rsync 3.1.3 performance regression
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rsync (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Lena Voytek |
Bug Description
[Impact]
Recent necessary security fixes to rsync have caused a slow down in transfer speeds due to additional authentication. In more recent versions of rsync this can be mitigated when the environment is trusted with the --trust-sender flag.
In order to accomidate this use case, the flag should be backported to focal too.
[Test Plan]
$ lxc launch ubuntu:focal test-rsync-receiver
$ lxc exec test-rsync-receiver bash
# apt update && apt dist-upgrade -y
# apt install openssh-server rsync -y
# passwd ubuntu
- set password for user
# exit
- Check ip of receiver with lxc list
$ lxc list
$ lxc launch ubuntu:focal test-rsync-sender
$ lxc exec test-rsync-sender bash
# apt update && apt dist-upgrade -y
# apt install rsync -y
- Create a random file to send over
# dd if=/dev/urandom of=randomfile.bin bs=1M count=1000
- Send without --trust-sender
# rsync -av randomfile.bin ubuntu@<receiver ip>:~/file1.bin
- Send with --trust-sender
# rsync -av --trust-sender randomfile.bin ubuntu@<receiver ip>:~/file2.bin
With the fix in place, --trust-sender is a valid argument and the transfer is notably faster as reported back by rsync.
[Where problems could occur]
Since this change adds a new feature in the form of an input flag, problems could occour when using it. This could include issues from skipping security checks between the sending and receiving machine. Another possible problem would be issues with command line input parsing due to the additional valid argument.
[Other Info]
The --trust-sender option is already available in Jammy and later
[Original Description]
OS: Ubuntu 20.04 Focal
Package: rsync 3.1.3-8ubuntu0.5
rsync's performance was regressed by ~7x amount after some security patch (debian/
A Jammy version of the package (3.2.5) introduced a new flag "--trust-sender" that allowed user to avoid the expensive client-side filtering introduced by those security patches. After pulling this change (https:/
The patch we used to backport our Focal rsync is attached in this thread. Can you please backport it too?
Related branches
- git-ubuntu bot: Approve
- Andreas Hasenack (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 121 lines (+99/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/add-trust-sender-option-docs.patch (+91/-0)
debian/patches/series (+1/-0)
- git-ubuntu bot: Approve
- Bryce Harrington (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 167 lines (+145/-0)3 files modifieddebian/changelog (+15/-0)
debian/patches/add-trust-sender-option.patch (+129/-0)
debian/patches/series (+1/-0)
Changed in rsync (Ubuntu): | |
status: | Fix Released → Confirmed |
status: | Confirmed → Fix Released |
description: | updated |
The attachment "add-trusted- sender- arg.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]