Add codespell

Kerberos patch

.github/workflows/codespell.yml

@@ -0,0 +1,25 @@
+# Codespell configuration is within .codespellrc
+---
+    name: Codespell
+    
+    on:
+      push:
+        branches: [main]
+      pull_request:
+        branches: [main]
+    
+    permissions:
+      contents: read
+    
+    jobs:
+      codespell:
+        name: Check for spelling errors
+        runs-on: ubuntu-latest
+    
+        steps:
+          - name: Checkout
+            uses: actions/checkout@v4
+          - name: Annotate locations with typos
+            uses: codespell-project/codespell-problem-matcher@v1
+          - name: Codespell
+            uses: codespell-project/actions-codespell@v2

README.md

@@ -8,22 +8,22 @@
 [![macos tests](https://github.com/deajan/osync/actions/workflows/macos.yml/badge.svg)](https://github.com/deajan/osync/actions/workflows/macos.yml/badge.svg)
 
 
-A two way filesync script running on bash Linux, BSD, Android, MacOSX, Cygwin, MSYS2, Win10 bash  and virtually any system supporting bash).
+A two way filesync script running on bash Linux, BSD, Android, MacOSX, Cygwin, MSYS2, Win10 bash and virtually any system supporting bash.
-File synchronization is bidirectional, and can be run manually, as scheduled task, or triggered on file changes in daemon mode.
+File synchronization is bidirectional, and can be run manually, as scheduled task, or triggered on file changes in monitor mode.
 It is a command line tool rsync wrapper with a lot of additional features baked in.
 
-This is a quickstart guide, you can find the full documentation on the author's site.
+This is a quickstart guide, you can find the full documentation on the [author's site](http://www.netpower.fr/osync).
 
 ## About
 
-osync provides the following capabilities
+osync provides the following capabilities:
 
 -   Local-Local and Local-Remote sync
 -   Fault tolerance with resume scenarios
 -   POSIX ACL and extended attributes synchronization
 -   Full script Time control
 -   Soft deletions and multiple backups handling
--   Before / after run command execution
+-   Before/after run command execution
 -   Email alerts
 -   Logging facility
 -   Directory monitoring
@@ -33,22 +33,39 @@ osync provides the following capabilities
 osync is a stateful synchronizer. This means it's agentless and doesn't have to monitor files for changes. Instead, it compares replica file lists between two runs.
 A full run takes about 2 seconds on a local-local replication and about 7 seconds on a local-remote replication.
 Disabling some features file like attributes preservation and disk space checks may speed up execution. 
-osync uses a initiator / target sync schema. It can sync local to local or local to remote directories. By definition, initiator replica is always a local directory on the system osync runs on.
+osync uses a initiator/target sync schema. It can sync local to local or local to remote directories. By definition, initiator replica is always a local directory on the system osync runs on.
-osync uses pidlocks to prevent multiple concurrent sync processes on/to the same initiator / target replica.
+osync uses pidlocks to prevent multiple concurrent sync processes on/to the same initiator/target replica.
 You may launch concurrent sync processes on the same system but as long as the replicas to synchronize are different.
 Multiple osync tasks may be launched sequentially by osync osync-batch tool.
 
-Currently, it has been tested on CentOS 5.x, 6.x, 7.x, AlmaLinux 9, Fedora 22-25, Debian 6-11, Linux Mint 14-18, Ubuntu 12.04-22.04, FreeBSD 8.3-11, Mac OS X, QTS 4.5.1(x86) and pfSense 2.3.x.
+## Tested platforms
-Microsoft Windows is supported via MSYS, Cygwin and or via WSL.
+
-Android support works via Termux.
+| Operating system | Version                |
-Some users also have successfully used osync on Gentoo and created an openRC init scriptt for it.
+|------------------|------------------------|
+| AlmaLinux        | 9                      |
+| Android\*        | Not known              |
+| CentOS           | 5.x, 6.x, 7.x          |
+| Fedora           | 22-25                  |
+| FreeBSD          | 8.3-11                 |
+| Debian           | 6-11                   |
+| Linux Mint       | 14-18                  |
+| macOS            | Not known              |
+| pfSense          | 2.3.x                  |
+| QTS (x86)        | 4.5.1                  |
+| Ubuntu           | 12.04-22.04            |
+| Windows\*\*      | 10                     |
+
+\* via Termux.
+\*\* via MSYS, Cygwin and WSL.
+
+Some users also have successfully used osync on Gentoo and created an OpenRC init script for it.
 
 ## Installation
 
 osync has been designed to not delete any data, but rather make backups of conflictual files or soft deletes.
 Nevertheless, you should always have a neat backup of your data before trying a new sync tool.
 
