lunar (1) clsync.1.gz

Provided by: clsync_0.4.5-2_amd64 bug

NAME

       clsync - live sync tool, written in GNU C

SYNOPSIS

       clsync [ ... ] -- [ sync-handler-arguments ]

DESCRIPTION

       clsync  executes  sync-handler  with  appropriate  arguments  on  FS  events  in directory
       watch-dir using the inotify(7) or other FS monitoring subsystems.

OPTIONS

       This options can be passed as arguments or to be used in the configuration file.

       To disable numeric option set to zero:
                   =0

       To disable string option (for example path to file) set to empty string:
                   =

       Also you can use previously set values while setting new options. Substring  %option_name%
       will  be  substituted with previously set value of option option_name.  (see CONFIGURATION
       FILE)

       sync-handler-arguments applies only to modes:
              simple, direct, shell, rsyncdirect, rsyncshell

       To set sync-handler-arguments in config file use '--'. An example:
              -- = -aH --exclude-from %EXCLUDE-LIST% --include-from=%INCLUDE-LIST% --exclude  '*'
              %watch-dir%/ %destination-dir%/

       -W, --watch-dir watch-dir
              Root directory to be monitored by clsync.

              Required.

       -S, --sync-handler sync-handler
              Path to sync-handler to be used for syncing by clsync.  (see --mode)

              Is  required  for  all  modes  except  "direct" and "rsyncdirect" [see SYNC HANDLER
              MODES]

       -R, --rules-file rules-file
              Path to file with filter rules of objects to be monitored. (see RULES)

              Is not set by default.

       -D, --destination-dir destination-directory
              Defines directory to sync to for modes  "rsyncdirect",  "rsyncso"  and  "so".  (see
              --mode)

              Is not set by default.

       -M, --mode mode
              Sets syncing mode. Possible values:
                     simple
                            calls sync-handler for every event
                     direct
                            calls  sync-handler  for  every  sync  with  passing  files  lists as
                            arguments
                     shell
                            calls sync-handler for every sync with passing files lists in a file
                     rsyncdirect
                            calls rsync by path sync-handler directly
                     rsyncshell
                            calls  sync-handler  that  supposed  to  run  rsync  for  every  sync
                            (recommended mode)"
                     rsyncso
                            loads  shared  object  by  path sync-handler with dlopen(3) and calls
                            function clsyncapi_rsync function for every sync
                     so
                            loads shared object by path sync-handler  with  dlopen(3)  and  calls
                            function clsyncapi_sync function for every sync

              See SYNC HANDLER MODES

              Required.

       -b, --background
              Daemonize, forcing clsync to fork() on start.

              Is not set by default.

       -H, --config-file config-file-path
              Use configuration from file config-file-path (see CONFIGURATION FILE).

              Set to "/NULL/" if no config files should be read.

              Is not set by default.

       -K, --config-block config-block-name
              Use configuration block with name config-block-name (see CONFIGURATION FILE).

              The default value is "default".

       --config-block-inherits config-parent-block-name
              Use   configuration   block   with  name  config-parent-block-name  as  parent  for
              config-block-name (see CONFIGURATION FILE).  Options from  config-parent-block-name
              will be inherited to config-block-name.

              The default value is "default".

       --custom-signals custom-signals
              Set  a  list of signals and corresponding config block names. The config block will
              be use on catching the corresponding signal.

              Format is
                     signal:config-block-name[,signal:config-block-name[,...]]

              For example:
                     --custom-signals=29:debug,28:normal
              In this line signals "28" and "29" will be added to  the  sighandler.   And  clsync
              will use options from config block "debug" on signal 29 and "normal" on signal 28.

              To reset all custom signals use the 0-th signal (e.g. "--custom-signals=0").

              The default value is "".

       -z, --pid-file path-to-pidfile
              Writes pid to file by path path-to-pidfile.

              Is not set by default.

       --status-file status-file-path
              Write status description into file with path status-file-path.

              Possible statuses:
                     starting
                            initializing  subsystems  and  marking  file  tree  with  FS  monitor
                            subsystem
                     initsync
                            processing initial syncing
                     running
                            waiting for events or syncing
                     synchandler error
                            waiting between synchandler execution tries  (after  a  failure)  [is
                            used only while --threading=off]
                     rehashing
                            reloading configuration files
                     thread gc
                            running threads' garbage collector
                     preexit
                            executing the --pre-exit-hook
                     terminating
                            running the last iteration (if required) and preparing to die
                     exiting
                            executing the --exit-hook and cleaning up [for valgrind(1)]

              Is not set by default.

       -r, --retries number-of-tries
              Tries limit to sync with sync-handler.

              clsync will die after number-of-tries tries.

              To try infinite set "0".

              Delay between tries is equal to --delay-sync value.

              The default value is "1".

       --ignore-failures
              Don't die on sync failures.

              Is not set by default.

       --exit-on-sync-skip
              Exit if some event could be skipped due to any reason.

              For  example  FreeBSD  has  a  very  short  BSM  event  queue  (1024). So it may be
              overflowed and some events can not climb to the queue. This option forces clsync to
              exit if the queue had been overflowed.

              Is not set by default.

       -p, --threading threading-mode
              [Not available on Debian/kFreeBSD]

              Use  pthreads(7)  to  parallelize  syncing  processes.  For example if clsync (with
              --threading=off) is already syncing a huge  file  then  all  other  syncs  will  be
              suspended  until the huge file syncing finish. To prevent this suspends you can use
              "safe" or "full" threading mode.

              Possbile values:
                     off
                            disable threading for syncing processes.
                     safe
                            parallelize syncs but suspend syncings of  object  that  are  already
                            syncing in another process (until the process finish).
                     full
                            parallelize syncs without suspendings.

              Characteristics:
                     off
                            New modifications won't be synced until old ones finish.
                     safe
                            Theoretically  is  the  best  way.  But  may utilize of lot of CPU if
                            there's a lot of simultaneous parallel syncs. (also this way  is  not
                            well tested)
                     full
                            May  cause  multiple  simultaneous syncing of the same file, which in
                            turn can cause bug inside sync-handler (see below).

