
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
398
|
Chapter 11: Securing File Services
As advertised, Example 11-12’s global options are listed at the top.
The first option set in Example 11-12 also happens to be the only “global-only”
option:
syslog facility, motd file, log file, pid file,andsocket options may be
used only as global settings, not in module settings. Of these, only
syslog facility
has direct security ramifications: like the ProFTPD directive SyslogFacility, rsync’s
syslog facility can be used to specify which syslog facility rsync should log to if you
don’t want it to use
daemon, its default. If you don’t know what this means, see
Chapter 12.
For detailed descriptions of the other “global-only” options, see the rsyncd.conf(5)
manpage. I won’t cover them here, as they don’t directly affect system security.
(Their default settings are fine for most situations.)
All other allowable rsyncd.conf options may be used as global options, in modules, or
both. If an option appears in both the global section and in a module, the module
setting overrides the global setting for transactions involving that module. In gen-
eral, global options replace default values, and module-specific options override both
default and global options.
The second group of options in Example 11-12 falls into the category of module-spe-
cific options: