Gentoo Archives: gentoo-mirrors

From: "Robin H. Johnson" <robbat2@g.o>
To: gentoo-mirrors@l.g.o
Subject: Re: [gentoo-mirrors] rsync source problem
Date: Wed, 21 Oct 2009 18:39:54
Message-Id: robbat2-20091021T182956-873819313Z@orbis-terrarum.net
In Reply to: Re: [gentoo-mirrors] rsync source problem by Gokdeniz Karadag
1 On Wed, Oct 21, 2009 at 09:27:15PM +0300, Gokdeniz Karadag wrote:
2 > FYI, that file had been there since I started mirroring gentoo ~1.5 years ago.
3 > There is no read permission, as a result it does not become public, but gives
4 > annoying message at every sync. I just --excluded that file to get rid of the
5 > error message.
6 The file is meant to go out to your mirrors, and give a 403 when anybody
7 tries to access it. darkside (our new mirroradmin) is working on
8 updating the checker scripts to make sure it exists and returns an error
9 on your mirrors.
10
11 It's got the same permissions that we use for staging content.
12
13 Specifically
14 1. Place content on mirror, with permissions to distribute TO mirror
15 only. Permissions on files is 0600, dirs 0700, user/group =
16 rsync:root.
17 2. Wait for content to hit mirrors.
18 3. Change permissions to 0644 / 0755.
19
20 Additionally, you run your rsync fetch as root or rsync, and you serve
21 the files as some unprivileged uid (NOT user=rsync).
22
23 The OSU mirror that feeds all of your mirrors was supposed to be
24 explicitly configured that you could fetch from it always, but it seems
25 that is broken.
26
27 --
28 Robin Hugh Johnson
29 Gentoo Linux: Developer, Trustee & Infrastructure Lead
30 E-Mail : robbat2@g.o
31 GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85