-Getting osync via github (remove the -b "stable" if you want latest dev snapshot)
+Getting osync via GitHub (remove the -b "stable" if you want latest dev snapshot)
 
 	$ git clone -b "stable" https://github.com/deajan/osync
 	$ cd osync
@@ -56,10 +73,10 @@ Getting osync via github (remove the -b "stable" if you want latest dev snapshot
 
 Installer script accepts some parameters for automation. Launch install.sh --help for options.
 
-There is also a RPM file that should fit RHEL/CentOS/Fedora and basically any RPM based distro, see the github release.
+There is also an RPM file that should fit RHEL/CentOS/Fedora and basically any RPM based distro, see the GitHub release.
-Please note that RPM files will install osync to /usr/bin instead of /usr/local/bin in order to enforce good practices.
+Please note that RPM files will install osync to `/usr/bin` instead of `/usr/local/bin` in order to enforce good practices.
 
-osync will install itself to /usr/local/bin and an example configuration file will be installed to /etc/osync
+osync will install itself to `/usr/local/bin` and an example configuration file will be installed to `/etc/osync`.
 
 osync needs to run with bash shell. Using any other shell will most probably result in errors.
 If bash is not your default shell, you may invoke it using
@@ -70,7 +87,7 @@ On *BSD and BusyBox, be sure to have bash installed.
 
 If you can't install osync, you may just copy osync.sh where you needed and run it from there.
 
-Archlinux packages are available at <https://aur.archlinux.org/packages/osync/> (thanks to Shadowigor, <https://github.com/shadowigor>)
+Arch Linux packages are available at <https://aur.archlinux.org/packages/osync/> (thanks to Shadowigor, <https://github.com/shadowigor>).
 
 ## Upgrade from previous configuration files
 
@@ -86,24 +103,22 @@ The script will backup your config file, update it's content and try to connect
 
 ## Usage
 
-Osync can work with in three flavors: Quick sync mode, configuration file mode, and daemon mode.
+Osync can work in 3 modes:
-While quick sync mode is convenient to do fast syncs between some directories, a configuration file gives much more functionnality.
+1. [:rocket: Quick sync mode](#quick-sync-mode)
-Please use double quotes as path delimiters. Do not use escaped characters in path names.
+2. [:gear: Configuration file mode](#configuration-file-mode)
+3. [:mag_right: Monitor mode](#monitor-mode)
 
-## QuickSync example
+> [!NOTE]
+> Please use double quotes as path delimiters. Do not use escaped characters in path names.
+
+### <a id="quick-sync-mode"></a>:rocket: Quick sync mode
+
+Quick sync mode is convenient to do fast syncs between some directories. However, the [configuration file mode](#configuration-file-mode) gives much more functionality.
 
 	# osync.sh --initiator="/path/to/dir1" --target="/path/to/remote dir2"
 	# osync.sh --initiator="/path/to/another dir" --target="ssh://user@host.com:22//path/to/dir2" --rsakey=/home/user/.ssh/id_rsa_private_key_example.com
 
-## Summary mode
+#### Quick sync with minimal options
-
-osync may output only file changes and errors with the following
-
-	# osync.sh --initiator="/path/to/dir1" --target="/path/to/dir" --summary --errors-only --no-prefix
-
-This also works in configuration file mode.
-
-## QuickSync with minimal options
 
 In order to run osync the quickest (without transferring file attributes, without softdeletion, without prior space checks and without remote connectivity checks, you may use the following:
 
@@ -111,37 +126,51 @@ In order to run osync the quickest (without transferring file attributes, withou
 
 All the settings described here may also be configured in the conf file.
 
-## Running osync with a Configuration file
+### Summary mode
 
-You'll have to customize the sync.conf file according to your needs.
+osync will output only file changes and errors with the following:
-If you intend to sync a remote directory, osync will need a pair of private / public RSA keys to perform remote SSH connections.
+
-Also, running sync as superuser requires to configure /etc/sudoers file.
+	# osync.sh --initiator="/path/to/dir1" --target="/path/to/dir" --summary --errors-only --no-prefix
-Please read the documentation about remote sync setups.
+
-Once you've customized a sync.conf file, you may run osync with the following test run:
+This also works in configuration file mode.
+
+### <a id="configuration-file-mode"></a>:gear: Configuration file mode
+
+You'll have to customize the `sync.conf` file according to your needs.
+
+If you intend to sync a remote directory, osync will need a pair of private/public RSA keys to perform remote SSH connections. Also, running sync as superuser requires to configure the `/etc/sudoers` file.
+
+> [!TIP]
+> Read the [example configuration file](https://github.com/deajan/osync/blob/master/sync.conf.example) for documentation about remote sync setups.
+
+Once you've customized a `sync.conf` file, you may run osync with the following test run:
 
 	# osync.sh /path/to/your.conf --dry
 
-If everything went well, you may run the actual configuration with one of the following:
+If everything went well, you may run the actual configuration with:
 
 	# osync.sh /path/to/your.conf
+
+To display which files and attrs are actually synchronized and which files are to be soft deleted / are in conflict, use `--verbose` (you may mix it with `--silent` to output verbose input only in the log files):
+ 
 	# osync.sh /path/to/your.conf --verbose
+
+Use `--no-maxtime` to disable execution time checks, which is usefull for big initial sync tasks that might take long time. Next runs should then only propagate changes and take much less time:
+ 
  	# osync.sh /path/to/your.conf --no-maxtime
 
-Verbose option will display which files and attrs are actually synchronized and which files are to be soft deleted / are in conflict.
+Once you're confident about your first runs, you may add osync as a cron task like the following in `/etc/crontab` which would run osync every 30 minutes:
-You may mix "--silent" and "--verbose" parameters to output verbose input only in the log files.
-No-Maxtime option will disable execution time checks, which is usefull for big initial sync tasks that might take long time. Next runs should then only propagate changes and take much less time.
-
-Once you're confident about your first runs, you may add osync as a cron task like the following in /etc/crontab which would run osync every 30 minutes:
 
 	*/30 * * * * root /usr/local/bin/osync.sh /etc/osync/my_sync.conf --silent
 
-Please note that this syntax works for RedHat / CentOS. On Debian you might want to remove the username (ie root) in order to make the crontab entry work.
+Please note that this syntax works for RedHat/CentOS. On Debian you might want to remove the username (i.e. root) in order to make the crontab entry work.
 
-## Batch mode
+### Batch mode
 
-You may want to sequentially run multiple sync sets between the same servers. In that case, osync-batch.sh is a nice tool that will run every osync conf file, and, if a task fails,
+You may want to sequentially run multiple sync sets between the same servers. In that case, `osync-batch.sh` is a nice tool that will run every osync conf file, and, if a task fails,
 run it again if there's still some time left.
-The following example will run all .conf files found in /etc/osync, and retry 3 times every configuration that fails, if the whole sequential run took less than 2 hours.
+
+To run all `.conf` files found in `/etc/osync`, and retry 3 times every configuration that fails if the whole sequential run took less than 2 hours, use:
 
 	# osync-batch.sh --path=/etc/osync --max-retries=3 --max-exec-time=7200
 
@@ -149,36 +178,38 @@ Having multiple conf files can then be run in a single cron command like
 
 	00 00 * * * root /usr/local/bin/osync-batch.sh --path=/etc/osync --silent
 
-## Daemon mode
+### <a id="monitor-mode"></a>:mag_right: Monitor mode
 
-Additionaly, you may run osync in monitor mode, which means it will perform a sync upon file operations on initiator replica.
+> [!NOTE]
-This can be a drawback on functionnality versus scheduled mode because this mode only launches a sync task if there are file modifications on the initiator replica, without being able to monitor the target replica.
+> Monitoring changes requires inotifywait command (`inotify-tools` package for most Linux distributions). BSD, macOS and Windows are not yet supported for this operation mode, unless you find an `inotify-tool` package on these OSes.
-Target replica changes are only synced when initiator replica changes occur, or when a given amount of time (default 600 seconds) passed without any changes on initiator replica.
+
-File monitor mode can also be launched as a daemon with an init script. Please read the documentation for more info.
+Monitor mode will perform a sync upon file operations on initiator replica. This can be a drawback on functionality versus scheduled mode because this mode only launches a sync task if there are file modifications on the initiator replica, without being able to monitor the target replica. Target replica changes are only synced when initiator replica changes occur, or when a given amount of time (600 seconds by default) passed without any changes on initiator replica.
-Note that monitoring changes requires inotifywait command (inotify-tools package for most Linux distributions).
+
-BSD, MacOS X and Windows are not yet supported for this operation mode, unless you find a inotify-tools package on these OSes.
+This mode can also be launched as a daemon with an init script. Please read the documentation for more info.
+
+To use this mode, use `--on-changes`:
 
