Fix serious bug with "use chroot = no" option which caused "uid =" and "gid ="

to be ignored.  At the same time, change the "uid =" and "gid =" options to
be ignored when not running the daemon as super-user, to make it more
convenient for those people and to make it portable to systems such as
cygwin which don't support the uid/gid notions.

clientserver.c

@@ -167,24 +167,28 @@ static int rsync_module(int fd, int i)
 	if (lp_read_only(i))
 		read_only = 1;
 
-	p = lp_uid(i);
-	if (!name_to_uid(p, &uid)) {
-		if (!isdigit(*p)) {
-			rprintf(FERROR,"Invalid uid %s\n", p);
-			io_printf(fd,"@ERROR: invalid uid\n");
-			return -1;
-		} 
-		uid = atoi(p);
-	}
+	am_root = (getuid() == 0);
 
-	p = lp_gid(i);
-	if (!name_to_gid(p, &gid)) {
-		if (!isdigit(*p)) {
-			rprintf(FERROR,"Invalid gid %s\n", p);
-			io_printf(fd,"@ERROR: invalid gid\n");
-			return -1;
-		} 
-		gid = atoi(p);
+	if (am_root) {
+		p = lp_uid(i);
+		if (!name_to_uid(p, &uid)) {
+			if (!isdigit(*p)) {
+				rprintf(FERROR,"Invalid uid %s\n", p);
+				io_printf(fd,"@ERROR: invalid uid\n");
+				return -1;
+			} 
+			uid = atoi(p);
+		}
+
+		p = lp_gid(i);
+		if (!name_to_gid(p, &gid)) {
+			if (!isdigit(*p)) {
+				rprintf(FERROR,"Invalid gid %s\n", p);
+				io_printf(fd,"@ERROR: invalid gid\n");
+				return -1;
+			} 
+			gid = atoi(p);
+		}
 	}
 
 	p = lp_include_from(i);
@@ -214,28 +218,30 @@ static int rsync_module(int fd, int i)
 			return -1;
 		}
 
-		if (setgid(gid) || getgid() != gid) {
+	} else {
+		if (!push_dir(lp_path(i), 0)) {
+			rprintf(FERROR,"chdir %s failed\n", lp_path(i));
+			io_printf(fd,"@ERROR: chdir failed\n");
+			return -1;
+		}
+	}
+
+	if (am_root) {
+		if (setgid(gid)) {
 			rprintf(FERROR,"setgid %d failed\n", gid);
 			io_printf(fd,"@ERROR: setgid failed\n");
 			return -1;
 		}
 
-		if (setuid(uid) || getuid() != uid) {
+		if (setuid(uid)) {
 			rprintf(FERROR,"setuid %d failed\n", uid);
 			io_printf(fd,"@ERROR: setuid failed\n");
 			return -1;
 		}
 
-	} else {
-		if (!push_dir(lp_path(i), 0)) {
-			rprintf(FERROR,"chdir %s failed\n", lp_path(i));
-			io_printf(fd,"@ERROR: chdir failed\n");
-			return -1;
-		}
+		am_root = (getuid() == 0);
 	}
 
-	am_root = (getuid() == 0);
-
 	io_printf(fd,"@RSYNCD: OK\n");
 
 	argv[argc++] = "rsyncd";

rsyncd.conf.yo

 mailto(rsync-bugs@samba.org)
-manpage(rsyncd.conf)(5)(20 Jan 1999)()()
+manpage(rsyncd.conf)(5)(21 Jan 1999)()()
 manpagename(rsyncd.conf)(configuration file for rsync server)
 manpagesynopsis()
 
@@ -153,13 +153,14 @@ setting this to false you can create hidden modules. The default is
 for modules to be listable.
 
 dit(bf(uid)) The "uid" option specifies the user name or user id that
-file transfers to and from that module should take place as. In
-combination with the "gid" option this determines what file
-permissions are available. The default is the user "nobody".
+file transfers to and from that module should take place as when the daemon
+was run as root. In combination with the "gid" option this determines what
+file permissions are available. The default is the user "nobody".
 
 dit(bf(gid)) The "gid" option specifies the group name or group id that
-file transfers to and from that module should take place as. This
-complements the "uid" option. The default is the group "nobody".
+file transfers to and from that module should take place as when the daemon
+was run as root. This complements the "uid" option. The default is the
+group "nobody".
 
 dit(bf(exclude)) The "exclude" option allows you to specify a space
 separated list of patterns to add to the exclude list. This is