Fix from upstream for #200821.

Package-Manager: portage-2.1.4_rc4
author: Mike Frysinger <vapier@gentoo.org> 2007-12-01 17:56:25 +0000
committer: Mike Frysinger <vapier@gentoo.org> 2007-12-01 17:56:25 +0000
commit: d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a (patch)
tree: 48d05192b02445b0afcd737e46f766ed1bd66e9d /net-misc
parent: Add 20071201. (diff)
download: historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.tar.gz
historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.tar.bz2
historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.zip
5 files changed, 455 insertions, 5 deletions
diff --git a/net-misc/rsync/ChangeLog b/net-misc/rsync/ChangeLog
index 439cbc5ccd11..c71ee03c8a1e 100644
--- a/net-misc/rsync/ChangeLog
+++ b/net-misc/rsync/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-misc/rsync
 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/ChangeLog,v 1.132 2007/09/28 13:08:11 uberlord Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/ChangeLog,v 1.133 2007/12/01 17:56:24 vapier Exp $
+
+*rsync-2.6.9-r5 (01 Dec 2007)
+
+  01 Dec 2007; Mike Frysinger <vapier@gentoo.org>
+  +files/rsync-2.6.9-munge-symlinks.patch, +rsync-2.6.9-r5.ebuild:
+  Fix from upstream for #200821.
 
 *rsync-2.6.9-r4 (28 Sep 2007)
 
diff --git a/net-misc/rsync/Manifest b/net-misc/rsync/Manifest
index 86a2a8115843..1d0796dac095 100644
--- a/net-misc/rsync/Manifest
+++ b/net-misc/rsync/Manifest
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
 AUX rsync-2.6.9-delete-acls-xattr.patch 1162 RMD160 f145ea48908cce70f6f364b3ed27d969373befd1 SHA1 dae03baed7062bf7486655ef2988a2d21b3eb5a7 SHA256 a9eefe91908c3e7d842e40f69fdf658edb3250cb9458649d22bc4337398a9783
 MD5 10e516dab4d1712204129674d4f01820 files/rsync-2.6.9-delete-acls-xattr.patch 1162
 RMD160 f145ea48908cce70f6f364b3ed27d969373befd1 files/rsync-2.6.9-delete-acls-xattr.patch 1162
@@ -6,6 +9,10 @@ AUX rsync-2.6.9-fname-obo.patch 1372 RMD160 c6d320a82509969a2303a80f7cdbd7cc70dc
 MD5 46fcea1ac64c9e075d0338f8e35b1af6 files/rsync-2.6.9-fname-obo.patch 1372
 RMD160 c6d320a82509969a2303a80f7cdbd7cc70dce7a3 files/rsync-2.6.9-fname-obo.patch 1372
 SHA256 d64eee5c3421eece02f57f351107bf69f7fdc0a71a4104144a1974de89b7c804 files/rsync-2.6.9-fname-obo.patch 1372
+AUX rsync-2.6.9-munge-symlinks.patch 14879 RMD160 662480f3b9a278d44695a54fadc2d601294f2244 SHA1 165fad0b7a24ec673661ee487dc2b18328ef7d68 SHA256 07d52672fcbb6f312e3cb90c1ba6c76270c03275b3ca717895b0cf07419273fd
+MD5 ea5ea1ce333e14e72ee5976f3d2d8943 files/rsync-2.6.9-munge-symlinks.patch 14879
+RMD160 662480f3b9a278d44695a54fadc2d601294f2244 files/rsync-2.6.9-munge-symlinks.patch 14879
+SHA256 07d52672fcbb6f312e3cb90c1ba6c76270c03275b3ca717895b0cf07419273fd files/rsync-2.6.9-munge-symlinks.patch 14879
