From: Bastian Blank Date: Wed, 19 Apr 2017 07:36:26 +0000 (+0200) Subject: Disable reverse lookup in rsyncd X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=dbb404fee8cec36d622fe55b31b2c7e67694ae8d;p=mirror%2Fdsa-puppet.git Disable reverse lookup in rsyncd Due to restrictions enforced by systemd we don't have any access to DNS. As a lot of connections are coming via stunnel, we don't see the remote IP anyway. Just disable all reverse lookups and the warnings. --- diff --git a/modules/roles/files/bugs_mirror/rsyncd.conf b/modules/roles/files/bugs_mirror/rsyncd.conf index da19e5aaf..e3ea8e041 100644 --- a/modules/roles/files/bugs_mirror/rsyncd.conf +++ b/modules/roles/files/bugs_mirror/rsyncd.conf @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd.log diff --git a/modules/roles/files/dakmaster/rsyncd.conf b/modules/roles/files/dakmaster/rsyncd.conf index fc658ac82..ca7a50783 100644 --- a/modules/roles/files/dakmaster/rsyncd.conf +++ b/modules/roles/files/dakmaster/rsyncd.conf @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd.log diff --git a/modules/roles/files/historical_mirror/rsyncd.conf b/modules/roles/files/historical_mirror/rsyncd.conf index eb7ad9e2a..48438f1b3 100644 --- a/modules/roles/files/historical_mirror/rsyncd.conf +++ b/modules/roles/files/historical_mirror/rsyncd.conf @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd-archive.log diff --git a/modules/roles/files/keyring/rsyncd.conf b/modules/roles/files/keyring/rsyncd.conf index 1cf061e0c..ae1d85ff2 100644 --- a/modules/roles/files/keyring/rsyncd.conf +++ b/modules/roles/files/keyring/rsyncd.conf @@ -3,6 +3,7 @@ gid = nogroup syslog facility = daemon log file = /var/log/rsyncd/rsyncd.log socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 [keyrings] diff --git a/modules/roles/files/security_master/rsyncd.conf b/modules/roles/files/security_master/rsyncd.conf index 1de64eb24..e426a8c8b 100644 --- a/modules/roles/files/security_master/rsyncd.conf +++ b/modules/roles/files/security_master/rsyncd.conf @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd.log diff --git a/modules/roles/files/security_mirror/rsyncd.conf b/modules/roles/files/security_mirror/rsyncd.conf index 851e6aae8..f94ab03ee 100644 --- a/modules/roles/files/security_mirror/rsyncd.conf +++ b/modules/roles/files/security_mirror/rsyncd.conf @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 1200 # weasel 2007-11-19 diff --git a/modules/roles/files/wiki/rsyncd.conf b/modules/roles/files/wiki/rsyncd.conf index c33c3a830..f81095c78 100644 --- a/modules/roles/files/wiki/rsyncd.conf +++ b/modules/roles/files/wiki/rsyncd.conf @@ -3,6 +3,7 @@ gid = nogroup syslog facility = daemon log file = /var/log/rsyncd/rsyncd.log socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 [wiki.debian.org-dump] diff --git a/modules/roles/templates/snapshot/rsyncd.conf.erb b/modules/roles/templates/snapshot/rsyncd.conf.erb index 277db96a0..97501eb56 100644 --- a/modules/roles/templates/snapshot/rsyncd.conf.erb +++ b/modules/roles/templates/snapshot/rsyncd.conf.erb @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd.log diff --git a/modules/roles/templates/syncproxy/rsyncd.conf.erb b/modules/roles/templates/syncproxy/rsyncd.conf.erb index c3628ad40..14a6d0718 100644 --- a/modules/roles/templates/syncproxy/rsyncd.conf.erb +++ b/modules/roles/templates/syncproxy/rsyncd.conf.erb @@ -2,6 +2,7 @@ uid = nobody gid = nogroup syslog facility = daemon socket options = SO_KEEPALIVE +reverse lookup = false timeout = 7200 # weasel 2007-11-19