| View previous topic :: View next topic |
| Author |
Message |
Dragonlord
Guru
Joined: 22 Aug 2004
Posts: 344
Location: Switzerland
|
 Posted: Sat Jul 11, 2009 4:24 pm Post subject: RSync defunct: invalid user nobody |
 |
|
Suddenly this week my Gentoo Portage Server stopped working. Whenever I try to sync using a client I get the following:
| Quote: | # emerge --sync
>>> Starting rsync with rsync://192.168.1.10:880/portage...
>>> Checking server timestamp ...
@ERROR: invalid uid nobody
rsync error: error starting client-server protocol (code 5) at main.c(1504) [receiver=3.0.5]
>>> Retrying... |
And so forth. The rsyncd.conf contains still the same as it did before:
| Quote: | pid file = /var/run/rsyncd.pid
max connections = 5
use chroot = yes
uid = nobody
gid = nobody
hosts allow = 192.168.1.0/24
hosts deny = * |
I also tried "-2" but nothing works. Nobody does exist and is as it should be
| Quote: | | uid=65534(nobody) gid=65534(nobody) Gruppen=65534(nobody) |
What's going on? Why can rsync "suddenly" no more work with UID? Some code changes or something else going on? Since I can't sync anymore my clients right now and this is annoying.
Concerning infos:
net-misc/rsync-3.0.5 USE="iconv -acl -ipv6 -static -xattr -xinetd"
Linux server 2.6.20-hardened-r5 #6 SMP Thu Aug 2 16:24:16 CEST 2007 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ AuthenticAMD GNU/Linux
_________________
Leader and Head Programmer: Epsylon, Drag[en]gine and others |
|
| Back to top |
|
 |
linear
Apprentice
Joined: 12 Aug 2004
Posts: 207
|
| Posted: Thu Jul 16, 2009 10:18 pm Post subject: |
|
|
Okay,
I see that you have "use chroot = yes", and from the 'man rsyncd.conf' documentation:
| Code: | When "use chroot" is false or the inside-chroot path is not "/",
rsync will: (1) munge symlinks by default for security reasons
(see "munge symlinks" for a way to turn this off, but only if
you trust your users), (2) substitute leading slashes in abso-
lute paths with the module's path (so that options such as
--backup-dir, --compare-dest, etc. interpret an absolute path as
rooted in the module's "path" dir), and (3) trim ".." path ele-
ments from args if rsync believes they would escape the module
hierarchy. The default for "use chroot" is true, and is the
safer choice (especially if the module is not read-only).
When this parameter is enabled, rsync will not attempt to map
users and groups by name (by default), but instead copy IDs as
though --numeric-ids had been specified. In order to enable
name-mapping, rsync needs to be able to use the standard library
functions for looking up names and IDs (i.e. getpwuid() , get-
grgid() , getpwname() , and getgrnam() ). This means the rsync
process in the chroot hierarchy will need to have access to the
resources used by these library functions (traditionally
/etc/passwd and /etc/group, but perhaps additional dynamic
libraries as well). |
So, if I read this correctly, if you do not have an /etc/passwd and an /etc/group within the chroot module's filesystem, it will not be able to figure out who nobody:nobody is. Also, I wonder if the order of the configurations within the rsyncd.conf is significant... I noticed in the example within the man page that they put the "uid = nobody' and 'gid = nobody' before the 'use chroot = yes'.
| Code: | A more sophisticated example would be:
uid = nobody
gid = nobody
use chroot = yes
max connections = 4
syslog facility = local5
pid file = /var/run/rsyncd.pid
[ftp]
path = /var/ftp/./pub
comment = whole ftp area (approx 6.1 GB)
[sambaftp]
path = /var/ftp/./pub/samba
comment = Samba ftp area (approx 300 MB)
[rsyncftp]
path = /var/ftp/./pub/rsync
comment = rsync ftp area (approx 6 MB)
<snip> |
Not sure if that is pertinent to this issue, but it would be something to check.
HTH. |
|
| Back to top |
|
|
Dragonlord
Guru
Joined: 22 Aug 2004
Posts: 344
Location: Switzerland
|
| Posted: Fri Jul 17, 2009 7:51 pm Post subject: |
|
|
It seems to work with directly using the UID of nobody. Strange thing though since nobody has / as home so it should have access to everything it needs to figure out the UID from the username.
_________________
Leader and Head Programmer: Epsylon, Drag[en]gine and others |
|
| Back to top |
|
|
linear
Apprentice
Joined: 12 Aug 2004
Posts: 207
|
| Posted: Sat Jul 18, 2009 12:13 am Post subject: |
|
|
Yes... and there is the rub.
Nobody can have a home of '/', but where is your chroot starting? Is '/' the root of the overall chroot filesystem? Or are you chrooting to another location like /usr/portage or /pub/portage or something like that?
If I understand it correctly, what the manual was saying is; If you are setting up a chroot and the root of the rsync chroot is *not* '/', then you will have issues mapping names to UIDs, *unless* you have something set up within the chroot to help with the mapping. By default, it will look for /etc/passwd and /etc/group to help with the mapping and may need some other dynamic libraries as well.
HTH. |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1254
|
| Posted: Sun May 06, 2012 9:02 am Post subject: |
|
|
I am having this problem now:
| Code: |
# SYNC=rsync://server/gentoo-portage/ emerge --sync
>>> Starting rsync with rsync://192.168.0.1/gentoo-portage/...
>>> Checking server timestamp ...
@ERROR: invalid uid nobody
rsync error: error starting client-server protocol (code 5) at main.c(1516) [Receiver=3.0.9]
>>> Retrying...
!!! Exhausted addresses for server
|
This clearly began after the upgrade (on the server side) of glibc from 2.13-r4 to 2.14.1-r3.
The client has no problem syncing with rsync.gentoo.org.
Any thoughts? |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1254
|
| Posted: Sun May 06, 2012 9:10 am Post subject: |
|
|
| Rebuilding rsync solves the problem. That should be noted somewhere. |
|
| Back to top |
|
|
gbetous
l33t
Joined: 15 Jan 2004
Posts: 677
Location: Toulouse
|
| Posted: Mon May 07, 2012 3:49 pm Post subject: |
|
|
Hi !
Thanks for the tip !!!
I rebuild both on client and server side, and restarted rsyncd on server. Then it works fine.
_________________
Core2Quad Q6600
ASUS P5B-V (i965 video intégrée)
~amd64 / KDE
|
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1254
|
|
| Back to top |
|
|
|
Networking & Security
