUID | S_ISGID); > + } > > #if SUPPORT_LINKS > if (S_ISLNK(st.st_mode)) { > diff -r --unified rsync-2.5.4pre1-orig/options.c rsync-2.5.4pre1/options.c > --- rsync-2.5.4pre1-orig/options.c Thu Feb 28 09:49:57 2002 > +++ rsync-2.5.4pre1/options.c Tue Mar 12 22:01:45 2002 > @@ -31,6 +31,7 @@ > int preserve_uid = 0; > int preserve_gid = 0; > int preserve_times = 0; > +int drop_suid = 0; > int update_only = 0; > int cvs_exclude = 0; > int dry_run=0; > @@ -199,6 +200,7 @@ > rprintf(F," -g, --group preserve group\n"); > rprintf(F," -D, --devices preserve devices (root only)\n"); > rprintf(F," -t, --times preserve times\n"); > + rprintf(F," --drop-suid remove setuid/setgid permissions from >destination\n"); > rprintf(F," -S, --sparse handle sparse files efficiently\n"); > rprintf(F," -n, --dry-run show what would have been transferred\n"); > rprintf(F," -W, --whole-file copy whole files, no incremental >checks\n"); > @@ -304,6 +306,7 @@ > {"perms", 'p', POPT_ARG_NONE, &preserve_perms}, > {"owner", 'o', POPT_ARG_NONE, &preserve_uid}, > {"group", 'g', POPT_ARG_NONE, &preserve_gid}, > + {"drop-suid", 0, POPT_ARG_NONE, &drop_suid}, > {"devices", 'D', POPT_ARG_NONE, &preserve_devices}, > {"times", 't', POPT_ARG_NONE, &preserve_times}, > {"checksum", 'c', POPT_ARG_NONE, &always_checksum}, > diff -r --unified rsync-2.5.4pre1-orig/rsync.yo rsync-2.5.4pre1/rsync.yo > --- rsync-2.5.4pre1-orig/rsync.yo Thu Feb 7 08:20:49 2002 > +++ rsync-2.5.4pre1/rsync.yo Tue Mar 12 22:08:42 2002 > @@ -236,6 +236,7 @@ > -g, --group preserve group > -D, --devices preserve devices (root only) > -t, --times preserve times > + --drop-suid remove setuid/setgid permissions from destination > -S, --sparse handle sparse files efficiently > -n, --dry-run show what would have been transferred > -W, --whole-file copy whole files, no incremental checks > @@ -440,6 +441,9 @@ > cause the next transfer to behave as if it used -I, and all files will have > their checksums compared and show up in log messages even if they haven't > changed. > + > +dit(bf(--drop-suid)) This option tells rsync to remove setuid and setgid > +permissions from files on the destination. > > dit(bf(-n, --dry-run)) This tells rsync to not do any file transfers, > instead it will just report the actions it would have taken. -- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html
