Bug 89451 – rsyncd crashes when used anonymously

Bug 89451 - rsyncd crashes when used anonymously

Summary:	rsyncd crashes when used anonymously

Status:	CLOSED NOTABUG

Aliases:	None

Product:	Red Hat Enterprise Linux 2.1
Classification:	Red Hat
Component:	rsync (Show other bugs)
Sub Component:
Version:	2.1
Hardware:	All Linux

Priority	medium Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Jay Fenlason
QA Contact:	Mike McLean
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2003-04-22 20:13 EDT by Christopher Blizzard
Modified:	2014-08-31 19:24 EDT (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2003-04-30 16:33:58 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Christopher Blizzard 2003-04-22 20:13:31 EDT

Description of problem:

rsyncd crashes when using anonymous access

Version-Release number of selected component (if applicable):

rsync-2.4.6-13

How reproducible:

every time

Steps to Reproduce:
1. set up an anonymous rsync server
2. connect from another server
3. note the crash in the rsync log file
    
Actual results:

2003/04/22 19:40:00 [1134] rsync on mozilla-ftp from komodo.mozilla.org
(207.200.81.212)
2003/04/22 19:40:15 [1134] wrote 626179 bytes  read 15824 bytes  total size
27020616270
2003/04/22 19:40:15 [1134] transfer interrupted (code 11) at main.c(295)


Expected results:

2003/04/22 20:10:01 [1787] rsync on mozilla-ftp from komodo.mozilla.org
(207.200.81.212)
2003/04/22 20:10:41 [1787] wrote 19889520 bytes  read 68852 bytes  total size
27048428154


Additional info:

Upgrading to the rsync in 7.3 fixed the problem.

Comment 1 Hardy Merrill 2003-04-23 10:05:04 EDT

Please provide some additional info:
  * rsync server config - if rsync is running under xinetd, then include
      /etc/xinetd.conf, and /etc/xinetd.d/rsync
  * relevant entries from /var/log/messages on rsync server
  * rsync command used on client to connect to server
  * version of rsync client
  * any other relevant info

Comment 2 Matthew Galgoci 2003-04-25 11:53:11 EDT

Here are the config files you asked for. I do not know what command the
client was using since I do not have access to it. I think it might be a
variant of the following:

rsync -vrlptog --delete stage.mozilla.org::mozilla-ftp /home/ftp/pub

Note that stage is a cname to hemosaur.

/etc/xinetd.d/rsync

# default: off
# description: The rsync server is a good addition to am ftp server, as it \
#       allows crc checksumming etc.
service rsync
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
#       log_on_failure  += USERID
}

/etc/rsyncd.conf

log file = /var/log/rsync
# this is a comment
[mozilla-ftp]
        path=/home/ftp/pub/
        comment=Mozilla FTP

Comment 3 Matthew Galgoci 2003-04-30 15:50:08 EDT

Adding the following to the server rsyncd.conf files makes this error
go away:

log file = /var/log/rsync
# this is a comment
[mozilla-ftp]
        uid=root
        gid=root
        path=/home/ftp/pub/
        comment=Mozilla FTP

So the question is, why aren't these options required for the rsync that is 
shipped with Red Hat Linux 7.3 versus the one shipped in Red Hat Advanced Server
version 2.1?

Comment 4 Hardy Merrill 2003-04-30 16:33:58 EDT

the problem turned out to be permissions on files and directories being
transferred when using anonymous rsync, which uses modules defined on the server
in /etc/rsyncd.conf.

'man rsyncd.conf' on rsync-2.4.6-13 says this for uid:

       uid    The "uid" option specifies the user name or user id
              that  file transfers to and from that module should
              take place as when the daemon was run as  root.  In
              combination  with  the "gid" option this determines
              what file permissions are available. The default is
              the user "nobody".

Note that if the uid is not specified in the module, that the default uid is
"nobody".  The code does a setuid to the uid specified (or default 'nobody') in
the module before it does the transfers.  So if the code does a setuid to
'nobody', then it will fail to open files and directories that don't give user
'nobody'(and group 'nobody') permission to read them.

In this case, rsync is failing with an abnormal termination because of
permissions problems when opening *directories* that don't give read access to
the rsync uid.  *Files* that don't give permissions to that uid cause an error
to be displayed, but do not cause abnormal termination.

rsync-2.5.5-4 which ships with Red Hat Linux 9 does not abnormally
terminate when encountering directories that don't give read permissions
to the rsync uid - permissions error messages are displayed for each
file and directory that couldn't be read, but those errors do not cause
rsync to abnormally terminate.

The solution for 'daemon' users of rsync-2.4.6-13, and 'daemon' users
of all subsequent rsync versions, is to specify in each /etc/rsyncd.conf
module, as directed by the rsyncd.conf manpage, "the user name or user
id that file transfers to and from that module should take place as
when the daemon was run as root".  Like the manpage says, add 'uid=some_user'
and 'gid=some_group' to each module.

Note You need to log in before you can comment on or make changes to this bug.