 	# osync.sh /etc/osync/my_sync.conf --on-changes
 
-Osync file monitor mode may be run as system service with the osync-srv script.
+To run this mode as a system service with the `osync-srv` script, you can run the `install.sh` script (which should work in most cases) or copy the files by hand:
-You may run the install.sh script which should work in most cases or copy the files by hand (osync.sh to /usr/bin/local, sync.conf to /etc/osync, osync-srv to /etc/init.d for initV, osync-srv@.service to /usr/lib/systemd/system for systemd, osync-srv-openrc to /etc/init.d/osync-srv-openrc for OpenRC).
+- `osync.sh` to `/usr/bin/local`
+- `sync.conf` to `/etc/osync`
+- For InitV, `osync-srv` to `/etc/init.d`
+- For systemd, `osync-srv@.service` to `/usr/lib/systemd/system`
+- For OpenRC, `osync-srv-openrc` to `/etc/init.d/osync-srv-openrc`
 
-InitV specific instructions:
+For InitV (any configuration file found in `/etc/osync` will create an osync daemon instance when service is launched on initV):
-
-	Any configuration file found in /etc/osync will create a osync daemon instance when service is launched on initV with:
 
 	$ service osync-srv start
 	$ chkconfig osync-srv on
 
-Systemd specific (one service per config file)
+For systemd, launch service (one service per config file to launch) with:
 
-	Launch service (one service per config file to launch) with:
 	$ systemctl start osync-srv@configfile.conf
 	$ systemctl enable osync-srv@configfile.conf
 
-OpenRC specific instructions (user contrib)
+For OpenRC (user contrib), launch service (one service per config file to launch) with:
 
-	Launch service (one service per config file to launch) with:
 	$ rc-update add osync-srv.configfile default
 
 ## Security enhancements
@@ -190,21 +221,24 @@ Please read full documentation in order to configure ssh filter.
 
 All kind of contribs are welcome.
 
-When submitting a PR, please be sure to modify files in dev directory (dev/n_osync.sh, dev/ofunctions.sh, dev/common_install.sh etc) as most of the main files are generated via merge.sh.
+When submitting a PR, please be sure to modify files in dev directory (`dev/n_osync.sh`, `dev/ofunctions.sh`, `dev/common_install.sh etc`) as most of the main files are generated via merge.sh.
 When testing your contribs, generate files via merge.sh or use bootstrap.sh which generates a temporary version of n_osync.sh with all includes.
 
-Unit tests are run by travis on every PR, but you may also run them manually which adds some tests that travis can't do, via dev/tests/run_tests.sh
+Unit tests are run by travis on every PR, but you may also run them manually which adds some tests that travis can't do, via `dev/tests/run_tests.sh`.
-SSH port can be changed on the fly via environment variable SSH_PORT, eg: SSH_PORT=2222 dev/tests/run_tests.sh
+SSH port can be changed on the fly via environment variable SSH_PORT, e.g.:
+
+	# SSH_PORT=2222 dev/tests/run_tests.sh
 
 Consider reading CODING_CONVENTIONS.TXT before submitting a patch.
 
 ## Troubleshooting
 
-You may find osync's logs in `/var/log/osync.[INSTANCE_ID].log` (or current directory if /var/log is not writable).
+You may find osync's logs in `/var/log/osync.[INSTANCE_ID].log` (or current directory if `/var/log` is not writable).
 Additionnaly, you can use the --verbose flag see to what actions are going on.
 
-When opening an issue, please post the corresponding log files. Also, you may run osync with _DEBUG option in order to have more precise logs, eg:
+When opening an issue, please post the corresponding log files. Also, you may run osync with _DEBUG option in order to have more precise logs, e.g.:
-_DEBUG=yes ./osync.sh /path/to/conf
+
+	# _DEBUG=yes ./osync.sh /path/to/conf
 
 ## Uninstalling
 
@@ -214,5 +248,5 @@ The installer script also has an uninstall mode that will keep configuration fil
 
 ## Author
 
-Feel free to open an issue on github or mail me for support in my spare time :)
+Feel free to open an issue on GitHub or mail me for support in my spare time :)
 Orsiris de Jong | ozy@netpower.fr

dev/common_install.sh

@@ -10,7 +10,7 @@ PROGRAM_BINARY=$PROGRAM".sh"
 PROGRAM_BATCH=$PROGRAM"-batch.sh"
 SSH_FILTER="ssh_filter.sh"
 
-SCRIPT_BUILD=2023061101
+SCRIPT_BUILD=2025012001
 INSTANCE_ID="installer-$SCRIPT_BUILD"
 
