| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aFkDZy9fzBmqwpNggSLUGICQ1zv0HHho57ZpJexFyvgwRkWUdJZxoqyzFuI03CprptRBp1Ht1rN98zKMAW5rgajQ5StJ-xtPAfhPXu4dLnw=@protonmail.com>
Date: Wed, 28 Jan 2026 11:25:57 +0000
From: Turritopsis Dohrnii Teo En Ming <teo.en.ming@...tonmail.com>
To: Linux Networking <netdev@...r.kernel.org>
Cc: "ceo@...-en-ming-corp.com" <ceo@...-en-ming-corp.com>
Subject: Finally managed to get rsync script working after working on it for more than 7 hours since 1.30 AM on 28 Jan 2026 Wednesday
Subject: Finally managed to get rsync script working after working on it for more than 7 hours since 1.30 AM on 28 Jan 2026 Wednesday
Good day from Singapore,
I have finally managed to get rsync script working after working on it for more than 7 hours since 1.30 AM on 28 Jan 2026 Wednesday.
The old Synology DS713+ NAS was backed up to USB external harddisk using Hyper Backup.
The Hyper Backup on the USB external harddisk was fully restored on the new Synology DS1522+ NAS at 1.30 AM on 28 Jan 2026 Wednesday.
Since 1.30 AM in the morning, I have been working for more than 7 hours to get the rsync script working, all throughout the night.
rsync daemon keeps failing with errors, so I had no choice but to turn to rsync SSH.
Before running rsync SSH, I need to get passwordless SSH login working first.
1️⃣ Generate an SSH key on DS713+ (client)
ssh-keygen -t rsa -b 4096
Press Enter to accept the default path: /var/services/homes/rsyncuser/.ssh/id_rsa
Press Enter again for no passphrase (needed for automation)
This creates:
/var/services/homes/rsyncuser/.ssh/id_rsa ← private key (keep secret!)
/var/services/homes/rsyncuser/.ssh/id_rsa.pub ← public key
2️⃣ Copy the public key to DS1522+ (server) manually
SSH into DS1522+ as rsyncuser
mkdir -p ~/.ssh
chmod 700 ~/.ssh
On DS713+, print your public key:
cat /var/services/homes/rsyncuser/.ssh/id_rsa.pub
---public key snipped---
On DS1522+, append it to authorized_keys:
vi ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
3️⃣ Test passwordless login
ssh rsyncuser@....168.0.101
The authenticity of host '192.168.0.101 (192.168.0.101)' can't be established.
ECDSA key fingerprint is ---snipped---
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.0.101' (ECDSA) to the list of known hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for '/var/services/homes/rsyncuser/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/var/services/homes/rsyncuser/.ssh/id_rsa": bad permissions
rsyncuser@....168.0.101's password:
On DS713+:
chmod 700 /var/services/homes/rsyncuser/.ssh
chmod 600 /var/services/homes/rsyncuser/.ssh/id_rsa
chmod 644 /var/services/homes/rsyncuser/.ssh/id_rsa.pub
Passwordless ssh login is now successful.
Test rsync for 1 shared folder
1st test:
nohup rsync -aHAX --numeric-ids \
--partial --info=progress2,stats2,name \
--outbuf=L \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/1 Sales/" \
"rsyncuser@....168.0.101:/volume1/1 Sales/" \
>> /volume1/rsync_1_Sales.log 2>&1 &
2nd test:
nohup rsync -aHAX --numeric-ids \
--partial --progress --verbose \
--outbuf=L \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/1 Sales/" \
"rsyncuser@....168.0.101:/volume1/1 Sales/" \
>> /volume1/rsync_1_Sales.log 2>&1 &
No output for above rsync runs.