              If you're running clsync with option --threading=full  in  conjunction  with  rsync
              with  option  --backup,  you  may  catch  a bug due to nonatomicity of rsync's file
              replace operation.  (see DIAGNOSTICS)

              The default value is "off".

       -Y, --output log-destination
              Sets destination for log writing (errors, warnings, infos and debugging).

              Possible values:
                     stderr
                     stdout
                     syslog

              The default value is "stderr".

       --one-file-system
              Don't follow to different devices' mount  points.  This  option  just  adds  option
              "FTS_XDEV" for fts_open(3) function.

              Warning!   If  you're using this option (but no --exclude-mount-points) clsync will
              write neither includes nor excludes of content of mount points.
              This may cause problems e.g. you're using rsync for  sync-handler  without  similar
              option "--one-file-system".

              Is not set by default.

       -X, --exclude-mount-points
              Forces --one-file-system but also add excludes to do not sync mount points.

              This requires to do stat(2) syscalls on every dir and can reduce performance.

              Is not set by default.

       --socket socket-path
              Create a control socket by path socket-path.

              This's very experimental feature.

              Is not set by default.

       --socket-own socket-owner-user[:socket-owner-group]
              Sets the control socket owner user (and group).

              Is not set by default

       --socket-mod socket-mode
              Sets the control socket mode [see chmod(2)].

              Is not set by default.

       --standby-file standby-file-path
              Sets file to path that should be checked before every sync. If file exists the sync
              will be suspended until the file is deleted. It may be useful if  you  need  freeze
              destination directory while running some scripts.

              Is not set by default.

       --max-iterations iterations-count
              Sets  synchronization  iterations  limit.  One  iteration  means  one  sync-handler
              execution.

              iterations-count
                     set to 0 means no limit (infinite loop).

                     set to 1 means that only initial sync will be done

                     set to n means that only initial sync and (n-1) sync-ups after that will  be
                     done

              Hint:  This option may be useful in conjunction with --exit-on-no-events to prevent
              infinite sync-up processes.

              The default value is "0".

       --modification-signature signature-mask
              Sets file/dir modification recheck signature. If file is not modified (according to
              the signature) then don't sync it.

              See struct stat in lstat(2) for possible fields.

              For         example         reasonable        signature-mask-s        can        be
              "dev,ino,mode,uid,gid,rdev,size,atime,mtime,ctime" (there's an  alias  for  that  —
              "*") or "uid,gid".

              Examples of use cases:
                     chown/chmod
                            If you're using clsync for fixing file/dir privileges [using chown(1)
                            and/or chmod(1)] than reasonable signature will be "uid,gid".

                            Full     example:     clsync     -w5     -t5     -T5      -x1      -W
                            /var/www/site.example.org/root  -Mdirect  -Schown  --uid  0  --gid  0
                            -Ysyslog  -b1   --modification-signature   uid,gid   --   --from=root
                            www-data:www-data %INCLUDE-LIST%
                     bi-directional syncing
                            If  you're  going  to  setup  bi-directional syncing then you may use
                            --modification-signature "*" to prevent sync loop between servers.
                     Not enough CPU
                            If rsync eats too many CPU with rechecking hashsums of files on their
                            dry  open()/close()  due  to some hacky script (for example "chown -R
                            www-data:www-data" in cron) then you can use --modification-signature
                            "dev,ino,mode,uid,gid,rdev,size,atime,mtime"    (without   "blksize",
                            "blocks", "nlink" and "ctime").

              Warning! This option may eat a lot of memory on huge file trees.

              This option cannot be used together with "--cancel-syscalls=mon_stat"

              To disable file/dir modification rechecking use empty value — "".

              The default value is "".

       -k, --timeout-sync sync-timeout
              Sets timeout for syncing processes.  clsync will die if syncing process alive  more
              than sync-timeout seconds.

              Set "0" to disable the timeout.

              The default value is "86400" ["24 hours"].

       -w, --delay-sync additional-delay
              Sets the minimal delay (in seconds) between syncs.

              The default value is "30".

       -t, --delay-collect ordinary-delay
              Sets the delay (in seconds) to collect events about ordinary files and directories.

              The default value is "30".

       -T, --delay-collect-bigfile bigfiles-delay
              Sets   the   delay   (in   seconds)  to  collect  events  about  "big  files"  (see
              --threshold-bigfile).

              The default value is "1800".

       -B, --threshold-bigfile filesize-threshold
              Sets file size threshold (in bytes) that separates ordinary files from "big files".
              Events  about "big files" are processed in another queue with a separate collecting
              delay. This is supposed to be used as a means of unloading IO resources.

              To disable detection of "big files" set "0" (zero). This can improve performance by
              removing necessity in extra lstat() syscall.

              The default value is "134217728" ["128 MiB"].

       --cancel-syscalls syscalls-mask
              Sets syscalls to be bypassed. This may be used for to squeeze more performance.

              Possible values:
                     mon_stat
                            Skip  lstat()  calls  while  handling  files/dirs  events. This makes
                            unpossible   to   determine   files   sizes   (that   is   used    by
                            --threshold-bigfile      option)      and      to      use     option
                            --modification-signature.

              You can combine this values using commas.

              To disable this option just use empty value — "".

              The default value is "".

       -L, --lists-dir tmpdir-path
              Sets directory path to output temporary events-lists files.

              See SYNC HANDLER MODES.

              Is not set by default.

       --have-recursive-sync
              Use action "recursivesync" instead of "synclist" for  directories  that  were  just
              marked (see SYNC HANDLER MODES case shell).

              Is not set by default.

       --synclist-simplify
              Removes the first 3 parameters in list files of action "synclist" (see SYNC HANDLER
              MODES case shell).

              Is not set by default.

       --rsync-inclimit rsync-includes-line-limit
              Sets soft limit for lines count in files by  path  rsync-listpath.   Unfortunately,
              rsync  works  very  slowly with huge "--include-from" files. So, clsync splits that
              list with approximately rsync-includes-line-limit lines per list if it's  too  big,
              and  executes  by  one  rsync  instance per list part. Use value "0" to disable the
              limit.

              The default value is "20000".