 AUX rsync-2.6.9-pid-early.patch 1195 RMD160 74b3a872b90d0d4cdf5f55407ec4c7880c3fedea SHA1 216193c120e0b0eea38b0d046bcc503ed848338d SHA256 0f02f4d18dc69d6e058187f4496d93345eace414eb5bb074b1ec4524a0068c71
 MD5 d15f0180337c8fdccd0d946eee951e73 files/rsync-2.6.9-pid-early.patch 1195
 RMD160 74b3a872b90d0d4cdf5f55407ec4c7880c3fedea files/rsync-2.6.9-pid-early.patch 1195
@@ -47,10 +54,14 @@ EBUILD rsync-2.6.9-r4.ebuild 2259 RMD160 8c868b6eb95eca30f76303c9e36bb97faf92a56
 MD5 cdb988e66fa2f4094fd24f545d7868f7 rsync-2.6.9-r4.ebuild 2259
 RMD160 8c868b6eb95eca30f76303c9e36bb97faf92a56a rsync-2.6.9-r4.ebuild 2259
 SHA256 f65ea81420a8384b00fcff35fbecd966d08137ec49b0d05b95b6becc6cee8def rsync-2.6.9-r4.ebuild 2259
-MISC ChangeLog 16978 RMD160 cdad52b1a8139abcd24ebe55c6b3391a0e6b8e7e SHA1 87035ccc4b378fd6948f705ce93a1c8e4568ec96 SHA256 2ae3a589ce5e4408cc564e20842b1a82785f53a26709cec9da405a1eb02efb12
-MD5 0102af380c532a5a485d4a114c7e0069 ChangeLog 16978
-RMD160 cdad52b1a8139abcd24ebe55c6b3391a0e6b8e7e ChangeLog 16978
-SHA256 2ae3a589ce5e4408cc564e20842b1a82785f53a26709cec9da405a1eb02efb12 ChangeLog 16978
+EBUILD rsync-2.6.9-r5.ebuild 2257 RMD160 d3914c9e05484390f95b615ea128e7bba2dedfca SHA1 d8cf6e765be7e0d1733d7145e0139277ed33b668 SHA256 473cc17a71bb9c22c48fbe2036407c2c7c333752676321cf44531624e4d98d52
+MD5 a9ff1f6d5e678a3b0a997fbc64e33732 rsync-2.6.9-r5.ebuild 2257
+RMD160 d3914c9e05484390f95b615ea128e7bba2dedfca rsync-2.6.9-r5.ebuild 2257
+SHA256 473cc17a71bb9c22c48fbe2036407c2c7c333752676321cf44531624e4d98d52 rsync-2.6.9-r5.ebuild 2257
+MISC ChangeLog 17158 RMD160 83b40beb78e6da9a198f615c18d148eb12074f68 SHA1 7d827d2692cdb54cfd5829137e185552759f856c SHA256 50a5b456f890460a3f54b877f70a10ec0f0901b9f9ebc2a85004b5b7d119611a
+MD5 b6e68a6f1a6011be17e99bc220fabc6e ChangeLog 17158
+RMD160 83b40beb78e6da9a198f615c18d148eb12074f68 ChangeLog 17158
+SHA256 50a5b456f890460a3f54b877f70a10ec0f0901b9f9ebc2a85004b5b7d119611a ChangeLog 17158
 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92
 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164
 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164
@@ -67,3 +78,13 @@ SHA256 3b24d2cc4f4676a8760a13ad08252df7317ca597118a290a51f624d099b00044 files/di
 MD5 b7c43d63ebd1fc4f11b181745ce98f96 files/digest-rsync-2.6.9-r4 235
 RMD160 38e28736f704de5bceb9edf25034693e0192118d files/digest-rsync-2.6.9-r4 235
 SHA256 3b24d2cc4f4676a8760a13ad08252df7317ca597118a290a51f624d099b00044 files/digest-rsync-2.6.9-r4 235
+MD5 b7c43d63ebd1fc4f11b181745ce98f96 files/digest-rsync-2.6.9-r5 235
+RMD160 38e28736f704de5bceb9edf25034693e0192118d files/digest-rsync-2.6.9-r5 235
+SHA256 3b24d2cc4f4676a8760a13ad08252df7317ca597118a290a51f624d099b00044 files/digest-rsync-2.6.9-r5 235
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.7 (GNU/Linux)
+
+iD8DBQFHUaBPp/wUKkr7RBoRAlI+AKCHzufgWRTSSChEjB0OL+o0ASkCkACePT+l
