openrsync and rrsync - strange error on symlinks

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

openrsync and rrsync - strange error on symlinks

Jiri B-3
Hi,

I use rrsync[1] wrapper in SSH key via `command=` option to restrict
mode and path of called rsync program.

I discovered some strange difference related to symlinks between rsync
and openrsync when called via rrsync wrapper.
openrsync errors with:

/usr/src/usr.bin/rsync/symlinks.c:48: error:
./pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md:
readlink: No such file or directory

even symlink is OK, see below.

Any idea what's going on?

Jiri

[1] https://www.samba.org/ftp/unpacked/rsync/support/rrsync

# sysctl kern.version
kern.version=OpenBSD 6.5-beta (GENERIC.MP) #192: Fri Aug  9 23:41:57 MDT 2019
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

GOAL
====

I'm trying to synchronize following test tree from remote OpenBSD
machine to a Linux client.

# uname -s ; find /data/share/testovic/ -ls
OpenBSD
15353856    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:26
/data/share/testovic/
15353857    0 -rw-r--r--    1 root     wheel           0 Aug 15 23:10
/data/share/testovic/test1
15353858    0 lrwxr-xr-x    1 root     wheel          12 Aug 15 23:10
/data/share/testovic/test2 -> /nonexistent
15353859    0 lrwxr-xr-x    1 root     wheel           5 Aug 15 23:20
/data/share/testovic/test3 -> test1
15353860    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
/data/share/testovic/pub
15353861    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
/data/share/testovic/pub/www
15353862    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info
15353863    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes
15353864    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal
15353865    8 drwxr-xr-x    2 root     wheel         512 Aug 15 23:26
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes
15353866    8 -rw-r--r--    1 root     wheel         865 Aug 15 23:26
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/post.md
15353867    0 lrwxr-xr-x    1 root     wheel           7 Aug 15 23:26
/data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md
-> post.md

1 - /usr/local/bin/rsync via rrsync wrapper
=========================

rrsync should restrict to reads only and only from /data/share/testovic path

from="192.168.1.7",command="${HOME}/bin/rrsync -ro
/data/share/testovic/",restrict ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIHd0j7FwSIF+b4QylSQHRoUyPR+9YQJrqj5jPngUmReC

from client, reading from remote machine:

# rsync -vva gw-share: ./
opening connection using: ssh gw-share rsync --server --sender
-vvlogDtpre.iLsfxC . .  (8 args)
receiving incremental file list
delta-transmission enabled
./
test1
test2 -> /nonexistent
test3 -> test1
pub/
pub/www/
pub/www/xxxxxxxxxxxxxxxxxx.info/
pub/www/xxxxxxxxxxxxxxxxxx.info/themes/
pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/
pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/
pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/post.md
pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md -> post.md
total: matches=0  hash_hits=0  false_alarms=0 data=865

sent 106 bytes  received 1,402 bytes  3,016.00 bytes/sec
total size is 889  speedup is 0.59

2 - openrsync via rrsync wrapper
====================

# grep openrsync ${HOME}/bin/rrsync
use constant RSYNC => '/usr/bin/openrsync';

from="192.168.1.7",command="${HOME}/bin/rrsync -ro
/data/share/testovic/",restrict ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIHd0j7FwSIF+b4QylSQHRoUyPR+9YQJrqj5jPngUmReC

# rsync -vva gw-share: ./
opening connection using: ssh gw-share rsync --server --sender
-vvlogDtpre.iLsfxC . .  (8 args)
receiving file list ... /usr/src/usr.bin/rsync/server.c:99: server
detected client version 31, server version 27, seed 334847798
/usr/src/usr.bin/rsync/server.c:102: server starting sender
/usr/src/usr.bin/rsync/symlinks.c:48: error:
./pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md:
readlink: No such file or directory
/usr/src/usr.bin/rsync/flist.c:985: error: symlink_read
/usr/src/usr.bin/rsync/flist.c:1032: error: flist_gen_dirent
/usr/src/usr.bin/rsync/sender.c:391: error: flist_gen
/usr/src/usr.bin/rsync/server.c:124: error: rsync_sender

rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
rsync error: error in rsync protocol data stream (code 12) at
io.c(226) [Receiver=3.1.3]

Reply | Threaded
Open this post in threaded view
|

Re: openrsync and rrsync - strange error on symlinks

Theo de Raadt-2
I believe the unveil() code in rsync is completely wrong and should
be deleted.