       --rsync-prefer-include
              Forces clsync to prefer a "lot of includes" method instead of a "excludes+includes"
              for rsync on recursive syncing.

              See cases rsyncshell, rsyncdirect and rsyncso of SYNC HANDLER MODES.

              This option is not recommended.

              Is not set by default.

       -x, --ignore-exitcode exitcode
              Forces  clsync to do not process exitcode exitcode of sync-handler as an error. You
              can set multiple ignores by passing this option multiple times.

              Recommended values for rsync case is "24". You can set multiple values with listing
              a lot of "-x" options (e.g. "-x 23 -x 24") or via commas (e.g. "-x 23,24"). To drop
              the list use zero exitcode (e.g. "-x 0"). For example you can use "-x 0,23" to drop
              the list and set "23"-th exitcode to be ignored.

              Is not set by default (or equally is set to "0").

       -U, --dont-unlink-lists
              Do not delete list-files after sync-handler has finished.

              This may be used for debugging purposes.

              Is not set by default.

       --fts-experimental-optimization
              Enable  experimental  features  to  optimize file tree scanning while using fts(3).
              The features will be enabled by default after appropriate testing.

              At the moment the option doesn't do anything but can be used in future.

              Is not set by default.

       -F, --full-initialsync
              Ignore filter rules from rules-file on initial sync.

              This may be useful for quick start or e.g. if it's  required  to  sync  "/var/log/"
              tree but not sync every change from there.

              Is not set by default.

       --only-initialsync
              Exit after initial syncing on clsync start.

              Is not set by default.

       --exit-on-no-events
              Exit  if  there's  no  events. Works like --only-initialsync, but also syncs events
              collected while the initial syncing.

              Unlike --only-initialsync this option uses FS monitor subsystem to monitor for  new
              events  while  the  initial syncing. This may reduce performance. On the other hand
              this way may be used to be sure, that everything is synced  at  the  moment  before
              clsync will exit.

              Is not set by default.

       --skip-initialsync
              Skip initial syncing on clsync start.

              Is not set by default.

       --sync-on-quit
              On  SIGQUIT:  clsync  will  perform  one  more  final syncing to empty the queue of
              collected events before exit.

              Is not set by default.

       --exit-hook path-of-exit-hook-program
              Sets path of program to be executed on clsync exit.

              If this parameter is set then clsync will exec on exit:
                     path-of-exit-hook-program label

              The execution will be skipped if initial sync wasn't complete.

              Is not set by default.

       --pre-exit-hook path-of-pre-exit-hook-program
              Sets  path  of  program  to  be  executed  before  the  last  sync  iteration  (see
              --max-iterations, --exit-on-no-events and SIGNALS).

              If this parameter is set then clsync will exec on exit:
                     path-of-pre-exit-hook-program label

              The execution will be skipped if initial sync wasn't complete.

              If  clsync  finishes due to --exit-on-no-events and --pre-exit-hook is set then the
              pre-exit hook will be executed and additional sync iteration will be triggered.

              Is not set by default.

       -v, --verbose
              This option is supposed to  increase  verbosity.  But  at  the  moment  there's  no
              "verbose output" in the code, so the option does nothing. :)

              Is not set by default.

       -d, --debug
              Increases  debugging output. This may be supplied multiple times for more debugging
              information, up to a maximum of five "d" flags (more will do nothing), for  example
              "-d -d -d -d -d" or "-d5" (equivalent cases)

              Is not set by default.

       --dump-dir
              Directory  to  write clsync's instance information by signal 29 (see SIGNALS).  The
              directory shouldn't exists before dumping.

              Is set to "/tmp/clsync-dump-%label%" by default.

       -q, --quiet
              Suppresses error messages.

              Is not set by default.

       --monitor monitor-subsystem
              Switches FS monitor subsystem.

              Possible values:
                     inotify
                            inotify(7) [Linux, (FreeBSD via libinotify)]

                            Native, fast, reliable and well tested Linux FS monitor subsystem.

                            There's no essential performance profit to use "inotify"  instead  of
                            "kevent"  on  FreeBSD  using  "libinotify".  It  backends to "kevent"
                            anyway.

                            FreeBSD users: The libinotify on  FreeBSD  is  still  not  ready  and
                            unusable for clsync to sync a lot of files and directories.

                     gio
                            Use gio library.

                            Crossplatform  and  tested library that backends to kqueue on FreeBSD
                            and inotify on Linux.  See  inotify  and  kqueue  sections  here  for
                            details.

                            Not well tested. Use with caution!

                     kqueue
                            kqueue(2) [FreeBSD, (Linux via libkqueue)]

                            A  *BSD  kernel  event  notification  mechanism (inc. timer, sockets,
                            files etc).

                            This monitor subsystem cannot determine file creation event,  but  it
                            can determine a directory where something happened. So clsync is have
                            to rescan whole dir every  time  on  any  content  change.  Moreover,
                            kqueue  requires  an  open()  on  every watched file/dir. But FreeBSD
                            doesn't allow one to open() symlink itself  (without  following)  and
                            it's  highly  invasively  to open() pipes and devices. So clsync just
                            won't call open() on everything except regular files and directories.
                            Consequently,   clsync  cannot  determine  if  something  changed  in
                            symlink/pipe/socket and so on.  However it still can determine if  it
                            will  be  created  or  deleted  by  watching the parent directory and
                            rescaning it on every appropriate event.

                            Also this API requires to open every monitored file and directory. So
                            it  may  produce  a  huge  amount  of  file descriptors. Be sure that
                            kern.maxfiles is big enough (in FreeBSD).

                            CPU/HDD expensive way.

                            Not well tested. Use with caution!

                            Linux users: The libkqueue on Linux is not working. He-he :)

                     bsm
                            bsm(3) [FreeBSD]

                            Basic Security Module (BSM) Audit API.

                            This is not a FS monitor subsystem, actually. It's  just  an  API  to
                            access  to  audit information (inc. logs).  clsync can setup audit to
                            watch FS events and report it into log. After that clsync  will  just
                            parse the log via auditpipe(4) [FreeBSD].

