Installation and configuration of rsync server under CentOS 6.5

rsync installation#

bash#Check if rsync is installed,Need to uninstall if it has been installed
rpm -qa|grep rsync
# Install rsync uninstall
rpm -e rsync
# Download the latest rpm package(Pay attention to the matching of the operating system and the number of bits) 
# Rsync's rpm package list address: http://pkgs.repoforge.org/rsync
wget http://pkgs.repoforge.org/rsync/rsync-3.1.1-1.el6.rfx.x86_64.rpm
# rpm package installation
rpm -ivh rsync-3.1.1-1.el6.rfx.x86_64.rpm

Rsync server configuration#

Start configuration##

• Choose how to start the rsync server

• rsync server load is relatively high, use independent startup mode

• Rsync server is less responsible, use xinetd operation mode

• Create the configuration file rsyncd.conf

• Create a configuration password for the rsync server accessed in non-anonymous mode (it is recommended that configuration requires password access)

CentOS runs rsync in xinetd mode by default, and the xinetd configuration file of rsync is /etc/xinetd.d/rsync
If you configure rsync to run in xinetd mode, execute the following command

bashchkconfig rsync on
service xinetd restart
# If you execute service xinetd restart to find xinetd:unrecognized service xinetd service is not installed
# Execute yum install xinetd to install xinetd service
# Start the xinetd service after installation(service xinetd start)

Edit the rsync xinetd configuration file /etc/xinetd.d/rsync file, modify the parameter server_args = --daemon --config=/etc/rsyncd/rsyncd.conf to configure the parameters when the rsync server starts

If you use standalone mode, execute the following command

bash/usr/bin/rsync --daemon
# edit/etc/rc.local file added/usr/bin/rsync --The daemon guarantees that the rsync service will be started automatically every time it starts up

Configuration file##

bash#Create rsync service directory
mkdir /etc/rsyncd
# Create configuration file
touch /etc/rsyncd/rsyncd.conf
# Create a password file
touch /etc/rsyncd/rsyncd.passwd
# Permission modification
chown root:root /etc/rsyncd/rsyncd.passwd
chmod 600/etc/rsyncd/rsyncd.passwd

Introduction to configuration file syntax

• Module
  Start with [module name]
• Parameter configuration line
  Format name = value
  The value of value can be string (without quotation marks) or boolean (0/1, true/false, yes/no)
• Start with # is a comment line
• Use \ is the line continuation character

Global parameters (configurations other than [module name] are global configurations)

• address
  In stand-alone operation, the IP address used for the specified server operation. This parameter will be ignored when run by xinetd, use the -address option on the command line instead
  Default value local all IP
• port
  Specify the port number that the rsync daemon listens on. This parameter will be ignored when run by xinetd, and the -port option on the command line will be used instead.
  The default value is 873
• motd file
  Specify a message file, the content of the file is displayed to the client when the client connects to the server.
  Default value None
• pid file
  The rsync daemon writes its PID to the specified file.
  Default value None
• log file
  Specify the log file of the rsync daemon without sending the log to syslog.
  Default value None
• syslog facility
  Specify the message level when rsync sends log messages to syslog
  Default daemon
• socket options
  Specify custom TCP options.
  Default value None

Module parameters
Module parameters are mainly used to define which directory of the rsync server is to be synchronized. The format of the module declaration must be in the form of [module]. This name is the name seen on the rsync client, similar to the share name provided by the Samba server. The data that the server really synchronizes is specified by path. You can specify multiple modules according to your needs. The following parameters can be defined in the module:

• Basic module parameters

• path
  Specify the synchronization path of the current module on the rsync server, this parameter must be specified

• comment
  Assign a description to the module, the description together with the module name will be displayed to the client when the client connects to the module list

• Module control parameters

• use chroot
  If true, rsync first chroots to the directory specified by the path parameter before transferring files. The reason for this is to achieve additional security protection, but the disadvantage is that root permissions are required, and the directory files pointed to by symbolic links outside the path cannot be backed up.
  The default value is true

• uid
  Specify the module to transfer files with the specified UID.
  Default value nobody