+f3QJDNZAlO4sqt+Vbl6XByw=
+=Tg1t
+-----END PGP SIGNATURE-----
diff --git a/net-misc/rsync/files/digest-rsync-2.6.9-r5 b/net-misc/rsync/files/digest-rsync-2.6.9-r5
new file mode 100644
index 000000000000..fca949e58851
--- /dev/null
+++ b/net-misc/rsync/files/digest-rsync-2.6.9-r5
@@ -0,0 +1,3 @@
+MD5 996d8d8831dbca17910094e56dcb5942 rsync-2.6.9.tar.gz 811841
+RMD160 36d270d9f01e9a8e808f426196796001bdd3d5d2 rsync-2.6.9.tar.gz 811841
+SHA256 ca437301becd890e73300bc69a39189ff1564baa761948ff149b3dd7bde633f9 rsync-2.6.9.tar.gz 811841
diff --git a/net-misc/rsync/files/rsync-2.6.9-munge-symlinks.patch b/net-misc/rsync/files/rsync-2.6.9-munge-symlinks.patch
new file mode 100644
index 000000000000..efe1e16be029
--- /dev/null
+++ b/net-misc/rsync/files/rsync-2.6.9-munge-symlinks.patch
@@ -0,0 +1,344 @@
+http://rsync.samba.org/ftp/rsync/munge-symlinks-2.6.9.diff
+
+http://bugs.gentoo.org/200821
+
+--- rsync-2.6.9/clientserver.c	2006-10-23 17:36:42.000000000 -0700
++++ ./clientserver.c	2007-11-26 21:32:53.000000000 -0800
+@@ -55,6 +55,7 @@ extern struct filter_list_struct server_
+ char *auth_user;
+ int read_only = 0;
+ int module_id = -1;
++int munge_symlinks = 0;
+ struct chmod_mode_struct *daemon_chmod_modes;
+ 
+ /* Length of lp_path() string when in daemon mode & not chrooted, else 0. */
+@@ -524,6 +525,18 @@ static int rsync_module(int f_in, int f_
+ 		sanitize_paths = 1;
+ 	}
+ 
++	if ((munge_symlinks = lp_munge_symlinks(i)) < 0)
++		munge_symlinks = !use_chroot;
++	if (munge_symlinks) {
++		STRUCT_STAT st;
++		if (stat(SYMLINK_PREFIX, &st) == 0 && S_ISDIR(st.st_mode)) {
++			rprintf(FLOG, "Symlink munging is unsupported when a %s directory exists.\n",
++				SYMLINK_PREFIX);
++			io_printf(f_out, "@ERROR: daemon security issue -- contact admin\n", name);
++			exit_cleanup(RERR_UNSUPPORTED);
++		}
++	}
++
+ 	if (am_root) {
+ 		/* XXXX: You could argue that if the daemon is started
+ 		 * by a non-root user and they explicitly specify a
+--- rsync-2.6.9/flist.c	2006-10-13 18:17:36.000000000 -0700
++++ ./flist.c	2007-11-27 12:56:25.000000000 -0800
+@@ -53,6 +53,7 @@ extern int copy_links;
+ extern int copy_unsafe_links;
+ extern int protocol_version;
+ extern int sanitize_paths;
++extern int munge_symlinks;
+ extern struct stats stats;
+ extern struct file_list *the_file_list;
+ 
+@@ -174,6 +175,11 @@ static int readlink_stat(const char *pat
+ 			}
+ 			return do_stat(path, stp);
+ 		}
++		if (munge_symlinks && am_sender && llen > SYMLINK_PREFIX_LEN
++		 && strncmp(linkbuf, SYMLINK_PREFIX, SYMLINK_PREFIX_LEN) == 0) {
++			memmove(linkbuf, linkbuf + SYMLINK_PREFIX_LEN,
++				llen - SYMLINK_PREFIX_LEN + 1);
++		}
+ 	}
+ 	return 0;
+ #else
+@@ -591,6 +597,8 @@ static struct file_struct *receive_file_
+ 				linkname_len - 1);
