summaryrefslogtreecommitdiff
path: root/support/rrsync.1.md
diff options
context:
space:
mode:
authorWayne Davison <wayne@opencoder.net>2022-01-16 08:56:51 -0800
committerWayne Davison <wayne@opencoder.net>2022-01-16 10:47:36 -0800
commitd07272d631733508da58ecdca2f458f4b0736bbf (patch)
treebc4037f027390e7dea8b8f65468dcd4012ef282d /support/rrsync.1.md
parente2a011d9d0c2c484402a29a0d060a5fad4717f81 (diff)
downloadrsync-d07272d631733508da58ecdca2f458f4b0736bbf.tar.gz
More man page and NEWS improvements.
- Add link targets for all option choices, not just the first one. - Tweak cross-link arg format. - Add more links, including some in the latest NEWS. - Split out a few numbered lists.
Diffstat (limited to 'support/rrsync.1.md')
-rw-r--r--support/rrsync.1.md63
1 files changed, 39 insertions, 24 deletions
diff --git a/support/rrsync.1.md b/support/rrsync.1.md
index 9ab09d7a..54980db0 100644
--- a/support/rrsync.1.md
+++ b/support/rrsync.1.md
@@ -8,6 +8,9 @@ rrsync - a script to setup restricted rsync users via ssh logins
rrsync [-ro|-rw] [-munge] [-no-del] [-no-lock] DIR
```
+The single non-option argument specifies the restricted _DIR_ to use. It can be
+relative to the user's home directory or an absolute path.
+
The online version of this man page (that includes cross-linking of topics)
is available at <https://download.samba.org/pub/rsync/rrsync.1>.
@@ -30,7 +33,7 @@ ssh-key line that should be restricted:
Then, ensure that the rrsync script has your desired option restrictions. You
may want to copy the script to a local bin dir with a unique name if you want
to have multiple configurations. One or more rrsync options can be specified
-prior to the `DIR` if you want to further restrict the transfer.
+prior to the _DIR_ if you want to further restrict the transfer.
To use an rsync daemon setup, edit the user's `~/.ssh/authorized_keys` file and
add a prefix like one of the following (followed by a space) in front of each
@@ -43,9 +46,8 @@ ssh-key line that should be restricted:
Then, ensure that the rsyncd.conf file is created with one or more module names
with the appropriate path and option restrictions. If rsync's
-[`--config`](./rsync.1#daemon-opt--config) option is omitted, it defaults to
-`~/rsyncd.conf`. See the `rsyncd.conf` man page for details of how to
-configure an rsync daemon.
+[`--config`](rsync.1#dopt) option is omitted, it defaults to `~/rsyncd.conf`.
+See the `rsyncd.conf` man page for details of how to configure an rsync daemon.
When using rrsync, there can be just one restricted dir per authorized key. A
daemon setup, on the other hand, allows multiple module names inside the config
@@ -53,33 +55,46 @@ file, each one with its own path setting.
The remainder of this man page is dedicated to using the rrsync script.
-## OPTION SUMMARY
+## OPTIONS
-```
--ro Allow only reading from the DIR. Implies -no-del and -no-lock.
--wo Allow only writing to the DIR.
--munge Enable rsync's --munge-links on the server side.
--no-del Disable rsync's --delete* and --remove* options.
--no-lock Avoid the single-run (per-user) lock check.
--help, -h Output this help message and exit.
-```
+0. `-ro`
-A single non-option argument specifies the restricted DIR to use. It can be
-relative to the user's home directory or an absolute path.
+ Allow only reading from the DIR. Implies [`-no-del`](#opt) and
+ [`-no-lock`](#opt).
+
+0. `-wo`
+
+ Allow only writing to the DIR.
+
+0. `-munge`
+
+ Enable rsync's [`--munge-links`](rsync.1#opt) on the server side.
+
+0. `-no-del`
+
+ Disable rsync's `--delete*` and `--remove*` options.
+
+0. `-no-lock`
+
+ Avoid the single-run (per-user) lock check. Useful with [`-munge`](#opt).
+
+0. `-help`, `-h`
+
+ Output this help message and exit.
## SECURITY RESTRICTIONS
The rrsync script validates the path arguments it is sent to try to restrict
them to staying within the specified DIR.
-The rrsync script rejects rsync's [`--copy-links`](./rsync.1#opt--copy-links)
-option (by default) so that a copy cannot dereference a symlink within the DIR
-to get to a file outside the DIR.
+The rrsync script rejects rsync's [`--copy-links`](rsync.1#opt) option (by
+default) so that a copy cannot dereference a symlink within the DIR to get to a
+file outside the DIR.
-The rrsync script rejects rsync's
-[`--protect-args`](./rsync.1#opt--protect-args) (`-s`) option because it would
-allow options to be sent to the server-side that the script cannot check. If
-you want to support `--protect-args`, use a daemon-over-ssh setup.
+The rrsync script rejects rsync's [`--protect-args`](rsync.1#opt) (`-s`) option
+because it would allow options to be sent to the server-side that the script
+cannot check. If you want to support `--protect-args`, use a daemon-over-ssh
+setup.
The rrsync script accepts just a subset of rsync's options that the real rsync
uses when running the server command. A few extra convenience options are also
@@ -104,7 +119,7 @@ The `~/.ssh/authorized_keys` file might have lines in it like this:
## SEE ALSO
-[**rsync**(1)](./rsync.1)
+[**rsync**(1)](rsync.1)
## VERSION
@@ -113,7 +128,7 @@ This man page is current for version @VERSION@ of rsync.
## CREDITS
rsync is distributed under the GNU General Public License. See the file
-[COPYING](./COPYING) for details.
+[COPYING](COPYING) for details.
An rsync web site is available at <https://rsync.samba.org/> and its github
project is <https://github.com/WayneD/rsync>.