Rsync 3.2.4 yatulutsidwa kale ndipo izi ndi nkhani zake

Pambuyo pa chaka ndi theka la chitukuko kukhazikitsidwa kwa mtundu watsopano wa Rsync 3.2.4, mtundu womwe zosintha zingapo ndi kukonza zolakwika zapangidwa.

Kwa iwo omwe ali atsopano ku Rsync, muyenera kudziwa izi ndi kalunzanitsidwe wapamwamba ndi ntchito zosunga zobwezeretsera yomwe imapereka kufalitsa koyenera kwa data yowonjezereka, yomwe imagwiranso ntchito ndi data yothinikizidwa ndi encrypted.

Pogwiritsa ntchito njira ya delta encoding, imakulolani kuti mulunzanitse mafayilo ndi maupangiri pakati pa makina awiri pa intaneti kapena pakati pa malo awiri pa makina omwewo, kuchepetsa kuchuluka kwa data yomwe yatumizidwa.

Chofunikira cha Rsync chomwe sichipezeka m'mapulogalamu ambiri kapena ma protocol ndikuti kukopera kumachitika ndi njira imodzi yokha. Rsync imatha kukopera kapena kuwonetsa zolemba zomwe zilimo ndikukopera mafayilo, mwakufuna kugwiritsa ntchito kukakamiza ndi kubwereza.

Kuchita ngati daemon ya seva, Rsync imamvetsera mwachisawawa pa doko la TCP 873, kutumiza mafayilo mu Rsync protocol kapena kudzera pamtundu wakutali monga RSH kapena SSH. Pamapeto pake, kasitomala wa Rsync yemwe akuyenera kukhazikitsidwa ayenera kukhazikitsidwa pagulu lakutali komanso lakutali.

Nkhani zazikulu za Rsync 3.2.4

Mu mtundu watsopanowu womwe umaperekedwa ndi Rsync 3.2.4 njira yatsopano yotetezera mkangano yaperekedwa kuchokera pamzere wolamula womwe umafanana ndi njira ya "-protect-args" ("-s") yomwe inalipo kale, koma sikuphwanya rrsync script (rsync zoletsedwa).

Chitetezo zimatengera zilembo zapadera zothawa, kuphatikizapo mipata, popereka zopempha ku chipolopolo chakunja. Njira yatsopanoyi simathawa zilembo zapadera mkati mwa chipika chomwe chatchulidwa, kulola kuti dzina lafayilo litchulidwe popanda kuthawanso, mwachitsanzo "rsync -aiv host: 'fayilo yosavuta.pdf' tsopano yaloledwa". Kuti mubwezeretse khalidwe lachikale, kusankha "-old-args" ndi kusintha kwa chilengedwe "RSYNC_OLD_ARGS=1" akuperekedwa.

Kusintha kwina komwe kwadziwika mu mtundu watsopanowu ndikuti kukhazikitsidwa luso losintha mawonekedwe a xattrs pamafayilo owerengera-okha ngati wogwiritsa ntchito ali ndi chilolezo chosintha maufulu ofikira (mwachitsanzo, akamayenda ngati mizu).
Yowonjezedwa ndikuyatsidwa ndi gawo lokhazikika "-info=NONREG" kuwonetsa machenjezo okhudza kusamutsa mafayilo apadera.

Zolemba atomic-rsync yalembedwanso ku Python ndikukulitsidwa ndikutha kunyalanyaza ma code bwererani osati ziro. Chokhazikika ndikunyalanyaza code 24, yomwe imabwezedwa mafayilo akasowa pomwe rsync ikugwira ntchito (mwachitsanzo, code 24 imabwezedwa kwa mafayilo osakhalitsa omwe analipo panthawi yolozera koyambirira koma adachotsedwa panthawi yolozera koyamba). za kusamuka).

Tinathetsa nkhani yomwe idakhalapo kwanthawi yayitali ndikusamalira zilembo za decimal kutengera komwe kuli pano. Zolemba zokonzedwa kuti zizingolemba zilembo "." mu manambala, ngati kuphwanya ngakhale, mutha kukhazikitsa "C" komweko.

Kuphatikiza apo, chiwopsezo (CVE-2018-25032) mu code yophatikizidwa ya laibulale ya zlib yomwe imapangitsa kuti buffer kusefukira poyesa kupondaponda mndandanda wamakhalidwe okonzedwa mwapadera idakhazikitsidwanso.

Mwa kusintha kwina zomwe zimadziwika ndi mtundu watsopanowu:

 • Anakhazikitsa njira ya "-fsync" yoyitanitsa fsync () ntchito pa fayilo iliyonse kuti muchotse posungira disk.
 • Zolemba za rsync-ssl zimagwiritsa ntchito njira ya "-verify_hostname" mukalowa openssl.
 • Anawonjezera njira ya "-copy-devices" kuti mukopere mafayilo amtundu ngati mafayilo wamba.
 • Kuchepetsa kukumbukira kukumbukira pamene mukusuntha mochulukira kalozera kakang'ono.
 • Pa nsanja ya macOS, njira ya "-atimes" imayatsidwa.
 • Zolemba za rrsync (zoletsedwa rsync) zalembedwanso ku Python.
 • Zowonjezera zatsopano "-munge", "-no-lock" ndi "-no-del".
 • Zosankha za block "-copy-links" (-L), "-copy-dirlinks" (-k) ndi "-keep-dirlinks" (-K) zimayatsidwa mwachisawawa kuti ziwopsezo zomwe zimagwiritsa ntchito maulalo ophiphiritsa zizikhala zambiri. zovuta.
 • Zolemba za munge-symlinks zalembedwanso ku Python.

Pomaliza, ngati mukufuna kudziwa zambiri za izi, mutha kuwona zambiri mu kutsatira ulalo.


Zomwe zili m'nkhaniyi zikutsatira mfundo zathu za malamulo okonzekera. Kuti mufotokoze cholakwika dinani Apa.

Khalani oyamba kuyankha

Siyani ndemanga yanu

Anu email sati lofalitsidwa.

*

*

 1. Wotsogolera pazosankhazi: Miguel Ángel Gatón
 2. Cholinga cha deta: Control SPAM, kasamalidwe ka ndemanga.
 3. Kukhazikitsa: Kuvomereza kwanu
 4. Kulumikizana kwa zomwe zafotokozedwazo: Zomwezo siziziwululidwa kwa anthu ena kupatula pakukakamizidwa mwalamulo.
 5. Zosunga: Zosungidwa ndi Occentus Networks (EU)
 6. Ufulu: Nthawi iliyonse mutha kuchepetsa, kuchira ndikuchotsa zidziwitso zanu.