Test rsync for small folder "web"
rsync -av --progress \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/"
Result:
sending incremental file list
rsync: opendir "/volume1/web/web_images" failed: Permission denied (13)
./
@eaDir/
@eaDir/@.../
sent 356 bytes received 29 bytes 256.67 bytes/sec
total size is 2,310 speedup is 6.00
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462) [sender=3.1.2]
Test rsync again with exclude eaDir
rsync -av --progress \
--exclude='@...ir/' \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/"
Result:
sending incremental file list
rsync: opendir "/volume1/web/web_images" failed: Permission denied (13)
sent 275 bytes received 14 bytes 192.67 bytes/sec
total size is 2,310 speedup is 7.99
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462) [sender=3.1.2]
✅ CORRECT FIX (safe, Synology-approved)
You need to re-apply and enforce ACL inheritance on the source NAS (DS713+).
sudo synoacltool -add /volume1/web rsyncuser:allow:rwx
Result:
(synoacltool.c, 253)Unknown error
sudo synoacltool -enforce-inherit /volume1/web
rsyncuser@...kStation:~/.ssh$ sudo -u rsyncuser ls /volume1/web/web_images
ls: cannot open directory '/volume1/web/web_images': Permission denied
✅ Working approach: run rsync as root via SSH
Since your goal is migration to DS1522+, the easiest solution that actually works on DS713+ is:
Use root on DS713+ as the source
Use SSH rsync with passwordless keys for root
Exclude @eaDir
This avoids all ACL problems because root can read every folder, including legacy ACL-protected subfolders.
On DS713+:
sudo -i
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
---snipped---
The key's randomart image is:
+---[RSA 3072]----+
---snipped---
+----[SHA256]-----+
cat /root/.ssh/id_rsa.pub
---public key snipped---
On DS1522+:
echo "---public key snipped---" >> /var/services/homes/rsyncuser/.ssh/authorized_keys
chmod 600 /var/services/homes/rsyncuser/.ssh/authorized_keys
chown -R rsyncuser:users /var/services/homes/rsyncuser/.ssh
Now root on DS713+ → rsyncuser on DS1522+ is passwordless.
Test rsync again.
rsync -aAX --numeric-ids --partial \
--exclude='@...ir/' \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/" \
>> /volume1/rsync_web.log
rsync: failed to modify permissions on "/volume1/web/intranet": Operation not permitted (1)
rsync: rsync_xal_set: set_xattr_syno_acl(""/volume1/web/."","user.rsync.synoacl") failed: Permission denied (13)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462) [sender=3.1.2]
Test rsync again:
rsync -a --numeric-ids --partial \
--exclude='@...ir/' \
--no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/" \
>> /volume1/rsync_web.log
rsync: failed to set permissions on "/volume1/web/.htaccess": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/index.html": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/intranet": Operation not permitted (1)
rsync: failed to modify permissions on "/volume1/web/intranet": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/intranet/***_index.php": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/intranet/index.php": Operation not permitted (1)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462) [sender=3.1.2]
Test rsync again:
rsync -av --numeric-ids --partial \
--exclude='@...ir/' \
--chmod=ugo=rwX \
--no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/" \
>> /volume1/rsync_web.log
rsync: failed to set permissions on "/volume1/web/.htaccess": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/intranet/***_index.php": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/intranet/index.php": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/web_images": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/web_images/bg.png": Operation not permitted (1)
rsync: failed to set permissions on "/volume1/web/web_images/icon.png": Operation not permitted (1)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462) [sender=3.1.2]
Test rsync again:
rsync -rltDv --progress \
--exclude='@...ir/' \
--no-perms --no-owner --no-group --no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/web/" \
"rsyncuser@....168.0.101:/volume1/web/" \
>> /volume1/rsync_web.log
Output:
sending incremental file list
sent 280 bytes received 14 bytes 196.00 bytes/sec
total size is 233,274 speedup is 793.45
New rsync script:
vi rsync_script.sh
#!/bin/bash
# DS713+ -> DS1522+ migration via rsync over SSH
# All shared folders in a loop, passwordless SSH, background-safe
# Target NAS and user
TARGET_USER="rsyncuser"
TARGET_HOST="192.168.0.101"
# Shared folders to migrate
FOLDERS=(
"1 Sales"
"2 OPERATIONS"
"3 Admin"
"4 ISO 9001"
"5 Finance"
"6 IT"
"7 Volume_1"
"8"
"8 SynologyLog"
"Completed Projects"
"Disk 2"
"docker"
"OSV and LLP"
"Volume_2"
"web"
"web_packages"
)
# Base log folder on source NAS
LOGDIR="/volume1/rsync_logs"
mkdir -p "$LOGDIR"
# Loop over folders
for F in "${FOLDERS[@]}"; do
# Escape spaces in folder name for rsync destination
DEST_FOLDER="$F"
echo "Starting rsync for folder: $F"
nohup rsync -rltDv --progress \
--exclude='@...ir/' \
--no-perms --no-owner --no-group --no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/$F/" \
"$TARGET_USER@...RGET_HOST:/volume1/$DEST_FOLDER/" \
>> "$LOGDIR/rsync_$(echo $F | tr ' ' '_').log" 2>&1 &
done
echo "All rsync jobs started in background. Logs are in $LOGDIR"
End of script.
