On Sun, Feb 9, 2020 at 2:06 PM Nick Cleaton via rsync <rsync@lists.samba.org> wrote:
> This adds support for whitelisting the acceptable options in the "refuse > options" setting in rsyncd.conf. It introduces "!" as a special option > string that refuses most options and interprets any following strings as > patterns of options to allow. > > For example, to allow only verbose and archive: > > refuse options = ! verbose archive > I had been thinking about doing something like this recently, so I appreciate the patch. I like your idea of (temporarily) using the descrip value to keep track of what gets refused, which I also used in my implementation. I went with a slightly different idiom of adding negated match terms instead of using "!" to toggle into a different mode that affects all the following match terms. The current git now has support for things like the following: refuse options = * !a !v refuse options = delete-* !delete-during c To make things easier, some vital options (such as "server" & "dry-run" & "no-iconv") are not matched by wild-card terms, so the above refusing of "*" leaves those options alone while still allowing someone who really, really wants to disable --dry-run the ability to do so by specifying "dry-run" (a non-wild match) in their refuse list. The new rsyncd.conf manpage lists the options that are not matched by wild-cards. ..wayne..
-- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