                            Reliable,  but  hacky  way.  It requires global audit reconfiguration
                            that may hopple audit analysis.

                            Warning!  FreeBSD has a limit for queued events. In  default  FreeBSD
                            kernel it's only 1024 events. So choose one of:
                                   - To patch the kernel to increase the limit.
                                   - Don't use clsync on systems with too many file events.
                                   - Use bsm_prefetch mode (but there's no guarantee in this case
                                   anyway).
                            See also option --exit-on-sync-skip.

                            Not    well    tested.    Use    with     caution!      Also     file
                            /etc/security/audit_control will be overwritten with:
                                   #clsync

                                   dir:/var/audit
                                   flags:fc,fd,fw,fm,cl
                                   minfree:0
                                   naflags:fc,fd,fw,fm,cl
                                   policy:cnt
                                   filesz:1M
                            unless  it's  already  starts  with  "#clsync\n"  ("\n" is a new line
                            character).

                     bsm_prefetch
                            The same as  bsm  but  all  BSM  events  will  be  prefetched  by  an
                            additional  thread  to prevent BSM queue overflow. This may utilize a
                            lot of memory on systems with a high FS events frequency.

                            However the thread may be not fast enough to unload  the  kernel  BSM
                            queue. So it may overflow anyway.

              The default value on Linux is "inotify". The default value on FreeBSD is "kqueue".

       -l, --label label
              Sets  a label for this instance of clsync. The label will be passed to sync-handler
              every execution.

              The default value is "nolabel".

       -h, --help
              Outputs options list and exits with exitcode "0".

              Is not set by default.

       -V, --version
              Outputs clsync version and exits with exitcode "0".

              Is not set by default.

       --cgroup-group-name cg-group-name
              Set cgroup group name [see cgroup_new_cgroup()].

              Is set to "clsync/%PID%" by default.

SECURITY OPTIONS

       --secure-splitting
              Implies     "--splitting=process     --check-execvp-arguments      --seccomp-filter
              --forbid-devices"

       -u, --uid uid
              Drop user privileges to uid uid with setuid(2)

              If there's a capabilities(7) support then the default value is "nobody" (or "65534"
              if "nobody" not found), otherwise the option is not set by default;

       -g, --gid gid
              Drop group privileges to gid gid with setgid(2)

              If there's a capabilities(7) support  then  the  default  value  is  "nogroup"  (or
              "65534" if "nogroup" not found), otherwise the option is not set by default;

       --privileged-uid sync-handler-uid
              An user ID to be used for the privileged process (see --splitting=process).

              The default value is "$UID".

       --privileged-gid sync-handler-gid
              A group ID to be used for the privileged process (see --splitting=process).

              The default value is "$GID".

       --sync-handler-uid sync-handler-uid
              An user ID to be used for sync-handler.

              See --preserve-capabilities.

              The default value is same as for --privileged-uid.

       --sync-handler-gid sync-handler-gid
              A group ID to be used for sync-handler.

              See --preserve-capabilities.

              The default value is same as for --privileged-gid.

       -C, --preserve-capabilities capabilities-list
              [Linux only, requires capabilities]

              Use  capset(2)  and prctl(2) to preserve "CAP_DAC_READ_SEARCH", "CAP_SETUID" or/and
              "CAP_SETGID" [see capabilities(7)]  Linux  capability  for  process  using  fts(3),
              inotify(7)  and execve(2).  This allows the preservation of enough FS privileges to
              watch a file tree and execute the sync-handler  with  required  uid  and  gid  [see
              --sync-handler-uid  and --sync-handler-gid] after dropping privileges via setuid(2)
              and setgid(2) [see --uid and --gid]

              Possible values:
                     CAP_DAC_READ_SEARCH
                            To bypass FS read checks (for fts and inotify).
                     CAP_SETUID
                            To be able to use setuid(2) before execve(2) on the sync-handler.
                     CAP_SETGID
                            To be able to use setgid(2) before execve(2) on the sync-handler.
                     CAP_KILL
                            To be able to kill setuid()-ed processes

                     Any combinations of  this  values  are  also  supported.  The  list  may  be
                     presented as a comma separated values, like:
                            CAP_DAC_READ_SEARCH,CAP_SETUID,CAP_SETGID

              The  default  value  is "CAP_DAC_READ_SEARCH,CAP_SETUID,CAP_SETGID,CAP_KILL" if the
              clsync runner have such privileges.

       --inherit-capabilities
              [Linux only, requires capabilities]

              Sets a mode for capabilities inheriting.

              Possible values:
                     permitted
                            Inherits all permitted capabilities
                     dont-touch
                            Don't change inheritable capabilities set
                     clsync
                            Use clsync's effective capabilities set
                     empty
                            Reset all capabilities

              The default value is "empty".

       --splitting splitting-type
              Split the process/thread to privileged and non-privileged. This's an additional way
              to  secure your system from any bug in clsync while running it with capabilities or
              root privileges. But clsync may utilize in few times more CPU resources. So it's  a
              performance vs security trade off.

              You   can   essentialy   reduce   the   overhead   with  using  "high  load  locks"
              ("--enable-highload-locks" of "./configure" file).

              If you're using this option and running the sync-handler with the  root  user  then
              it's  highly recommended to enable --check-execvp-arguments, too. Otherwise in case
              of clsync security bug a hacker will be able to use  execvp()  with  any  arguments
              with root privileges.

              Possible values:
                     off
                            Disable this feature
                     thread
                            [Linux only, requires capabilities]

                            Creates a separate thread for privileged operations.

                            It's  highly recommended to enable --seccomp-filter in this case. But
                            that will forbid --threading.
                     process
                            More secure and portable way, but uses separate process and:
                                   - forbids fanotify (that is not implemented yet anyway);
                                   - more complex code (and higher probability of error).
                                   - slower due to copying data between private and shared memory
                                   pages.

                            Recommended.

              Is set to "off" by default.

       --check-execvp-arguments
              [Requires --splitting=[thread|process]]
              [Blocks --mode=direct]

              Enables  execvp()  arguments  recheck  in  the privileged process (in case of their
              substitution to any exploit-given arguments).

