# emerge rsync - other way to do it not using rsync?

## Auka

Hi all,

First of all I am a big fan of gentoo linux. But I just encountered a problem while trying to do an installation of gentoo on a machine at work: The problem is that I cant rsync outside, so I am already stuck at the installation process as soon as I should do the first "emerge rsync".

To sum it up in one sentence: rsync is a no-go, because it is blocked by the firewall.

This means:

1.) "normal" rsync --> blocked

2.) rsync through RSYNC_PROXY env variable --> blocked as not even our (internal) proxy in the DMZ is allowed rsync.

For both I am getting an HTTP not allowed from the proxy followed by:

rsync error: error in socket IO (code 10) at clientserver.c(<some code line I dont remember>)

and when I'm looking at the proxy logs, I also do see that it is beeing rejected.

What I thought of was

a) downloading the tree on another gentoo machine (at home) and copying the directory on to the machine at work. Which really is only my last hope, if everything else should fail.   :Confused: 

b) maybe some kind of ssh tunnelling...?

The question is: isn't there any other way getting the portage tree without rsync!?

 I would say that IMHO just beeing able to use rsync would be quite a limitation for gentoo installations. (While I do admit that probably you are often able to use rsync through (from) the proxy, it is also common that your network setup is security-aware and a tight firewall ruleset is beeing used...)   :Sad: 

Am I right, supposing that, (given regular regular portage tree updates granted) once I have a portage tree, I only need some kind of download manager, as specified in the FETCHCMD variable (wget) to emerge packets? Or is rsync required even for emerging packets? 

Anything I missed? Comments, pointers, hints?  :Smile: 

Thanx a lot in advance...

----------

## kirill

Hi!

If rsync doesn't work for you, no worry! Read the Gentoo FAQ, there are instructions what to do if rsync doesn't work.

After you got the latest portage tree installed, you can emerge gentoolkit and run emerge-webrsync which automatically downloads the latest portage snapshot and installs it.

and no, rsync isn't required for emerging new packages...

life can't be easier  :Wink: 

----------

## Auka

aahh, ok, must have missed that - RTFM  :Wink: 

That seems to be exactly what I've been searching for, webrsync also sounds good...    :Very Happy: 

thanks a lot...!

----------

## jdn

Hi

Just got my gentoo login 1 min ago :-)

at my work they are running squid as proxy and I had the same problem

http://www.sai.msu.su/~er/rsync_proxy.html

says how to open for rsync through a squid proxy:

Squid configuration for rsync proxy

To allow RSYNC proxy via Squid, edit squid.conf file:

   1. add 873 to acl SSL_ports port list

   2. add 873 to acl Safe_ports port list

   3. if you want proxy without password, add host at which rsync is running to acl allowed_hosts list 

An example:

acl SSL_ports port 443 563 873  # 873 - for rsync

acl Safe_ports port 873         # for rsync

acl allowed_hosts src 195.208.220.197/255.255.255.255 # trusted host

regards

Jens / Denmark

----------

## Auka

Hi,

thank you for providing the squid config! While I have already seen, by a dooing google search, that it seems to be possible to reconfigure squid, it is nice to have this sum-up (since the proxy indeed is a squid). 

The problem for me is only that our proxy (at least this proxy, which only forwards http to a parent proxy dooing antivir content scanning) is not allowed by the firewall to talk rsync outgoing (only http, https, and ftp). So reconfiguring it alone unfortunately won't help me and I don't want to change firewall rulesets etc. as this could tend to be at bit too bureocratic (raising questions "why" and "what for"...)

So I am probably gooing to download the portage tree through http as stated in the FAQ. Nevertheless good to know, maybe I will try it out.

Well, security - I love it as long as I am admin/root.  :Wink: 

----------

## kirill

 *jdn wrote:*   

> Squid configuration for rsync proxy
> 
> To allow RSYNC proxy via Squid, edit squid.conf file:
> 
>    1. add 873 to acl SSL_ports port list
> ...

 

Wow you need to have rsync in SSL_ports too! darn.

I added '873' to Safe_ports a while a go but I still kept getting bad response from proxy - HTTP/1.0 403 Forbidden. but SSL_ports fixes it!

thanks for the info  :Laughing: 

----------

## jconover

Thank you kirill!

Recently my work turned off RSYNC traffic and I found your solution>>>>>

you can emerge gentoolkit and run emerge-webrsync which automatically downloads the latest portage snapshot and installs it. 

Hope they didn't shut it down because of me and gentoo!   :Embarassed: 

Thanks again!   :Razz: 

----------

