FreeBSD Bugzilla – Attachment 214377 Details for
Bug 246371
net/rsync does not transfer net/samba file ACLs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
jail console listings with different chflags and securelevel settings
rsync_samba_acls.txt (text/plain), 5.18 KB, created by
James B. Byrne
on 2020-05-11 14:12:23 UTC
(
hide
)
Description:
jail console listings with different chflags and securelevel settings
Filename:
MIME Type:
Creator:
James B. Byrne
Created:
2020-05-11 14:12:23 UTC
Size:
5.18 KB
patch
obsolete
> > ># iocage upgrade samba-03 -r 12.1-RELEASE >Jail: samba-03 is already at version 12.1-RELEASE! > >[root@vhost04 ~ (master)]# iocage set allow_chflags="YES" samba-03 >[root@vhost04 ~ (master)]# iocage set securelevel="-1" samba-03 > >[root@vhost04 ~ (master)]# iocage get all samba-03 >CONFIG_VERSION:27 >allow_chflags:1 >allow_mlock:0 >allow_mount:0 >allow_mount_devfs:0 >allow_mount_fusefs:0 >allow_mount_nullfs:0 >allow_mount_procfs:0 >allow_mount_tmpfs:1 >allow_mount_zfs:0 >allow_quotas:0 >allow_raw_sockets:1 >allow_set_hostname:1 >allow_socket_af:0 >allow_sysvipc:0 >allow_tun:0 >allow_vmm:0 >assign_localhost:1 >available:readonly >basejail:0 >boot:0 >bpf:0 >children_max:0 >cloned_release:12.0-RELEASE-p12 >comment:none >compression:lz4 >compressratio:readonly >coredumpsize:off >count:1 >cpuset:off >cputime:off >datasize:off >dedup:off >defaultrouter:auto >defaultrouter6:auto >depends:none >devfs_ruleset:1003 >dhcp:0 >enforce_statfs:1 >exec_clean:1 >exec_created:/usr/bin/true >exec_fib:0 >exec_jail_user:root >exec_poststart:/usr/bin/true >exec_poststop:/usr/bin/true >exec_prestart:/usr/bin/true >exec_prestop:/usr/bin/true >exec_start:/bin/sh /etc/rc >exec_stop:/bin/sh /etc/rc.shutdown >exec_system_jail_user:0 >exec_system_user:root >exec_timeout:60 >host_domainname:none >host_hostname:samba-03.brockley-2016.harte-lyne.ca >host_hostuuid:samba-03 >host_time:1 >hostid:b4cdc46c-7e7a-11de-87df-0011d8a408ed >hostid_strict_check:0 >interfaces:vnet0:bridge0 >ip4:new >ip4_addr:em0|192.168.8.67 >ip4_saddrsel:1 >ip6:new >ip6_addr:none >ip6_saddrsel:1 >ip_hostname:0 >jail_zfs:0 >jail_zfs_dataset:iocage/jails/samba-03/data >jail_zfs_mountpoint:none >last_started:2020-05-10 17:06:24 >localhost_ip:127.0.67.1 >login_flags:-f root >mac_prefix:001cc0 >maxproc:off >memorylocked:off >memoryuse:off >min_dyn_devfs_ruleset:1000 >mount_devfs:1 >mount_fdescfs:1 >mount_linprocfs:0 >mount_procfs:0 >mountpoint:readonly >msgqqueued:off >msgqsize:off >nat:0 >nat_backend:ipfw >nat_forwards:none >nat_interface:none >nat_prefix:172.16 >nmsgq:off >notes:none >nsem:off >nsemop:off >nshm:off >nthr:off >openfiles:off >origin:readonly >owner:root >pcpu:off >plugin_name:none >plugin_repository:none >priority:99 >pseudoterminals:off >quota:none >readbps:off >readiops:off >release:12.1-RELEASE-p3 >reservation:none >resolver:search brockley-2016.harte-lyne.ca hamilton.harte-lyne.ca harte-lyne.ca;nameserver 216.185.71.33;nameserver 216.185.71.34;options edns0 timeout:5 attempts:3 >rlimits:off >rtsold:0 >securelevel:-1 >shmsize:off >stacksize:off >state:up >stop_timeout:30 >swapuse:off >sync_state:none >sync_target:none >sync_tgt_zpool:none >sysvmsg:new >sysvsem:new >sysvshm:new >template:0 >type:jail >used:readonly >vmemoryuse:off >vnet:0 >vnet0_mac:none >vnet1_mac:none >vnet2_mac:none >vnet3_mac:none >vnet_default_interface:auto >vnet_interfaces:none >wallclock:off >writebps:off >writeiops:off > > > >[root@vhost04 ~ (master)]# rsync -XAav --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol /var/db/samba4 >!!Warning!! - Any deliberate attempt to access this resource without > legitimate authorization is a criminal offence > (R.S.C. 1985, c. C-46 - Section 342.1). >receiving file list ... >recv_acl_index: ACL_TYPE_ACCESS ACL index 16 > 0 >rsync error: error in rsync protocol data stream (code 12) at acls.c(1119) [Receiver=3.1.3] > > >These are the default values: > >[root@samba-03 ~]# sysctl -a | grep 'chflag\|securelevel' >kern.securelevel: 2 >security.jail.param.allow.chflags: 0 >security.jail.param.securelevel: 0 >security.jail.chflags_allowed: 0 > > >[root@samba-03 ~]# rsync -XAav --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol /var/db/samba4 >!!Warning!! - Any deliberate attempt to access this resource without > legitimate authorization is a criminal offence > (R.S.C. 1985, c. C-46 - Section 342.1). >receiving file list ... >recv_acl_index: ACL_TYPE_ACCESS ACL index 16 > 0 >rsync error: error in rsync protocol data stream (code 12) at acls.c(1119) [Receiver=3.1.3] > >This is with only chflags allowed: > >[root@samba-03 ~]# sysctl -a | grep 'chflag\|securelevel' >kern.securelevel: 2 >security.jail.param.allow.chflags: 0 >security.jail.param.securelevel: 0 >security.jail.chflags_allowed: 1 > >[root@samba-03 ~]# rsync -XAav --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol /var/db/samba4 >!!Warning!! - Any deliberate attempt to access this resource without > legitimate authorization is a criminal offence > (R.S.C. 1985, c. C-46 - Section 342.1). >receiving file list ... >recv_acl_index: ACL_TYPE_ACCESS ACL index 16 > 0 >rsync error: error in rsync protocol data stream (code 12) at acls.c(1119) [Receiver=3.1.3] > >This is with both chflags allowed and securelevel 0 > >[root@samba-03 ~]# sysctl -a | grep 'chflag\|securelevel' >kern.securelevel: 0 >security.jail.param.allow.chflags: 0 >security.jail.param.securelevel: 0 >security.jail.chflags_allowed: 1 > >[root@samba-03 ~]# rsync -XAav --delete-after --rsh='ssh' [192.168.8.65]:/var/db/samba4/sysvol /var/db/samba4 >!!Warning!! - Any deliberate attempt to access this resource without > legitimate authorization is a criminal offence > (R.S.C. 1985, c. C-46 - Section 342.1). >receiving file list ... >recv_acl_index: ACL_TYPE_ACCESS ACL index 16 > 0 >rsync error: error in rsync protocol data stream (code 12) at acls.c(1119) [Receiver=3.1.3]
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 246371
: 214377