Jiri B <[hidden email]> wrote:

> Hi,
>
> I use rrsync[1] wrapper in SSH key via `command=` option to restrict
> mode and path of called rsync program.
>
> I discovered some strange difference related to symlinks between rsync
> and openrsync when called via rrsync wrapper.
> openrsync errors with:
>
> /usr/src/usr.bin/rsync/symlinks.c:48: error:
> ./pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md:
> readlink: No such file or directory
>
> even symlink is OK, see below.
>
> Any idea what's going on?
>
> Jiri
>
> [1] https://www.samba.org/ftp/unpacked/rsync/support/rrsync
>
> # sysctl kern.version
> kern.version=OpenBSD 6.5-beta (GENERIC.MP) #192: Fri Aug  9 23:41:57 MDT 2019
>     [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> GOAL
> ====
>
> I'm trying to synchronize following test tree from remote OpenBSD
> machine to a Linux client.
>
> # uname -s ; find /data/share/testovic/ -ls
> OpenBSD
> 15353856    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:26
> /data/share/testovic/
> 15353857    0 -rw-r--r--    1 root     wheel           0 Aug 15 23:10
> /data/share/testovic/test1
> 15353858    0 lrwxr-xr-x    1 root     wheel          12 Aug 15 23:10
> /data/share/testovic/test2 -> /nonexistent
> 15353859    0 lrwxr-xr-x    1 root     wheel           5 Aug 15 23:20
> /data/share/testovic/test3 -> test1
> 15353860    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
> /data/share/testovic/pub
> 15353861    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
> /data/share/testovic/pub/www
> 15353862    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info
> 15353863    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes
> 15353864    8 drwxr-xr-x    3 root     wheel         512 Aug 15 23:25
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal
> 15353865    8 drwxr-xr-x    2 root     wheel         512 Aug 15 23:26
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes
> 15353866    8 -rw-r--r--    1 root     wheel         865 Aug 15 23:26
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/post.md
> 15353867    0 lrwxr-xr-x    1 root     wheel           7 Aug 15 23:26
> /data/share/testovic/pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md
> -> post.md
>
> 1 - /usr/local/bin/rsync via rrsync wrapper
> =========================
>
> rrsync should restrict to reads only and only from /data/share/testovic path
>
> from="192.168.1.7",command="${HOME}/bin/rrsync -ro
> /data/share/testovic/",restrict ssh-ed25519
> AAAAC3NzaC1lZDI1NTE5AAAAIHd0j7FwSIF+b4QylSQHRoUyPR+9YQJrqj5jPngUmReC
>
> from client, reading from remote machine:
>
> # rsync -vva gw-share: ./
> opening connection using: ssh gw-share rsync --server --sender
> -vvlogDtpre.iLsfxC . .  (8 args)
> receiving incremental file list
> delta-transmission enabled
> ./
> test1
> test2 -> /nonexistent
> test3 -> test1
> pub/
> pub/www/
> pub/www/xxxxxxxxxxxxxxxxxx.info/
> pub/www/xxxxxxxxxxxxxxxxxx.info/themes/
> pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/
> pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/
> pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/post.md
> pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md -> post.md
> total: matches=0  hash_hits=0  false_alarms=0 data=865
>
> sent 106 bytes  received 1,402 bytes  3,016.00 bytes/sec
> total size is 889  speedup is 0.59
>
> 2 - openrsync via rrsync wrapper
> ====================
>
> # grep openrsync ${HOME}/bin/rrsync
> use constant RSYNC => '/usr/bin/openrsync';
>
> from="192.168.1.7",command="${HOME}/bin/rrsync -ro
> /data/share/testovic/",restrict ssh-ed25519
> AAAAC3NzaC1lZDI1NTE5AAAAIHd0j7FwSIF+b4QylSQHRoUyPR+9YQJrqj5jPngUmReC
>
> # rsync -vva gw-share: ./
> opening connection using: ssh gw-share rsync --server --sender
> -vvlogDtpre.iLsfxC . .  (8 args)
> receiving file list ... /usr/src/usr.bin/rsync/server.c:99: server
> detected client version 31, server version 27, seed 334847798
> /usr/src/usr.bin/rsync/server.c:102: server starting sender
> /usr/src/usr.bin/rsync/symlinks.c:48: error:
> ./pub/www/xxxxxxxxxxxxxxxxxx.info/themes/minimal/archetypes/test.md:
> readlink: No such file or directory
> /usr/src/usr.bin/rsync/flist.c:985: error: symlink_read
> /usr/src/usr.bin/rsync/flist.c:1032: error: flist_gen_dirent
> /usr/src/usr.bin/rsync/sender.c:391: error: flist_gen
> /usr/src/usr.bin/rsync/server.c:124: error: rsync_sender
>
> rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
> rsync error: error in rsync protocol data stream (code 12) at
> io.c(226) [Receiver=3.1.3]
>