chmod +x rsync_script.sh
/root/rsync_script.sh
Output:
root@...kStation:/volume1/rsync_logs# tail -f rsync_1_Sales.log
kex_exchange_identification: Connection closed by remote host
rsync error: unexplained error (code 255) at io.c(254) [sender=3.1.2]
Test another script:
#!/bin/bash
# Sequential background rsync for Synology migration
# Source: DS713+, Target: DS1522+ (rsyncuser)
# One folder at a time to avoid SSH session limits
TARGET_USER="rsyncuser"
TARGET_HOST="192.168.0.101"
FOLDERS=(
"1 Sales"
"2 OPERATIONS"
"3 Admin"
"4 ISO 9001"
"5 Finance"
"6 IT"
"7 Volume_1"
"8"
"8 SynologyLog"
"Completed Projects"
"Disk 2"
"docker"
"OSV and LLP"
"Volume_2"
"web"
"web_packages"
)
LOGDIR="/volume1/rsync_logs"
mkdir -p "$LOGDIR"
for F in "${FOLDERS[@]}"; do
LOGFILE="$LOGDIR/rsync_$(echo $F | tr ' ' '_').log"
echo "===== Starting rsync for folder: $F at $(date) =====" >> "$LOGFILE"
# Run rsync sequentially but in background via nohup
nohup rsync -rltDv --progress \
--exclude='@...ir/' \
--no-perms --no-owner --no-group --no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/$F/" \
"$TARGET_USER@...RGET_HOST:/volume1/$F/" \
>> "$LOGFILE" 2>&1
echo "===== Completed rsync for folder: $F at $(date) =====" >> "$LOGFILE"
done
echo "All rsync folders queued sequentially in nohup. Logs in $LOGDIR"
End of script
nohup /root/rsync_script.sh &
Output:
===== Starting rsync for folder: 1 Sales at Wed Jan 28 12:31:35 +08 2026 =====
sending incremental file list
rsync: [sender] write error: Broken pipe (32)
rsync error: error in socket IO (code 10) at io.c(871) [sender=3.1.2]
===== Completed rsync for folder: 1 Sales at Wed Jan 28 12:31:37 +08 2026 =====
Testing another script:
#!/bin/bash
# DS713+ -> DS1522+ migration via SSH rsync
# Sequentially process 16 shared folders, per-folder logging
# Skip ACLs/xattrs to avoid permission errors
# Exclude @eaDir
# Target NAS and user
TARGET_USER="rsyncuser"
TARGET_HOST="192.168.0.101"
# Shared folders to migrate
FOLDERS=(
"1 Sales"
"2 OPERATIONS"
"3 Admin"
"4 ISO 9001"
"5 Finance"
"6 IT"
"7 Volume_1"
"8"
"8 SynologyLog"
"Completed Projects"
"Disk 2"
"docker"
"OSV and LLP"
"Volume_2"
"web"
"web_packages"
)
# Base log folder on source NAS
LOGDIR="/volume1/rsync_logs"
mkdir -p "$LOGDIR"
# Loop through folders sequentially
for F in "${FOLDERS[@]}"; do
LOGFILE="$LOGDIR/rsync_$(echo "$F" | tr ' ' '_').log"
echo "===== Starting rsync for folder: $F at $(date) =====" >> "$LOGFILE"
rsync -rltDv --progress \
--exclude='@...ir/' \
--no-perms --no-owner --no-group --no-acls --no-xattrs \
-e "ssh -o ServerAliveInterval=30 -o ServerAliveCountMax=20" \
"/volume1/$F/" \
"$TARGET_USER@...RGET_HOST:/volume1/$F/" \
>> "$LOGFILE" 2>&1
echo "===== Completed rsync for folder: $F at $(date) =====" >> "$LOGFILE"
done
echo "All folders have been processed sequentially. Logs are in $LOGDIR"
nohup /root/rsync_script.sh > /volume1/rsync_master.log 2>&1 &