              This option doesn't utilize a lot of CPU resources but forbids run-time changing of
              sync-handler-arguments and hook file paths.

              This  option  cannot  be used in conjunction with --mode=direct due to an arbitrary
              number of arguments in this mode.

              Is not set by default.

       --add-permitted-hook-files [hook-path0,[hook-path1[,...]]]
              [Requires --check-execvp-arguments]

              Adds paths to the list of permitted hook paths to  bypass  --check-execvp-arguments
              checks.  It  may  be required if you're going to change the hooks in run-time using
              --custom-signals or --socket.

              Is not set by default.

       --seccomp-filter
              [Linux only]

              Use seccomp filter to forbid syscalls that shouldn't be used by clsync.

              Forbid all syscalls for non-privileged process/thread, but
                     futex inotify_init1 alert stat fstat lstat open  write  close  wait4  unlink
                     tgkill  clock_gettime  rt_sigreturn  brk  mmap munmap wait4 rmdir exit_group
                     select read rt_sigprocmask rt_sigaction nanosleep

              Is not set by default.

       --permit-mprotect
              [Requires --seccomp-filter]

              Permits mprotect(2) syscall.

              This syscall is required by pthread_create(3), so it's required for --threading.

              Makes --shm-mprotect to be useless.

              Also it enables ability to change memory of privileged thread from  non-privileged,
              so using of --splitting=thread with this option is useless, too.

              Is set to "0" by default if --splitting is set. Otherwise "1".

       --shm-mprotect
              [Requires --splitting=process]

              Forbid  writing or reading to/from shared memory when it shouldn't be.  mprotect(2)
              is used for the protection.

              This option is useless while --permit-mprotect is enabled.

       --chroot chroot-directory
              clsync chroot()-s [see chroot(2)] to directory chroot-directory before any  syncing
              processes.

              This  option  may  be used in conjunction with --uid, --gid or/and --pivot-root for
              security reasons.

              Remember! If you're chroot()-ing somewhere, the sync-handler will be limited by the
              chroot-environment,  too. If you're using rsync then you may want to "mount --bind"
              some directories to the chroot-directory.

              Is not set by default.

       --pivot-root pivot-root-way
              [Linux only, requires --chroot]

              Sets a way of using pivot_root(2) syscall to the chroot-directory (to umount(2) old
              rootfs).

              Possible values:
                     auto
                            Creates  a  directory  "/dev/shm/clsync-rootfs",  unshare(2)-ing  the
                            mount namespace, mount(2)-s the chroot-directory to the directory and
                            then  pivot_root(2)-ing,  chroot(2)-ing and umount(2)-ing old rootfs.
                            Directory "/dev/shm/clsync-rootfs"  won't  be  deleted  after  clsync
                            finish.
                     auto-ro
                            The  same  as  auto  but  mounts  the directory with read-only option
                            (MS_RDONLY).
                     direct
                            unshare(2)-ing the mount namespace, pivot_root(2)-ing,  chroot(2)-ing
                            and  umount(2)-ing old rootfs. Directory "old_root" should be created
                            in chroot-directory before running clsync in this mode.
                     off
                            Don't pivot_root(2).

              The default value  is  "off".  If  --chroot  is  used  then  recommended  value  is
              "auto-ro".

       --mountpoints [mountpoint[,mountpoint[,mountpoint]]]
              [Linux only]

              Umount (with MNT_DETACH) everything except listed mountpoints.

              Supposed to be used for security reasons as an alternative to --pivot-root option.

              Is not set by default.

       --detach-network detach-network-mode
              [Linux only]

              Removes network in clsync instance.

              Possible values:
                     everywhere
                            Removes network for all processes.
                     non-privileged
                            Removes    network    from    non-privileged    process   if   option
                            --process-splitting is enabled, otherwise doesn't do anything.
                     off
                            Don't do anything.

              The default value is "non-privileged".

       --detach-ipc
              [Linux only]

              Make an own IPC namespace.

              Is set by default.

       --detach-miscellanea
              [Linux only]

              unshare(2) on everything not listed above.

              Is not set by default.

       --forbid-devices
              [Linux only]

              Forbid any access to all devices except listed ones:
                     read access to:
                            /dev/console
                            /dev/zero
                            /dev/urandom
                            /dev/random
                     write access to:
                            /dev/console
                            /dev/null

              Is not set by default.

PERFORMANCE

       Recommendations to improve the performance:
              - Disable thread/process splitting.
              - Don't use clsync rules  (use  rules  on  sync-handler  side)  or/and  use  option
              "--full-initialsync"
              - Use option "-B0".
              - Use option "--cancel-syscalls=mon_stat".
              - Use option "-p safe" or "-p full".
              -  Disable  debugging  with  "-d0"  or better disable debugging support at all with
              "./configure" option "--enable-debug=no"
              - Don't use option "--exclude-mount-points"
              - Free memory for disk cache

       You shouldn't follow all this recommendation blindfold. You should use only the ideas that
       fixes performance problems in your specific use case. And only if it's necessary.

SYNC HANDLER MODES

       clsync  executes  sync-handler  that  supposed to take care of the actual syncing process.
       Therefore clsync is only a convenient way to run a syncing script.

       clsync can run sync-handler in seven ways. Which way will be  used  depends  on  specified
       mode (see --mode)

       sync-handler-arguments are used only in modes:
              simple
              direct
              shell
              rsyncdirect
              rsyncshell

       If sync-handler-arguments are not set then the default setting is used (see below).

       case simple
              Executes for every syncing file/dir:
                     sync-handler sync-handler-arguments

              Default sync-handler-arguments are:
                     sync %label% %EVENT-MASK% %INCLUDE-LIST%

              In this case, sync-handler is supposed to non-recursively sync file or directory by
              path %INCLUDE-LIST%.  With %EVENT-MASK% it's passed bitmask of events with the file
              or directory (see "/usr/include/linux/inotify.h").

