Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
RSync defunct: invalid user nobody
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Dragonlord
Guru
Guru


Joined: 22 Aug 2004
Posts: 346
Location: Switzerland

PostPosted: Sat Jul 11, 2009 4:24 pm    Post subject: RSync defunct: invalid user nobody Reply with quote

Suddenly this week my Gentoo Portage Server stopped working. Whenever I try to sync using a client I get the following:
Quote:
# emerge --sync
>>> Starting rsync with rsync://192.168.1.10:880/portage...
>>> Checking server timestamp ...
@ERROR: invalid uid nobody
rsync error: error starting client-server protocol (code 5) at main.c(1504) [receiver=3.0.5]
>>> Retrying...

And so forth. The rsyncd.conf contains still the same as it did before:
Quote:
pid file = /var/run/rsyncd.pid
max connections = 5
use chroot = yes
uid = nobody
gid = nobody
hosts allow = 192.168.1.0/24
hosts deny = *

I also tried "-2" but nothing works. Nobody does exist and is as it should be
Quote:
uid=65534(nobody) gid=65534(nobody) Gruppen=65534(nobody)

What's going on? Why can rsync "suddenly" no more work with UID? Some code changes or something else going on? Since I can't sync anymore my clients right now and this is annoying.

Concerning infos:
net-misc/rsync-3.0.5 USE="iconv -acl -ipv6 -static -xattr -xinetd"
Linux server 2.6.20-hardened-r5 #6 SMP Thu Aug 2 16:24:16 CEST 2007 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ AuthenticAMD GNU/Linux
_________________
Leader and Head Programmer: Epsylon, Drag[en]gine and others
Back to top
View user's profile Send private message
linear
Apprentice
Apprentice


Joined: 12 Aug 2004
Posts: 207

PostPosted: Thu Jul 16, 2009 10:18 pm    Post subject: Reply with quote

Okay,

I see that you have "use chroot = yes", and from the 'man rsyncd.conf' documentation:
Code:
              When "use chroot" is false or the inside-chroot path is not "/",
              rsync will: (1) munge symlinks by default for  security  reasons
              (see  "munge  symlinks"  for a way to turn this off, but only if
              you trust your users), (2) substitute leading slashes  in  abso-
              lute  paths  with  the  module's  path  (so that options such as
              --backup-dir, --compare-dest, etc. interpret an absolute path as
              rooted  in the module's "path" dir), and (3) trim ".." path ele-
              ments from args if rsync believes they would escape  the  module
              hierarchy.   The  default  for  "use chroot" is true, and is the
              safer choice (especially if the module is not read-only).

              When this parameter is enabled, rsync will not  attempt  to  map
              users  and  groups by name (by default), but instead copy IDs as
              though --numeric-ids had been specified.   In  order  to  enable
              name-mapping, rsync needs to be able to use the standard library
              functions for looking up names and IDs (i.e.  getpwuid() ,  get-
              grgid()  , getpwname() , and getgrnam() ).  This means the rsync
              process in the chroot hierarchy will need to have access to  the
              resources   used   by  these  library  functions  (traditionally
              /etc/passwd  and  /etc/group,  but  perhaps  additional  dynamic
              libraries as well).


So, if I read this correctly, if you do not have an /etc/passwd and an /etc/group within the chroot module's filesystem, it will not be able to figure out who nobody:nobody is. Also, I wonder if the order of the configurations within the rsyncd.conf is significant... I noticed in the example within the man page that they put the "uid = nobody' and 'gid = nobody' before the 'use chroot = yes'.
Code:
       A more sophisticated example would be:


       uid = nobody
       gid = nobody
       use chroot = yes
       max connections = 4
       syslog facility = local5
       pid file = /var/run/rsyncd.pid

       [ftp]
               path = /var/ftp/./pub
               comment = whole ftp area (approx 6.1 GB)

       [sambaftp]
               path = /var/ftp/./pub/samba
               comment = Samba ftp area (approx 300 MB)

       [rsyncftp]
               path = /var/ftp/./pub/rsync
               comment = rsync ftp area (approx 6 MB)
        <snip>


Not sure if that is pertinent to this issue, but it would be something to check.

HTH.
Back to top
View user's profile Send private message
Dragonlord
Guru
Guru


Joined: 22 Aug 2004
Posts: 346
Location: Switzerland

PostPosted: Fri Jul 17, 2009 7:51 pm    Post subject: Reply with quote

It seems to work with directly using the UID of nobody. Strange thing though since nobody has / as home so it should have access to everything it needs to figure out the UID from the username.
_________________
Leader and Head Programmer: Epsylon, Drag[en]gine and others
Back to top
View user's profile Send private message
linear
Apprentice
Apprentice


Joined: 12 Aug 2004
Posts: 207

PostPosted: Sat Jul 18, 2009 12:13 am    Post subject: Reply with quote

Yes... and there is the rub.

Nobody can have a home of '/', but where is your chroot starting? Is '/' the root of the overall chroot filesystem? Or are you chrooting to another location like /usr/portage or /pub/portage or something like that?

If I understand it correctly, what the manual was saying is; If you are setting up a chroot and the root of the rsync chroot is *not* '/', then you will have issues mapping names to UIDs, *unless* you have something set up within the chroot to help with the mapping. By default, it will look for /etc/passwd and /etc/group to help with the mapping and may need some other dynamic libraries as well.

HTH.
Back to top
View user's profile Send private message
curmudgeon
Veteran
Veteran


Joined: 08 Aug 2003
Posts: 1340

PostPosted: Sun May 06, 2012 9:02 am    Post subject: Reply with quote

I am having this problem now:

Code:

# SYNC=rsync://server/gentoo-portage/ emerge --sync
>>> Starting rsync with rsync://192.168.0.1/gentoo-portage/...
>>> Checking server timestamp ...
@ERROR: invalid uid nobody
rsync error: error starting client-server protocol (code 5) at main.c(1516) [Receiver=3.0.9]
>>> Retrying...
!!! Exhausted addresses for server


This clearly began after the upgrade (on the server side) of glibc from 2.13-r4 to 2.14.1-r3.

The client has no problem syncing with rsync.gentoo.org.

Any thoughts?
Back to top
View user's profile Send private message
curmudgeon
Veteran
Veteran


Joined: 08 Aug 2003
Posts: 1340

PostPosted: Sun May 06, 2012 9:10 am    Post subject: Reply with quote

Rebuilding rsync solves the problem. That should be noted somewhere.
Back to top
View user's profile Send private message
gbetous
l33t
l33t


Joined: 15 Jan 2004
Posts: 679
Location: Toulouse

PostPosted: Mon May 07, 2012 3:49 pm    Post subject: Reply with quote

Hi !

Thanks for the tip !!!

I rebuild both on client and server side, and restarted rsyncd on server. Then it works fine.
_________________
Core2Quad Q6600
ASUS P5B-V (i965 video intégrée)
~amd64 / KDE
Back to top
View user's profile Send private message
curmudgeon
Veteran
Veteran


Joined: 08 Aug 2003
Posts: 1340

PostPosted: Sun May 20, 2012 4:16 am    Post subject: Reply with quote

Seems the developers know about it (but it won't get fixed until glibc 2.15.

https://bugs.gentoo.org/show_bug.cgi?id=414843
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum