3 Things to do for rsync -- we use this at the moment instead of a bug
4 database, and patches that are promising but not yet clearly correct
7 Things in this file seem like more or less like good ideas and they'll
8 probably be implemented eventually. Things in ./rsync3.txt are
9 pie-in-the-sky ideas that possibly require a whole new program.
12 BUGS ---------------------------------------------------------------
14 "hosts allow" with unresolvable addresses?
16 It's possible that the getaddrinfo() patch has broken this.
19 There seems to be a bug with hardlinks
21 mbp/2 build$ ls -l /tmp/a /tmp/b -i
24 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
25 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
26 2568307 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
27 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
28 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
29 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
30 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
31 2568310 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
35 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
36 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
37 2568309 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
38 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
39 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
40 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
41 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
42 2568311 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
43 mbp/2 build$ rm -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
44 building file list ... done
45 created directory /tmp/b
51 wrote 350 bytes read 52 bytes 804.00 bytes/sec
52 total size is 232 speedup is 0.58
53 mbp/2 build$ rm -r /tmp/b
54 mbp/2 build$ ls -l /tmp/b
55 ls: /tmp/b: No such file or directory
56 mbp/2 build$ rm -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
57 rm: cannot remove `/tmp/b': No such file or directory
58 mbp/2 build$ rm -f -r /tmp/b && ./rsync -avH /tmp/a/ /tmp/b
59 building file list ... done
60 created directory /tmp/b
66 wrote 350 bytes read 52 bytes 804.00 bytes/sec
67 total size is 232 speedup is 0.58
68 mbp/2 build$ ls -l /tmp/b
70 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
71 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
72 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
73 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
74 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
75 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
76 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
77 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
78 mbp/2 build$ ls -l /tmp/a
80 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a1
81 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a2
82 -rw-rw-r-- 3 mbp mbp 29 Mar 25 17:30 a3
83 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a4
84 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 a5
85 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b1
86 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b2
87 -rw-rw-r-- 5 mbp mbp 29 Mar 25 17:30 b3
90 IMPORTANT ------------------------------------------------------------
95 If the platform doesn't support it, then don't even try.
97 If running as non-root, then don't fail, just give a warning.
98 (There was a thread about this a while ago?)
100 http://lists.samba.org/pipermail/rsync/2001-August/thread.html
101 http://lists.samba.org/pipermail/rsync/2001-September/thread.html
105 Avoids traversal. Better option than a pile of --include statements
106 for people who want to generate the file list using a find(1)
109 File list structure in memory
111 Rather than one big array, perhaps have a tree in memory mirroring
114 This might make sorting much faster! (I'm not sure it's a big CPU
117 It might also reduce memory use in storing repeated directory names
118 -- again I'm not sure this is a problem.
122 Traverse just one directory at a time. Tridge says it's possible.
124 At the moment rsync reads the whole file list into memory at the
125 start, which makes us use a lot of memory and also not pipeline
126 network access as much as we could.
129 Handling duplicate names
131 We need to be careful of duplicate names getting into the file list.
132 See clean_flist(). This could happen if multiple arguments include
135 I think duplicates are only a problem if they're both flowing
136 through the pipeline at the same time. For example we might have
137 updated the first occurrence after reading the checksums for the
138 second. So possibly we just need to make sure that we don't have
139 both in the pipeline at the same time.
141 Possibly if we did one directory at a time that would be sufficient.
143 Alternatively we could pre-process the arguments to make sure no
144 duplicates will ever be inserted. There could be some bad cases
145 when we're collapsing symlinks.
147 We could have a hash table.
149 The root of the problem is that we do not want more than one file
150 list entry referring to the same file. At first glance there are
151 several ways this could happen: symlinks, hardlinks, and repeated
152 names on the command line.
154 If names are repeated on the command line, they may be present in
155 different forms, perhaps by traversing directory paths in different
156 ways, traversing paths including symlinks. Also we need to allow
157 for expansion of globs by rsync.
159 At the moment, clean_flist() requires having the entire file list in
160 memory. Duplicate names are detected just by a string comparison.
162 We don't need to worry about hard links causing duplicates because
163 files are never updated in place. Similarly for symlinks.
165 I think even if we're using a different symlink mode we don't need
168 Unless we're really clever this will introduce a protocol
169 incompatibility, so we need to be able to accept the old format as
175 At exit, show how much memory was used for the file list, etc.
177 Also we do a wierd exponential-growth allocation in flist.c. I'm
178 not sure this makes sense with modern mallocs. At any rate it will
179 make us allocate a huge amount of memory for large file lists.
184 At the moment hardlink handling is very expensive, so it's off by
185 default. It does not need to be so.
187 Since most of the solutions are rather intertwined with the file
188 list it is probably better to fix that first, although fixing
189 hardlinks is possibly simpler.
191 We can rule out hardlinked directories since they will probably
192 screw us up in all kinds of ways. They simply should not be used.
194 At the moment rsync only cares about hardlinks to regular files. I
195 guess you could also use them for sockets, devices and other beasts,
196 but I have not seen them.
198 When trying to reproduce hard links, we only need to worry about
199 files that have more than one name (nlinks>1 && !S_ISDIR).
201 The basic point of this is to discover alternate names that refer to
202 the same file. All operations, including creating the file and
203 writing modifications to it need only to be done for the first name.
204 For all later names, we just create the link and then leave it
207 If hard links are to be preserved:
209 Before the generator/receiver fork, the list of files is received
210 from the sender (recv_file_list), and a table for detecting hard
213 The generator looks for hard links within the file list and does
214 not send checksums for them, though it does send other metadata.
216 The sender sends the device number and inode with file entries, so
217 that files are uniquely identified.
219 The receiver goes through and creates hard links (do_hard_links)
220 after all data has been written, but before directory permissions
223 At the moment device and inum are sent as 4-byte integers, which
224 will probably cause problems on large filesystems. On Linux the
225 kernel uses 64-bit ino_t's internally, and people will soon have
226 filesystems big enough to use them. We ought to follow NFS4 in
227 using 64-bit device and inode identification, perhaps with a
228 protocol version bump.
230 Once we've seen all the names for a particular file, we no longer
231 need to think about it and we can deallocate the memory.
233 We can also have the case where there are links to a file that are
234 not in the tree being transferred. There's nothing we can do about
235 that. Because we rename the destination into place after writing,
236 any hardlinks to the old file are always going to be orphaned. In
237 fact that is almost necessary because otherwise we'd get really
238 confused if we were generating checksums for one name of a file and
241 At the moment the code seems to make a whole second copy of the file
242 list, which seems unnecessary.
244 We should have a test case that exercises hard links. Since it
245 might be hard to compare ./tls output where the inodes change we
246 might need a little program to check whether several names refer to
251 Implement suggestions from http://www.kame.net/newsletter/19980604/
252 and ftp://ftp.iij.ad.jp/pub/RFC/rfc2553.txt
254 If a host has multiple addresses, then listen try to connect to all
255 in order until we get through. (getaddrinfo may return multiple
256 addresses.) This is kind of implemented already.
258 Possibly also when starting as a server we may need to listen on
259 multiple passive addresses. This might be a bit harder, because we
260 may need to select on all of them. Hm.
262 Define a syntax for IPv6 literal addresses. Since they include
263 colons, they tend to break most naming systems, including ours.
264 Based on the HTTP IPv6 syntax, I think we should use
266 rsync://[::1]/foo/bar
269 which should just take a small change to the parser code.
274 If we hang or get SIGINT, then explain where we were up to. Perhaps
275 have a static buffer that contains the current function name, or
276 some kind of description of what we were trying to do. This is a
277 little easier on people than needing to run strace/truss.
279 "The dungeon collapses! You are killed." Rather than "unexpected
280 eof" give a message that is more detailed if possible and also more
283 If we get an error writing to a socket, then we should perhaps
284 continue trying to read to see if an error message comes across
285 explaining why the socket is closed. I'm not sure if this would
286 work, but it would certainly make our messages more helpful.
288 What happens if a directory is missing -x attributes. Do we lose
289 our load? (Debian #28416) Probably fixed now, but a test case
295 Device major/minor numbers should be at least 32 bits each. See
296 http://lists.samba.org/pipermail/rsync/2001-November/005357.html
298 Transfer ACLs. Need to think of a standard representation.
299 Probably better not to even try to convert between NT and POSIX.
300 Possibly can share some code with Samba.
304 With the current common --include '*/' --exclude '*' pattern, people
305 can end up with many empty directories. We might avoid this by
306 lazily creating such directories.
311 Perhaps don't use our own zlib.
315 - will automatically be up to date with bugfixes in zlib
317 - can leave it out for small rsync on e.g. recovery disks
319 - can use a shared library
321 - avoids people breaking rsync by trying to do this themselves and
324 Should we ship zlib for systems that don't have it, or require
325 people to install it separately?
327 Apparently this will make us incompatible with versions of rsync
328 that use the patched version of rsync. Probably the simplest way to
329 do this is to just disable gzip (with a warning) when talking to old
335 Perhaps flush stdout after each filename, so that people trying to
336 monitor progress in a log file can do so more easily. See
337 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48108
339 At the connections that just get a list of modules are not logged,
342 If a child of the rsync daemon dies with a signal, we should notice
343 that when we reap it and log a message.
345 Keep stderr and stdout properly separated (Debian #23626)
347 Use a separate function for reporting errors; prefix it with
348 "rsync:" or "rsync(remote)", or perhaps even "rsync(local
354 There are already some patches to do this.
358 Allow RSYNC_PROXY to be http://user:pass@proxy.foo:3128/, and do
359 HTTP Basic Proxy-Authentication.
361 Multiple schemes are possible, up to and including the insanity that
362 is NTLM, but Basic probably covers most cases.
366 Add --with-socks, and then perhaps a command-line option to put them
367 on or off. This might be more reliable than LD_PRELOAD hacks.