Output:
===== Starting rsync for folder: 1 Sales at Wed Jan 28 12:37:26 +08 2026 =====
sending incremental file list
rsync: [sender] write error: Broken pipe (32)
rsync error: error in socket IO (code 10) at io.c(871) [sender=3.1.2]
===== Completed rsync for folder: 1 Sales at Wed Jan 28 12:37:27 +08 2026 =====
GRAND FINAL WORKING RSYNC SCRIPT - CONFIRMED AND TESTED TO BE WORKING! - AS AT 28 JAN 2026 Wednesday 1.36 PM
==============================================================================================================
#!/bin/bash
# Bulletproof Synology migration script: DS713+ -> DS1522+
# Sequential SSH rsync for 16 shared folders
# Handles spaces, retries, logs, #recycle excluded
# ----------------------------
# Configuration
# ----------------------------
TARGET_USER="rsyncuser"
TARGET_HOST="192.168.0.101"
BW_LIMIT=3000 # KB/s, adjust as needed
MAX_RETRIES=3
LOGDIR="/volume1/rsync_logs"
mkdir -p "$LOGDIR"
# List of shared folders to migrate
FOLDERS=(
"1 Sales"
"2 OPERATIONS"
"3 Admin"
"4 ISO 9001"
"5 Finance"
"6 IT"
"7 Volume_1"
"8"
"8 SynologyLog"
"Completed Projects"
"Disk 2"
"docker"
"OSV and LLP"
"Volume_2"
"web"
"web_packages"
)
# ----------------------------
# Pre-create all destination folders on DS1522+
# ----------------------------
echo "Creating all target folders on $TARGET_HOST..."
for F in "${FOLDERS[@]}"; do
ssh "$TARGET_USER@...RGET_HOST" "mkdir -p '/volume1/$F'"
done
echo "All destination folders created."
# ----------------------------
# Migration loop
# ----------------------------
for F in "${FOLDERS[@]}"; do
LOGFILE="$LOGDIR/rsync_$(echo "$F" | tr ' ' '_').log"
echo "===== Starting rsync for folder: $F at $(date) =====" >> "$LOGFILE"
RETRY_COUNT=0
SUCCESS=0
while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do
rsync -rltDv --progress \
--exclude='@...ir/' \
--exclude='#recycle/' \
--no-perms --no-owner --no-group --no-acls --no-xattrs \
--bwlimit=$BW_LIMIT \
-e "ssh -o ServerAliveInterval=15 -o ServerAliveCountMax=10 -o TCPKeepAlive=yes" \
"/volume1/$F/" \
"$TARGET_USER@...RGET_HOST:'/volume1/$F/'" \
>> "$LOGFILE" 2>&1
if [ $? -eq 0 ]; then
SUCCESS=1
echo "===== Completed rsync for folder: $F at $(date) SUCCESS =====" >> "$LOGFILE"
break
else
RETRY_COUNT=$((RETRY_COUNT+1))
echo "===== rsync FAILED for folder: $F, retry $RETRY_COUNT/$MAX_RETRIES at $(date) =====" >> "$LOGFILE"
sleep 5
fi
done
if [ $SUCCESS -eq 0 ]; then
echo "===== Folder $F FAILED after $MAX_RETRIES retries at $(date) =====" >> "$LOGFILE"
fi
done
echo "All folders processed sequentially. Logs are in $LOGDIR"
End of script.
chmod +x rsync_script.sh
nohup /root/rsync_script.sh > /volume1/rsync_master.log 2>&1 &
Thank you.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Extremely Democratic People's Republic of Singapore
28 Jan 2026 Wednesday 7.24 pm Singapore Time
Powered by blists - more mailing lists