+ 			overflow_exit("receive_file_entry");
+ 		}
++		if (munge_symlinks)
++			linkname_len += SYMLINK_PREFIX_LEN;
+ 	}
+ 	else
+ #endif
+@@ -658,10 +666,17 @@ static struct file_struct *receive_file_
+ #ifdef SUPPORT_LINKS
+ 	if (linkname_len) {
+ 		file->u.link = bp;
++		if (munge_symlinks) {
++			strlcpy(bp, SYMLINK_PREFIX, linkname_len);
++			bp += SYMLINK_PREFIX_LEN;
++			linkname_len -= SYMLINK_PREFIX_LEN;
++		}
+ 		read_sbuf(f, bp, linkname_len - 1);
+-		if (sanitize_paths)
++		if (sanitize_paths && !munge_symlinks) {
+ 			sanitize_path(bp, bp, "", lastdir_depth, NULL);
+-		bp += linkname_len;
++			bp += strlen(bp) + 1;
++		} else
++			bp += linkname_len;
+ 	}
+ #endif
+ 
+--- rsync-2.6.9/loadparm.c	2006-10-12 23:49:44.000000000 -0700
++++ ./loadparm.c	2007-11-26 11:46:46.000000000 -0800
+@@ -153,6 +153,7 @@ typedef struct
+ 	BOOL ignore_errors;
+ 	BOOL ignore_nonreadable;
+ 	BOOL list;
++	BOOL munge_symlinks;
+ 	BOOL read_only;
+ 	BOOL strict_modes;
+ 	BOOL transfer_logging;
+@@ -200,6 +201,7 @@ static service sDefault =
+  /* ignore_errors; */		False,
+  /* ignore_nonreadable; */	False,
+  /* list; */			True,
++ /* munge_symlinks; */		(BOOL)-1,
+  /* read_only; */		True,
+  /* strict_modes; */		True,
+  /* transfer_logging; */	False,
+@@ -313,6 +315,7 @@ static struct parm_struct parm_table[] =
+  {"log format",        P_STRING, P_LOCAL, &sDefault.log_format,        NULL,0},
+  {"max connections",   P_INTEGER,P_LOCAL, &sDefault.max_connections,   NULL,0},
+  {"max verbosity",     P_INTEGER,P_LOCAL, &sDefault.max_verbosity,     NULL,0},
++ {"munge symlinks",    P_BOOL,   P_LOCAL, &sDefault.munge_symlinks,    NULL,0},
+  {"name",              P_STRING, P_LOCAL, &sDefault.name,              NULL,0},
+  {"outgoing chmod",    P_STRING, P_LOCAL, &sDefault.outgoing_chmod,    NULL,0},
+  {"path",              P_PATH,   P_LOCAL, &sDefault.path,              NULL,0},
+@@ -415,6 +418,7 @@ FN_LOCAL_INTEGER(lp_timeout, timeout)
+ FN_LOCAL_BOOL(lp_ignore_errors, ignore_errors)
+ FN_LOCAL_BOOL(lp_ignore_nonreadable, ignore_nonreadable)
+ FN_LOCAL_BOOL(lp_list, list)
++FN_LOCAL_BOOL(lp_munge_symlinks, munge_symlinks)
+ FN_LOCAL_BOOL(lp_read_only, read_only)
+ FN_LOCAL_BOOL(lp_strict_modes, strict_modes)
+ FN_LOCAL_BOOL(lp_transfer_logging, transfer_logging)
+--- rsync-2.6.9/proto.h	2006-11-06 20:39:47.000000000 -0800
++++ ./proto.h	2007-11-27 13:15:23.000000000 -0800
+@@ -176,6 +176,7 @@ int lp_timeout(int );
+ BOOL lp_ignore_errors(int );
+ BOOL lp_ignore_nonreadable(int );
+ BOOL lp_list(int );
++BOOL lp_munge_symlinks(int );
+ BOOL lp_read_only(int );
+ BOOL lp_strict_modes(int );
+ BOOL lp_transfer_logging(int );
+--- rsync-2.6.9/rsync.h	2006-10-23 20:31:30.000000000 -0700
++++ ./rsync.h	2007-11-26 21:34:11.000000000 -0800
+@@ -33,6 +33,9 @@