• gid
  Specify the module to transfer files with the specified GID.
  Default value nobody

• max connections
  Set the maximum number of concurrent connections for this module to protect the server. Connection requests exceeding the limit will be notified and try again later.
  The default value is 0, no limit

• read only
  Specify whether to allow customers to upload files. If true, upload is not allowed; if false and the server directory also has read and write permissions, upload is allowed.
  The default value is true

• write only
  Specify whether to allow customers to download files. If true, download is not allowed; if false and the server directory also has read permission, download is allowed.
  The default value is false

• Module authentication parameters

• hosts allow
  Use a host list to specify which host clients are allowed to connect to the module. Hosts that do not match the host list will be rejected
  Defaults*

The client host list definition can be in the following forms:
Single IP address for example: 192.168.0.1
For example, the entire network segment: 192.168.0.0/24, 192.168.0.0/255.255.255.0
Resolvable single host name such as centos, centos.bsmart.cn
All hosts in the domain, for example: .bsmart.cn* "*" means all.
Multiple list items should be separated by spaces.

• hosts deny
  Use a host list to specify which host clients are not allowed to connect to the module.
  Default value is empty
• auth users
  Specify a list of user names separated by spaces or commas. Only these users are allowed to connect to the module. The users here have nothing to do with system users. The username and password are stored in clear text in the file specified by the secrets file parameter
  Anonymous by default
• secrets file
  Specify an rsync authentication password file. This file only works when auth users is defined.
  Default value is empty
• strict modes
  Specify whether to monitor the permissions of the password file. If true, the password file can only be accessed by the user who runs the rsync server, and no other users can access the file.
  The default value is true

• The permission of the rsync authentication password file must be 600, otherwise the client will not be able to connect to the server.

• Each line in the rsync authentication password file specifies a username:password pair in the format: username:passwd
• Generally speaking, the password should not exceed 8 characters. If you only configure the rsync server for anonymous access, you do not need to set the above parameters.

Configuration file example

bash# GLOBAL OPTIONS
uid = root                         
gid = root                                  

use chroot = no                     

read only = yes                            

# limit access to private LANs
hosts allow=172.16.0.0/255.255.0.0192.168.1.0/255.255.255.010.0.1.0/255.255.255.0
hosts deny=*                                
max connections =5                      

pid file =/var/run/rsyncd.pid             

secrets file =/etc/rsyncd/rsyncd.secrets   
# lock file =/var/run/rsync.lock           

# motd file =/etc/rsyncd/rsyncd.motd        

# This will give you a separate log file
# log file =/var/log/rsync.log               

# This will log every file transferred - up to 85,000+ per user, per sync
transfer logging = yes                    

log format =%t %a %m %f %b
syslog facility = local3
timeout =300

# MODULE OPTIONS
[ davidhome]                               
path =/home/david/                       
list=yes                                   
ignore errors                              
auth users = david                          
comment = David home                  
exclude = important/[chinatmp]
path =/tmp/china/
list=no
ignore errors
auth users = china
comment = tmp_china

Password file

shdavid:asdf             #Format username:Password
china:jk               #The user is not required to be a system user

Check whether the rsync service is started
netstat -an | grep 873

rsync client#

bash#Install the client
yum -y install rsync
# Sync command
# - a parameter, equivalent to-rlptgoD
# - r is recursion-l is the link file, which means to copy the link file;-p means to keep the original permissions of the file
# - t keep the original time of the file;-g keep text#Original user group;-o Keep the original owner of the file;-D is equivalent to a block device file
# - z Compression during transmission;
# - P transmission progress;
# - v Progress and other information during transmission, and-P is a bit related, try it yourself. You can read the document;
# Synchronize
rsync -avzP [email protected]::davidhome  /tmp/david/
# The client data and server data are consistent
rsync -avzP  --delete [email protected]::davidhome  /tmp/david/
# Specify the password file when transferring, password file permissions 600
rsync -avzP  --delete--password-file=/tmp/rsync.password  [email protected]::davidhome  /tmp/david/