371 <Rasmus> mbp: hey, how about an rsync option that just gives you the
372 summary without the list of files? And perhaps gives more
373 information like the number of new files, number of changed,
375 <mbp> Rasmus: nice idea
376 <mbp> there is --stats
377 <mbp> but at the moment it's very tridge-oriented
378 <mbp> rather than user-friendly
379 <mbp> it would be nice to improve it
380 <mbp> that would also work well with --dryrun
383 Show statistics even if interrupted:
385 If somebody gets sick of rsync thrashing and hits C-c, it would be
386 good to show them where all the memory had got to. This probably
387 means we need an orderly shutdown on interrupt.
392 Rather than storing the file list in memory, store it in a TDB.
394 This *might* make memory usage lower while building the file list.
396 Hashtable lookup will mean files are not transmitted in order,
399 This would neatly eliminate one of the major post-fork shared data
405 On 12 Mar 2002, Dave Dykstra <dwd@bell-labs.com> wrote:
406 > If we would add an option to do that functionality, I would vote for one
407 > that was more general which could mask off any set of permission bits and
408 > possibly add any set of bits. Perhaps a chmod-like syntax if it could be
409 > implemented simply.
411 I think that would be good too. For example, people uploading files
412 to a web server might like to say
414 rsync -avzP --chmod a+rX ./ sourcefrog.net:/home/www/sourcefrog/
416 Ideally the patch would implement as many of the gnu chmod semantics
417 as possible. I think the mode parser should be a separate function
418 that passes back something like (mask,set) description to the rest of
419 the program. For bonus points there would be a test case for the
427 Allow people to specify the diff command. (Might want to use wdiff,
430 Just diff the temporary file with the destination file, and delete
431 the tmp file rather than moving it into place.
433 Interaction with --partial.
435 Security interactions with daemon mode?
437 (Suggestion from david.e.sewell)
440 Incorrect timestamps (Debian #100295)
442 A bit hard to believe, but apparently it happens.
445 Check "refuse options works"
447 We need a test case for this...
449 Was this broken when we changed to popt?
454 Test whether this is actually faster than just using malloc(). If
455 it's not (anymore), throw it out.
459 PLATFORMS ------------------------------------------------------------
463 Don't detach, because this messes up --srvany.
465 http://sources.redhat.com/ml/cygwin/2001-08/msg00234.html
467 According to "Effective TCP/IP Programming" (??) close() on a socket
468 has incorrect behaviour on Windows -- it sends a RST packet to the
469 other side, which gives a "connection reset by peer" error. On that
470 platform we should probably do shutdown() instead. However, on Unix
471 we are correct to call close(), because shutdown() discards
474 DEVELOPMENT ----------------------------------------------------------
478 Build rsync with SPLINT to try to find security holes. Add
479 annotations as necessary. Keep track of the number of warnings
480 found initially, and see how many of them are real bugs, or real
481 security bugs. Knowing the percentage of likely hits would be
482 really interesting for other projects.
486 Something that just keeps running rsync continuously over a data set
487 likely to generate problems.
491 Run current rsync versions against significant past releases.
495 jra recommends Valgrind:
497 http://devel-home.kde.org/~sewardj/
499 TESTING --------------------------------------------------------------
503 Part of the regression suite should be making sure that we don't
504 break backwards compatibility: old clients vs new servers and so
505 on. Ideally we would test the cross product of versions.
507 It might be sufficient to test downloads from well-known public
508 rsync servers running different versions of rsync. This will give
509 some testing and also be the most common case for having different
510 versions and not being able to upgrade.
514 Sparse and non-sparse
518 Insert bytes, delete bytes, swap blocks, ...
520 configure option to enable dangerous tests
522 If tests are skipped, say why.
524 Test daemon feature to disallow particular options.
526 Pipe program that makes slow/jerky connections.
528 Versions of read() and write() that corrupt the stream, or abruptly fail
530 Separate makefile target to run rough tests -- or perhaps just run
534 DOCUMENTATION --------------------------------------------------------
538 Keep list of open issues and todos on the web site
540 Update web site from CVS
542 BUILD FARM -----------------------------------------------------------
546 AMDAHL UTS (Dave Dykstra)
548 Cygwin (on different versions of Win32?)
550 HP-UX variants (via HP?)
554 NICE -----------------------------------------------------------------
556 --no-detach and --no-fork options
558 Very useful for debugging. Also good when running under a
559 daemon-monitoring process that tries to restart the service when the
562 hang/timeout friendliness
566 Indicate whether files are new, updated, or deleted
568 At end of transfer, show how many files were or were not transferred
573 Change to using gettext(). Probably need to ship this for platforms
576 Solicit translations.
582 Write a small emulation of interactive ftp as a Pythonn program
583 that calls rsync. Commands such as "cd", "ls", "ls *.c" etc map
584 fairly directly into rsync commands: it just needs to remember the
585 current host, directory and so on. We can probably even do
586 completion of remote filenames.