+ #define DEFAULT_LOCK_FILE "/var/run/rsyncd.lock"
+ #define URL_PREFIX "rsync://"
+ 
++#define SYMLINK_PREFIX "/rsyncd-munged/"
++#define SYMLINK_PREFIX_LEN ((int)sizeof SYMLINK_PREFIX - 1)
++
+ #define BACKUP_SUFFIX "~"
+ 
+ /* a non-zero CHAR_OFFSET makes the rolling sum stronger, but is
+--- rsync-2.6.9/rsyncd.conf.5	2006-11-06 20:39:52.000000000 -0800
++++ ./rsyncd.conf.5	2007-11-27 13:15:23.000000000 -0800
+@@ -145,12 +145,15 @@ the advantage of extra protection agains
+ holes, but it has the disadvantages of requiring super-user privileges,
+ of not being able to follow symbolic links that are either absolute or outside
+ of the new root path, and of complicating the preservation of usernames and groups
+-(see below)\&.  When "use chroot" is false, for security reasons,
+-symlinks may only be relative paths pointing to other files within the root
+-path, and leading slashes are removed from most absolute paths (options
+-such as \fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc\&. interpret an absolute path as
+-rooted in the module\&'s "path" dir, just as if chroot was specified)\&.
+-The default for "use chroot" is true\&.
++(see below)\&.  When "use chroot" is false, rsync will: (1) munge symlinks by
++default for security reasons (see "munge symlinks" for a way to turn this
++off, but only if you trust your users), (2) substitute leading slashes in
++absolute paths with the module\&'s path (so that options such as
++\fB\-\-backup\-dir\fP, \fB\-\-compare\-dest\fP, etc\&. interpret an absolute path as
++rooted in the module\&'s "path" dir), and (3) trim "\&.\&." path elements from
++args if rsync believes they would escape the chroot\&.
++The default for "use chroot" is true, and is the safer choice (especially
++if the module is not read-only)\&.
+ .IP 
+ In order to preserve usernames and groupnames, rsync needs to be able to
+ use the standard library functions for looking up names and IDs (i\&.e\&.
+@@ -181,6 +184,41 @@ access to some of the excluded files ins
+ do this automatically, but you might as well specify both to be extra
+ sure)\&.
+ .IP 
++.IP "\fBmunge symlinks\fP"
++The "munge symlinks" option tells rsync to modify
++all incoming symlinks in a way that makes them unusable but recoverable
++(see below)\&.  This should help protect your files from user trickery when
++your daemon module is writable\&.  The default is disabled when "use chroot"
++is on and enabled when "use chroot" is off\&.
++.IP 
++If you disable this option on a daemon that is not read-only, there
++are tricks that a user can play with uploaded symlinks to access
++daemon-excluded items (if your module has any), and, if "use chroot"
++is off, rsync can even be tricked into showing or changing data that
++is outside the module\&'s path (as access-permissions allow)\&.
