| View previous topic :: View next topic |
| Author |
Message |
Auka
Tux's lil' helper
Joined: 01 Jul 2002
Posts: 109
Location: BaWue, Germany, Europe, Earth.
|
 Posted: Fri Aug 30, 2002 5:12 pm Post subject: emerge rsync - other way to do it not using rsync? |
 |
|
Hi all,
First of all I am a big fan of gentoo linux. But I just encountered a problem while trying to do an installation of gentoo on a machine at work: The problem is that I cant rsync outside, so I am already stuck at the installation process as soon as I should do the first "emerge rsync".
To sum it up in one sentence: rsync is a no-go, because it is blocked by the firewall.
This means:
1.) "normal" rsync --> blocked
2.) rsync through RSYNC_PROXY env variable --> blocked as not even our (internal) proxy in the DMZ is allowed rsync.
For both I am getting an HTTP not allowed from the proxy followed by:
rsync error: error in socket IO (code 10) at clientserver.c(<some code line I dont remember>)
and when I'm looking at the proxy logs, I also do see that it is beeing rejected.
What I thought of was
a) downloading the tree on another gentoo machine (at home) and copying the directory on to the machine at work. Which really is only my last hope, if everything else should fail. 
b) maybe some kind of ssh tunnelling...?
The question is: isn't there any other way getting the portage tree without rsync!?
I would say that IMHO just beeing able to use rsync would be quite a limitation for gentoo installations. (While I do admit that probably you are often able to use rsync through (from) the proxy, it is also common that your network setup is security-aware and a tight firewall ruleset is beeing used...) 
Am I right, supposing that, (given regular regular portage tree updates granted) once I have a portage tree, I only need some kind of download manager, as specified in the FETCHCMD variable (wget) to emerge packets? Or is rsync required even for emerging packets?
Anything I missed? Comments, pointers, hints? 
Thanx a lot in advance... |
|
| Back to top |
|
 |
kirill
Apprentice
Joined: 01 Aug 2002
Posts: 183
Location: Finland
|
| Posted: Fri Aug 30, 2002 5:27 pm Post subject: |
|
|
Hi!
If rsync doesn't work for you, no worry! Read the Gentoo FAQ, there are instructions what to do if rsync doesn't work.
After you got the latest portage tree installed, you can emerge gentoolkit and run emerge-webrsync which automatically downloads the latest portage snapshot and installs it.
and no, rsync isn't required for emerging new packages...
life can't be easier 
_________________
--kirill |
|
| Back to top |
|
|
Auka
Tux's lil' helper
Joined: 01 Jul 2002
Posts: 109
Location: BaWue, Germany, Europe, Earth.
|
| Posted: Fri Aug 30, 2002 6:17 pm Post subject: |
|
|
aahh, ok, must have missed that - RTFM
That seems to be exactly what I've been searching for, webrsync also sounds good... 
thanks a lot...! |
|
| Back to top |
|
|
jdn
n00b
Joined: 31 Aug 2002
Posts: 4
Location: Denmark
|
| Posted: Sat Aug 31, 2002 7:18 am Post subject: |
|
|
Hi
Just got my gentoo login 1 min ago :-)
at my work they are running squid as proxy and I had the same problem
http://www.sai.msu.su/~er/rsync_proxy.html
says how to open for rsync through a squid proxy:
Squid configuration for rsync proxy
To allow RSYNC proxy via Squid, edit squid.conf file:
1. add 873 to acl SSL_ports port list
2. add 873 to acl Safe_ports port list
3. if you want proxy without password, add host at which rsync is running to acl allowed_hosts list
An example:
acl SSL_ports port 443 563 873 # 873 - for rsync
acl Safe_ports port 873 # for rsync
acl allowed_hosts src 195.208.220.197/255.255.255.255 # trusted host
regards
Jens / Denmark
_________________
jdn @ Aalborg Denmark |
|
| Back to top |
|
|
Auka
Tux's lil' helper
Joined: 01 Jul 2002
Posts: 109
Location: BaWue, Germany, Europe, Earth.
|
| Posted: Sat Aug 31, 2002 9:44 am Post subject: |
|
|
Hi,
thank you for providing the squid config! While I have already seen, by a dooing google search, that it seems to be possible to reconfigure squid, it is nice to have this sum-up (since the proxy indeed is a squid).
The problem for me is only that our proxy (at least this proxy, which only forwards http to a parent proxy dooing antivir content scanning) is not allowed by the firewall to talk rsync outgoing (only http, https, and ftp). So reconfiguring it alone unfortunately won't help me and I don't want to change firewall rulesets etc. as this could tend to be at bit too bureocratic (raising questions "why" and "what for"...)
So I am probably gooing to download the portage tree through http as stated in the FAQ. Nevertheless good to know, maybe I will try it out.
Well, security - I love it as long as I am admin/root. |
|
| Back to top |
|
|
kirill
Apprentice
Joined: 01 Aug 2002
Posts: 183
Location: Finland
|
| Posted: Sat Aug 31, 2002 10:08 am Post subject: |
|
|
| jdn wrote: | Squid configuration for rsync proxy
To allow RSYNC proxy via Squid, edit squid.conf file:
1. add 873 to acl SSL_ports port list
|
Wow you need to have rsync in SSL_ports too! darn.
I added '873' to Safe_ports a while a go but I still kept getting bad response from proxy - HTTP/1.0 403 Forbidden. but SSL_ports fixes it!
thanks for the info 
_________________
--kirill |
|
| Back to top |
|
|
jconover
Tux's lil' helper
Joined: 31 Jul 2002
Posts: 87
Location: USA
|
| Posted: Tue Sep 03, 2002 8:03 pm Post subject: |
|
|
Thank you kirill!
Recently my work turned off RSYNC traffic and I found your solution>>>>>
you can emerge gentoolkit and run emerge-webrsync which automatically downloads the latest portage snapshot and installs it.
Hope they didn't shut it down because of me and gentoo! 
Thanks again!  |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