              Additional substitutions:
                     %EVENT-MASK%
                            Is replaced by integer of events IDs.
                     %INCLUDE-LIST%
                            Is replaced by absolute path of a file/dir to be synced.

       case direct
              Executes for every sync:
                     sync-handler sync-handler-arguments

              Default sync-handler-arguments are:
                     %INCLUDE-LIST% %destination-dir%/

              Additional substitutions:
                     %INCLUDE-LIST%
                            Is replaced by a list of relative paths of files/dirs to be synced.

       case shell
              Executes for every sync (if recursivesync is not used instead):
                     sync-handler sync-handler-arguments

              Default sync-handler-arguments are:
                     synclist %label% %INCLUDE-LIST-PATH%

              Default  sync-handler-arguments  for  initial  sync if --have-recursive-sync is set
              are:
                     initialsync %label% %INCLUDE-LIST%

              In  this  case,  sync-handler  is  supposed  to  non-recursively  sync  files   and
              directories from list in a file by path %INCLUDE-LIST-PATH% on "synclist".

              Also  sync-handler  is  supposed  to  recursively  sync data from directory by path
              %INCLUDE-LIST-PATH% with manual excluding extra files on "initialsync".

              Additional substitutions:
                     %TYPE%
                            Is replaced by "sync"/"initialsync".
                     %INCLUDE-LIST-PATH%
                            Is replaced by the path of the include list file.
                     %INCLUDE-LIST%
                            Is replaced by a list of relative paths of files/dirs to be synced.

              Not recommended. Not well tested.

       case rsyncdirect
              Executes for every sync:
                     sync-handler sync-handler-arguments

              sync-handler is supposed to be a path to rsync binary.

              Default sync-handler-arguments are:
                     -aH    --delete    --exclude-from     %EXCLUDE-LIST-PATH%     --include-from
                     %INCLUDE-LIST-PATH% --exclude='*' %watch-dir%/ %destination-dir%/
              if option --rsync--prefer-include is not set and
                     -aH  --delete  --include-from %INCLUDE-LIST-PATH% --exclude='*' %watch-dir%/
                     %destination-dir%/
              if the option is set

              Error code "24" from sync-handler will be ignored in this case. We  also  recommend
              to ignore exitcode "23".

              Additional substitutions:
                     %INCLUDE-LIST-PATH%
                            Is replaced by the path of the include list file
                     %EXCLUDE-LIST-PATH%
                            Is replaced by the path of the exclude list file
                     %RSYNC-ARGS%
                            Is   replaced   by   default   sync-handler-arguments,   but  without
                            "%watch-dir%/ %destination-dir%/"

              Recommended case.

       case rsyncshell
              Executes for every sync:
                     sync-handler sync-handler-arguments

              Default sync-handler-arguments are:
                     rsynclist %label% %INCLUDE-LIST-PATH% [%EXCLUDE-LIST-PATH%]

              In this case, sync-handler is supposed to run "rsync" application with parameters:

              -aH --delete-before --include-from %INCLUDE-LIST-PATH% --exclude '*'

              if option --rsync-prefer-include is enabled.

              And with parameters:

              -aH    --delete-before    --exclude-from     %EXCLUDE-LIST-PATH%     --include-from
              %INCLUDE-LIST-PATH% --exclude '*'

              if option --rsync-prefer-include is disabled.

              Additional substitutions:
                     %INCLUDE-LIST-PATH%
                            Is replaced by the path of the rsync include list file
                     %EXCLUDE-LIST-PATH%
                            Is replaced by the path of the rsync exclude list file

              Recommended case.

       case rsyncso
              In  this  case  there's  no direct exec*() calling. In this case clsync loads sync-
              handler  as  a  shared   library   with   dlopen(3)   and   calls   function   "int
              clsyncapi_rsync(const char *inclist, const char *exclist)" from it for every sync.
              inclist  is  a  path to file with rules for "--include-from" option of rsync.  This
              argument is always not NULL.
              exclist is a path to file with rules for "--exclude-from" option  of  rsync.   This
              argument is NULL if --rsync-prefer-include is set.
              Excludes takes precedence over includes.

              Also  may  be defined functions "int clsyncapi_init(ctx_t *, indexes_t *)" and "int
              clsyncapi_deinit()" to initialize and deinitialize  the  syncing  process  by  this
              shared object.

              To fork the process should be used function "pid_t clsyncapi_fork(ctx_t *)" instead
              of "pid_t fork()" to make clsync be able to kill the child.

              See example file "clsync-synchandler-rsyncso.c".

              Recommended case.

       case so
              In this case there's no direct exec*() calling. In this  case  clsync  loads  sync-
              handler   as   a   shared   library   with   dlopen(3)   and  calls  function  "int
              clsyncapi_sync(int n, api_eventinfo_t *ei)" from it for every sync.  n is number of
              elements  of  ei.  ei is an array of structures with information about what and how
              to sync (see below).

              api_eventinfo_t is a structure:
                     struct api_eventinfo {
                             uint32_t         evmask;        // event  bitmask  for  file/dir  by
                     path path.
                             uint32_t          flags;         //  flags  of  "how  to  sync"  the
                     file/dir
                             size_t           path_len;      // strlen(path)
                             const char      *path;          // the path to file/dir need  to  be
                     synced
                             eventobjtype_t    objtype_old;   //  type  of  object  by  path path
                     before the event.
                             eventobjtype_t   objtype_new;   // type of object by path path after
                     the event.
                     };
                     typedef struct api_eventinfo api_eventinfo_t;

              The     event     bitmask     (evmask)     values     can     be    learned    from
              "/usr/include/linux/inotify.h".

              There may be next flags' values (flags):
                     enum eventinfo_flags {
                             EVIF_NONE        = 0x00000000,  // No modifier
                             EVIF_RECURSIVELY = 0x00000001   // sync the file/dir recursively
                     };
              Flag "EVIF_RECURSIVELY" may be used if option --have-recursive-sync is set.