++.IP 
++The way rsync disables the use of symlinks is to prefix each one with
++the string "/rsyncd-munged/"\&.  This prevents the links from being used
++as long as that directory does not exist\&.  When this option is enabled,
++rsync will refuse to run if that path is a directory or a symlink to
++a directory\&.  When using the "munge symlinks" option in a chroot area,
++you should add this path to the exclude setting for the module so that
++the user can\&'t try to create it\&.
++.IP 
++Note:  rsync makes no attempt to verify that any pre-existing symlinks in
++the hierarchy are as safe as you want them to be\&.  If you setup an rsync
++daemon on a new area or locally add symlinks, you can manually protect your
++symlinks from being abused by prefixing "/rsyncd-munged/" to the start of
++every symlink\&'s value\&.  There is a perl script in the support directory
++of the source code named "munge-symlinks" that can be used to add or remove
++this prefix from your symlinks\&.
++.IP 
++When this option is disabled on a writable module and "use chroot" is off,
++incoming symlinks will be modified to drop a leading slash and to remove "\&.\&."
++path elements that rsync believes will allow a symlink to escape the module\&'s
++hierarchy\&.  There are tricky ways to work around this, though, so you had
++better trust your users if you choose this combination of options\&.
++.IP 
+ .IP "\fBmax connections\fP"
+ The "max connections" option allows you to
+ specify the maximum number of simultaneous connections you will allow\&.
+--- rsync-2.6.9/rsyncd.conf.yo	2006-11-06 20:39:47.000000000 -0800
++++ ./rsyncd.conf.yo	2007-11-27 13:14:07.000000000 -0800
+@@ -129,12 +129,15 @@ the advantage of extra protection agains
+ holes, but it has the disadvantages of requiring super-user privileges,
+ of not being able to follow symbolic links that are either absolute or outside
+ of the new root path, and of complicating the preservation of usernames and groups
+-(see below).  When "use chroot" is false, for security reasons,
+-symlinks may only be relative paths pointing to other files within the root
+-path, and leading slashes are removed from most absolute paths (options
+-such as bf(--backup-dir), bf(--compare-dest), etc. interpret an absolute path as
+-rooted in the module's "path" dir, just as if chroot was specified).
+-The default for "use chroot" is true.
++(see below).  When "use chroot" is false, rsync will: (1) munge symlinks by
++default for security reasons (see "munge symlinks" for a way to turn this
++off, but only if you trust your users), (2) substitute leading slashes in
++absolute paths with the module's path (so that options such as
++bf(--backup-dir), bf(--compare-dest), etc. interpret an absolute path as
++rooted in the module's "path" dir), and (3) trim ".." path elements from
++args if rsync believes they would escape the chroot.
++The default for "use chroot" is true, and is the safer choice (especially
++if the module is not read-only).
+ 
+ In order to preserve usernames and groupnames, rsync needs to be able to
+ use the standard library functions for looking up names and IDs (i.e.
+@@ -158,6 +161,40 @@ access to some of the excluded files ins
+ do this automatically, but you might as well specify both to be extra
+ sure).
+ 
++dit(bf(munge symlinks))  The "munge symlinks" option tells rsync to modify
++all incoming symlinks in a way that makes them unusable but recoverable
++(see below).  This should help protect your files from user trickery when
++your daemon module is writable.  The default is disabled when "use chroot"
++is on and enabled when "use chroot" is off.
++
++If you disable this option on a daemon that is not read-only, there
++are tricks that a user can play with uploaded symlinks to access
++daemon-excluded items (if your module has any), and, if "use chroot"
++is off, rsync can even be tricked into showing or changing data that
++is outside the module's path (as access-permissions allow).
