www-mirrors mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@hyperreal.org>
Subject Re: Mirroring apache using rsync
Date Sat, 11 Jul 1998 22:13:15 GMT
At 05:46 AM 7/12/98 +0800, FTP Administration wrote:
>How about using hard links on the main site, and then we can use the
>-H option with rsync?  Then we'd have none of this worrying about bad
>symlinks.  <smile>
>
>Seriously though ... on the "how to mirror" page, the instructions are
>to use only the -rtvz flags.  For those of us with existing mirrors,
>then our symlinks will already be okay.  However, if someone was
>starting up a fresh one, or the main site changes their symlinks, then
>that rsync command will not produce a faithful mirror of the site.

"from-cvs" changes on a daily basis and is somewhat silly to pull down
anyways, so don't worry about that one.

"sinix_5.4 -> reliantunix_5.4" isn't a big deal if it's missing.

I'll ask the perl and java folks to make their stuff not use symlinks.  As
far as I can tell they've done it just as a convenience.  I'll remind them
that a benefit of not doing that is that all of the sudden they have 178
mirror sites of their content they can point to :)

>We're not running hundreds of mirrors, but we do have a few.  wu-ftpd
>is chrooted, which is fine, and we also serve the files by http, using
>Apache.  I followed the advice on Apache's "Security Tips" page, and
>did a <Directory /> directive, making / unavailable, and then turning
>access back on for the anonymous ftp directory.  This way, a symlink
>to / might be visible, and FollowSymLinks might be on, but the server
>should not be able to read what the symlink points to.
>
>I strongly advise other people to do the same if they haven't done so
>already.  Read "docs/misc/security_tips.html" in your mirror for more
>info.  :)

Yes, smart to do this.  This is also now the default config distributed
with Apache.  

	Brian


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
pure chewing satisfaction                            brian@apache.org
                                                  brian@hyperreal.org

Mime
View raw message