              Is that a file or directory by path path can be  determined  with  objtype_old  and
              objtype_new.
              objtype_old reports about which type was the object by the path before the event.
              objtype_new reports about which type became the object by the path after the event.

              objtype_old and objtype_new have type eventobjtype_t.

                     enum eventobjtype {
                             EOT_UNKNOWN     = 0,  // Unknown
                             EOT_DOESNTEXIST  =  1,  // Doesn't exist (not created yet or already
                     deleted)
                             EOT_FILE        = 2,  // File
                             EOT_DIR         = 3,  // Directory
                     } typedef enum eventobjtype eventobjtype_t;

              Also may be defined functions "int clsyncapi_init(options_t *,  indexes_t  *)"  and
              "int clsyncapi_deinit()" to initialize and deinitialize the syncing process by this
              shared object.

              To fork the process should be used  function  "pid_t  clsyncapi_fork(options_t  *)"
              instead of "pid_t fork()" to make clsync be able to kill the child.

              See example file "clsync-synchandler-so.c".

              Recommended case.

ENVIRONMENT VARIABLES

       Recognized variables - variables used by clsync.

       Recognized variables
              HOME - user's HOME directory, clsync looks for configuration file here

              TMPDIR  -  use  this  directory  as  a  prefix to create clsync temporary directory
              inside, if unset /tmp will be used

       Output variables - variables that are set by clsync before calling sync-handler.

       Output variables
              CLSYNC_STATUS  -  clsync's  status  (see  possible  statuses  in   description   of
              --status-file)

              CLSYNC_ITERATION  -  count of done synchronizaton iterations after initial sync see
              --max-iterations option

RULES

       Filter rules can be used to set which events clsync should monitor  and  which  events  it
       should ignore.

       Caution!   This  rules  doesn't guarantee that filtered file/dir won't be synced. This can
       occur because file or directory can appear in the moment of sync-handler running (or after
       it  but  before the sync-handler will reach the directory), so it'll be too late to add an
       exclusion. If you need a guarantee of file syncing preventing you can use internal  filter
       rules   of   the  sync-handler  program  (for  example,  rsync  has  options  "--exclude",
       "--exclude-from" and "--filter") or use disable  any  "recursive"  syncs  in  clsync  (and
       remove "-av" option of rsync if it's used). To disable recursive syncs you can use:
              simple
                     Already non-recursive
              direct
                     Already non-recursive
              shell
                     Don't enable option --have-recursive-sync.
              rsyncdirect
                     Use  option --rsync-prefer-include and set sync-handler-arguments to -lptgoD
                     --delete  --include-from  %INCLUDE-LIST-PATH%   --exclude='*'   %watch-dir%/
                     %destination-dir%/
              rsyncshell
                     Use option --rsync-prefer-include.
              rsyncso
                     Use option --rsync-prefer-include.
              so
                     Don't enable option --have-recursive-sync.

       Filter rules can be placed into rules-file with one rule per line.

       Rule format: [+-][fdWwms*]regexp

              + - means include;
              - - means exclude;
              f - means file;
              d - means directory (the same as an combination of "w" + "m" + "s");
              w - means walking to directory;
              m - means monitor events in the directory;
              s - means sync the the directory if modified;
              W - means walk + monitor the directory (the same as an combination of "w" + "m");
              * - means all.

       For example: -*^/[Tt]est

       It's  not  recommended  to use w rules in modes "rsyncdirect", "rsyncshell" and "rsyncso".
       rsync(1) allows one to  set  syncing  and  walking  only  together  in  "--include"  rules
       ("--files-from"  is not appropriate due to problem with syncing files deletions). So there
       may be problems with clsync's w rules in this cases.

       More examples:

       Syncing pwdb files and sshd_config (non-rsync case):
                   # which files to sync:
                   +f^passwd$
                   +f^group$
                   +f^shadow$
                   +f^ssh/sshd_config$

                   # walk and monitor next directories:
                   +W^$
                   +W^ssh$

                   # forbid the rest:
                   -*

       Syncing pwdb files and sshd_config (rsync case):
                   +f^passwd$
                   +f^group$
                   +f^shadow$
                   +f^ssh/sshd_config$
                   +d^$
                   +d^ssh$
                   -*

       Syncing /srv/lxc tree (rsync case):
                   -d/sess(ion)?s?$
                   -f/tmp/
                   +*

SIGNALS

       1  - (HUP) rereads filter rules

       2  - (INT) exits without waiting of syncing processes ("hard kill", kills children)

       3  - (QUIT) waits  for  current  syncing  processes  and  exit  ("soft  kill",  waits  for
       children). See also --sync-on-quit.

       10 - runs threads' GC function

       12 - runs full resync

       15 - (TERM) exits without waiting of syncing processes ("hard kill", kills children)

       16 - interrupts sleep()/select() and wait() [for debugging and internal uses]

       29 - dump information to dump-dir [for debugging]

       If you need to kill clsync but leave children then you can use 9-th (KILL) signal.

DIAGNOSTICS

       clsync misses events:
              Try to run command: sysctl fs.inotify.max_queued_events=1048576

       Initial rsync process works very slow on clsync start
              Probably  there's  too  huge  exclude list is passed to rsync. This can happened if
              you're excluding with regex in clsync's rules a lot of thousands files.  They  will
              be passed to rsync's exclude list one by one.

              To  diagnose  it, you can use "-U" option and look into rsync-exclude-listpath file
              (see SYNC HANDLER case d)

              To prevent this, it's recommended to write such rules for rsync directly  (not  via
              clsync).

              For  example, often problem is with PHP's session files. You shouldn't exclude them
              in clsync's rules with "-f/sess_.*", but you should exclude it  in  rsync  directly
              (e.g with «--exclude "sess_*"»).

       The following diagnostics may be issued on stderr:

       Error: Cannot inotify_add_watch() on [...]: No space left on device (errno: 28)
              Not  enough  inotify watching descriptors is allowed. It can be fixed by increasing
              value of "sysctl fs.inotify.max_user_watches"

       Error: Got non-zero exitcode exitcode [...]
              sync-handler returned non-zero exitcode. Probably, you should process exitcodes  in
              it  or  your syncer process didn't worked well. I case of using rsync, you can find
              the exitcodes meanings in man 1 rsync.

              If exitcode equals to 23 and you're using clsync in conjunction  with  rsync,  this
              may happen, for example, in the following cases:

                     - Not enough space on destination.