++
++The way rsync disables the use of symlinks is to prefix each one with
++the string "/rsyncd-munged/".  This prevents the links from being used
++as long as that directory does not exist.  When this option is enabled,
++rsync will refuse to run if that path is a directory or a symlink to
++a directory.  When using the "munge symlinks" option in a chroot area,
++you should add this path to the exclude setting for the module so that
++the user can't try to create it.
++
++Note:  rsync makes no attempt to verify that any pre-existing symlinks in
++the hierarchy are as safe as you want them to be.  If you setup an rsync
++daemon on a new area or locally add symlinks, you can manually protect your
++symlinks from being abused by prefixing "/rsyncd-munged/" to the start of
++every symlink's value.  There is a perl script in the support directory
++of the source code named "munge-symlinks" that can be used to add or remove
++this prefix from your symlinks.
++
++When this option is disabled on a writable module and "use chroot" is off,
++incoming symlinks will be modified to drop a leading slash and to remove ".."
++path elements that rsync believes will allow a symlink to escape the module's
++hierarchy.  There are tricky ways to work around this, though, so you had
++better trust your users if you choose this combination of options.
++
+ dit(bf(max connections)) The "max connections" option allows you to
+ specify the maximum number of simultaneous connections you will allow.
+ Any clients connecting when the maximum has been reached will receive a
+--- rsync-2.6.9/support/munge-symlinks	1969-12-31 16:00:00.000000000 -0800
++++ ./support/munge-symlinks	2007-11-26 22:04:26.000000000 -0800
+@@ -0,0 +1,60 @@
++#!/usr/bin/perl
++# This script will either prefix all symlink values with the string
++# "/rsyncd-munged/" or remove that prefix.
++
++use strict;
++use Getopt::Long;
++
++my $SYMLINK_PREFIX = '/rsyncd-munged/';
++
++my $munge_opt;
++
++&GetOptions(
++    'munge' => sub { $munge_opt = 1 },
++    'unmunge' => sub { $munge_opt = 0 },
++    'all' => \( my $all_opt ),
++    'help|h' => \( my $help_opt ),
++) or &usage;
++
++&usage if $help_opt || !defined $munge_opt;
++
++my $munged_re = $all_opt ? qr/^($SYMLINK_PREFIX)+(?=.)/ : qr/^$SYMLINK_PREFIX(?=.)/;
++
++push(@ARGV, '.') unless @ARGV;
++
++open(PIPE, '-|', 'find', @ARGV, '-type', 'l') or die $!;
++
++while (<PIPE>) {
++    chomp;
++    my $lnk = readlink($_) or next;
++    if ($munge_opt) {
++	next if !$all_opt && $lnk =~ /$munged_re/;
++	$lnk =~ s/^/$SYMLINK_PREFIX/;
++    } else {
++	next unless $lnk =~ s/$munged_re//;
++    }
++    if (!unlink($_)) {
++	warn "Unable to unlink symlink: $_ ($!)\n";
++    } elsif (!symlink($lnk, $_)) {
++	warn "Unable to recreate symlink: $_ -> $lnk ($!)\n";
++    } else {
++	print "$_ -> $lnk\n";
++    }
++}
++
++close PIPE;
++exit;
++
++sub usage
++{
++    die <<EOT;
++Usage: munge-symlinks --munge|--unmunge [--all] [DIR|SYMLINK...]
++
++--munge      Add the $SYMLINK_PREFIX prefix to symlinks if not already
++             present, or always when combined with --all.
++--unmunge    Remove one $SYMLINK_PREFIX prefix from symlinks or all
++             such prefixes with --all.
++
++See the "munge symlinks" option in the rsyncd.conf manpage for more details.