                     - You're running clsync with --threading=full and rsync with --backup.  See
                     a bugreport ⟨https://bugzilla.samba.org/show_bug.cgi?id=10081⟩.

              To confirm the problem, you can try to  add  "return  0"  or  "exit  0"  into  your
              sync-handler.

       Bad system call
              If  --use-seccomp  option  is enabled then the error is probably caused by using of
              forbidden syscall. It's a clsync bug or hack attack attempt.

       To get support see SUPPORT.

CONFIGURATION FILE

       clsync supports configuration file.

       By default clsync tries to read next files (in specified order):
              ~/.clsync.conf
              /etc/clsync/clsync.conf

       This may be overridden with option --config-file.

       clsync reads only one configuration file. In other words, if option --config-file  is  not
       set  and  file  ~/.clsync.conf  is  accessible  and  parsable, clsync will not try to open
       /etc/clsync/clsync.conf.  Command line options have precedence over config file options.

       Configuration file is parsed with glib's g_key_file_* API. That means, that config  should
       consits from groups (blocks) of key-value lines as in the example:
              [default]
              background = 1
              mode = rsyncshell
              debug = 0
              output = syslog
              label = default
              pid-file = /var/run/clsync-%label%.pid

              [debug]
              config-block-inherits = default
              debug = 5
              background = 0
              output = stderr

              [test]
              mode=rsyncdirect
              debug=3

       Also  glib's gkf API doesn't support multiple assignments. If you need to list some values
       (e.g.   exitcodes)   just   list   them   with   commas   in   single   assignment   (e.g.
       "ignore-exitcode=23,24").

       In  this  example  there're  3  blocks are set - "default", "debug" and "test".  And block
       "debug" inherited setup of  block  "default"  except  options  "debug",  "background"  and
       "output".

       By  default  clsync  uses  block  with  name  "default".  Block  name can be set by option
       --config-block.

CLUSTERING

       Not implemented yet.  Don't try to use cluster functionality.

       Not described yet.

EXAMPLES

       Mirroring a directory:
              clsync -Mrsyncdirect -W/path/to/source_dir -D/path/to/destination_dir

       Syncing 'authorized_keys' files:
              mkdir -p /etc/clsync/rules
              printf   "+w^$\n+w^[^/]+$\n+W^[^/]+/.ssh$\n+f^[^/]+/.ssh/authorized_keys$\n-*"    >
              /etc/clsync/rules/authorized_files_only
              clsync          -Mdirect          -Scp          -W/mnt/master/home/         -D/home
              -R/etc/clsync/rules/authorized_files_only   --   -Pfp   --parents    %INCLUDE-LIST%
              %destination-dir%

       Mirroring a directory, but faster:
              clsync -w5 -t5 -T5 -Mrsyncdirect -W/path/to/source_dir -D/path/to/destination_dir

       Instant mirroring of a directory:
              clsync -w0 -t0 -T0 -Mrsyncdirect -W/path/to/source_dir -D/path/to/destination_dir

       Making two directories synchronous:
              clsync   -Mrsyncdirect   --background   -z   /var/run/clsync0.pid  --output  syslog
              -Mrsyncdirect -W/path/to/dir1 -D/path/to/dir2 --modification-signature '*'
              clsync  -Mrsyncdirect  --background   -z   /var/run/clsync1.pid   --output   syslog
              -Mrsyncdirect -W/path/to/dir2 -D/path/to/dir1 --modification-signature '*'

       Fixing privileges of a web-site:
              clsync  -w3  -t3  -T3 -x1 -W/var/www/site.example.org/root -Mdirect -Schown --uid 0
              --gid   0   -Ysyslog   -b1   --modification-signature   uid,gid   --    --from=root
              www-data:www-data %INCLUDE-LIST%

       'Atomic' sync:
              clsync  --exit-on-no-events  --max-iterations=20  --mode=rsyncdirect -W/var/www_new
              -Srsync -- %RSYNC-ARGS% /var/www_new/ /var/www/

       Moving a web-server:
              clsync --exit-on-no-events  --max-iterations=20  --pre-exit-hook=/root/stop-here.sh
              --exit-hook=/root/start-there.sh     --mode=rsyncdirect     --ignore-exitcode=23,24
              --retries=3 -W /var/www -S rsync -- %RSYNC-ARGS% /var/www/  rsync://clsync@another-
              host/var/www/

       Copying files to slave-nodes using pdcp(1):
              clsync  -Msimple  -S  pdcp  -W  /opt/global  -b  -Y  syslog  --  -a  %INCLUDE-LIST%
              %INCLUDE-LIST%

       Copying files to slave-nodes using uftp(1):
              clsync  -Mdirect  -S  uftp  -W/opt/global  --background=1  --output=syslog  --   -M
              248.225.233.1 %INCLUDE-LIST%

       A dry running to see rsync(1) arguments that clsync will use:
              clsync -Mrsyncdirect -S echo -W/path/to/source_dir -D/path/to/destination_dir

       An another dry running to look how clsync will call pdcp(1):
              clsync -Msimple -S echo -W /opt/global -b0 -- pdcp -a %INCLUDE-LIST% %INCLUDE-LIST%

       Automatically run 'make build' if any '*.c' file changed
              printf  "%s\n"  "+f.c$"  "-f"  |  clsync  --have-recursive-sync  -W . -R /dev/stdin
              -Mdirect -r1 --ignore-failures -t1 -w1 -Smake -- build

       More working examples you can try out in "/usr/share/doc/clsync/examples/" directory. Copy
       this  directory  somewhere  (e.g.  into "/tmp"). And try to run "clsync-start-rsync.sh" in
       there.  Any  files/directories  modifications  in  "testdir/from"  will   be   synced   to
       "testdir/to" in a few seconds.

AUTHOR

       Dmitry Yu Okunev <dyokunev@ut.mephi.ru> 0x8E30679C

SUPPORT

       You  can  get  support  on official IRC-channel in Freenode "#clsync" or on github's issue
       tracking system of the clsync repository ⟨https://github.com/clsync/clsync⟩.

       Don't be afraid to ask about clsync configuration, ;).

SEE ALSO

       rsync(1), pthreads(7), inotify(7) kqueue(2)