++EOT
++}
+--- rsync-2.6.9/testsuite/rsync.fns	2006-05-30 11:26:17.000000000 -0700
++++ ./testsuite/rsync.fns	2007-11-26 11:49:35.000000000 -0800
+@@ -231,6 +231,7 @@ build_rsyncd_conf() {
+ 
+ pid file = $pidfile
+ use chroot = no
++munge symlinks = no
+ hosts allow = localhost 127.0.0.1 $hostname
+ log file = $logfile
+ log format = %i %h [%a] %m (%u) %l %f%L
diff --git a/net-misc/rsync/rsync-2.6.9-r5.ebuild b/net-misc/rsync/rsync-2.6.9-r5.ebuild
new file mode 100644
index 000000000000..c135f3336a0c
--- /dev/null
+++ b/net-misc/rsync/rsync-2.6.9-r5.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/rsync/rsync-2.6.9-r5.ebuild,v 1.1 2007/12/01 17:56:24 vapier Exp $
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="File transfer program to keep remote files into sync"
+HOMEPAGE="http://rsync.samba.org/"
+SRC_URI="http://rsync.samba.org/ftp/rsync/${P/_/}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd"
+IUSE="acl ipv6 static xinetd"
+
+DEPEND=">=dev-libs/popt-1.5
+	acl? ( kernel_linux? ( sys-apps/acl ) )
+	xinetd? ( sys-apps/xinetd )"
+
+S=${WORKDIR}/${P/_/}
+
+src_unpack() {
+	unpack ${P/_/}.tar.gz
+	cd "${S}"
+	if use acl ; then
+		epatch patches/{acls,xattrs}.diff
+		epatch "${FILESDIR}"/${P}-delete-acls-xattr.patch
+		./prepare-source || die
+	fi
+	epatch "${FILESDIR}"/${P}-stats-fix.patch #165121
+	epatch "${FILESDIR}"/${P}-fname-obo.patch #189132
+	epatch "${FILESDIR}"/${P}-pid-early.patch #192075
+}
+
+src_compile() {
+	[[ $(gcc-version) == "2.95" ]] && append-ldflags -lpthread
+	use static && append-ldflags -static
+
+	econf \
+		--without-included-popt \
+		$(use_enable acl acl-support) \
+		$(use_enable acl xattr-support) \
+		$(use_enable ipv6) \
+		--with-rsyncd-conf=/etc/rsyncd.conf \
+		|| die
+	emake || die "emake failed"
+}
+
+pkg_preinst() {
+	if [[ -e ${ROOT}/etc/rsync/rsyncd.conf ]] && [[ ! -e ${ROOT}/etc/rsyncd.conf ]] ; then
+		mv "${ROOT}"/etc/rsync/rsyncd.conf "${ROOT}"/etc/rsyncd.conf
+		rm -f "${ROOT}"/etc/rsync/.keep
+		rmdir "${ROOT}"/etc/rsync >& /dev/null
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+	newconfd "${FILESDIR}"/rsyncd.conf.d rsyncd
+	newinitd "${FILESDIR}"/rsyncd.init.d rsyncd
+	dodoc NEWS OLDNEWS README TODO tech_report.tex
+	insinto /etc
+	doins "${FILESDIR}"/rsyncd.conf
+	if use xinetd ; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}"/rsyncd.xinetd rsyncd
+	fi
+}
+
+pkg_postinst() {
+	ewarn "The rsyncd.conf file has been moved for you to /etc/rsyncd.conf"
+	echo
+	ewarn "Please make sure you do NOT disable the rsync server running"
+	ewarn "in a chroot.  Please check /etc/rsyncd.conf and make sure"
+	ewarn "it says: use chroot = yes"
+}
author	Mike Frysinger <vapier@gentoo.org>	2007-12-01 17:56:25 +0000
committer	Mike Frysinger <vapier@gentoo.org>	2007-12-01 17:56:25 +0000
commit	d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a (patch)
tree	48d05192b02445b0afcd737e46f766ed1bd66e9d /net-misc
parent	Add 20071201. (diff)
download	historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.tar.gz historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.tar.bz2 historical-d9db0d3a5dbf01241f7c1533b6aaf4fef6cf107a.zip