 ## osync / obackup / pmocr / zsnap install script
@@ -332,14 +332,22 @@ function RemoveAll {
 	else
 		Logger "Skipping removal of [$BIN_DIR/$SSH_FILTER] because other programs present that need it." "NOTICE"
 	fi
+
+	# Try to uninstall every possible service file
+	if [ $init == "systemd" ]; then
 		RemoveFile "$SERVICE_DIR_SYSTEMD_SYSTEM/$SERVICE_FILE_SYSTEMD_SYSTEM"
 		RemoveFile "$SERVICE_DIR_SYSTEMD_USER/$SERVICE_FILE_SYSTEMD_USER"
+		RemoveFile "$SERVICE_DIR_SYSTEMD_SYSTEM/$TARGET_HELPER_SERVICE_FILE_SYSTEMD_SYSTEM"
+		RemoveFile "$SERVICE_DIR_SYSTEMD_USER/$TARGET_HELPER_SERVICE_FILE_SYSTEMD_USER"
+	elif [ $init == "initV" ]; then
 		RemoveFile "$SERVICE_DIR_INIT/$SERVICE_FILE_INIT"
-
+		RemoveFile "$SERVICE_DIR_INIT/$TARGET_HELPER_SERVICE_FILE_INIT"
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_SYSTEMD_SYSTEM/$SERVICE_FILE_SYSTEMD_SYSTEM"
+	elif [ $init == "openrc" ]; then
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_SYSTEMD_USER/$SERVICE_FILE_SYSTEMD_USER"
+		RemoveFile "$SERVICE_DIR_OPENRC/$SERVICE_FILE_OPENRC"
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_INIT/$SERVICE_FILE_INIT"
+		RemoveFile "$SERVICE_DIR_OPENRC/$TARGET_HELPER_SERVICE_FILE_OPENRC"
-
+	else
+		Logger "Can uninstall only from initV, systemd or openRC." "WARN"
+	fi
 	Logger "Skipping configuration files in [$CONF_DIR]. You may remove this directory manually." "NOTICE"
 }
 

dev/debug_osync.sh

@@ -90,7 +90,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 
@@ -504,7 +504,7 @@ function SendAlert {
 	fi
 
 	if [ $runAlert == true ]; then
-		subject="Currently runing - $subject"
+		subject="Currently running - $subject"
 	else
 		subject="Finished run - $subject"
 	fi
@@ -683,7 +683,7 @@ function SendEmail {
 			encryption_string=
 		elif [ "$encryption" == "tls" ]; then
 			encryption_string=-starttls
-		elif [ "$encryption" == "ssl" ]:; then
+		elif [ "$encryption" == "ssl" ]; then
 			encryption_string=-ssl
 		fi
 		if [ "$smtpUser" != "" ] && [ "$smtpPassword" != "" ]; then
@@ -776,7 +776,7 @@ function _PerfProfiler {												#__WITH_PARANOIA_DEBUG
 
 _OFUNCTIONS_SPINNER="|/-\\"
 function Spinner {
-	if [ $_LOGGER_SILENT == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
+	if [ "$_LOGGER_SILENT" == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
 		return 0
 	else
 		printf " [%c]  \b\b\b\b\b\b" "$_OFUNCTIONS_SPINNER"
@@ -2118,6 +2118,11 @@ function PostInit {
 		SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
 		SCP_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
 		RSYNC_SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
+  elif [ $KRB5 ]; then
+    SSH_PASSWORD=""
+    SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
+    SCP_CMD="$(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
+    RSYNC_SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
 	else
 		SSH_PASSWORD=""
 		SSH_CMD=""
@@ -2836,8 +2841,8 @@ function CheckCurrentConfigAll {
 		exit 1
 	fi
 
-	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ]); then
+	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ] && [ ! $KRB5 ]); then
-		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE]. No authentication method provided." "CRITICAL"
+		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE] nor KRB5CCFILE. No authentication method provided." "CRITICAL"
 		exit 1
 	fi
 
@@ -2988,7 +2993,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -3429,7 +3434,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -4050,7 +4055,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -4749,7 +4754,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -5707,7 +5712,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -6044,7 +6049,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -6617,6 +6622,7 @@ function Usage {
 	echo "--initiator=\"\"		 Master replica path. Will contain state and backup directory (is mandatory)"
 	echo "--target=\"\" 		 Local or remote target replica path. Can be a ssh uri like ssh://user@host.com:22//path/to/target/replica (is mandatory)"
 	echo "--rsakey=\"\"		 Alternative path to rsa private key for ssh connection to target replica"
+	echo "--krb5			              use KRB5 credential cache"
 	echo "--ssh-controlmaster      Allow using a single TCP connection for all ssh calls. Will make remote sync faster, but may fail easier on lossy links"
 	echo "--password-file=\"\"       If no rsa private key is used for ssh authentication, a password file can be used"
 	echo "--remote-token=\"\"        When using ssh filter protection, you must specify the remote token set in ssh_filter.sh"
@@ -6793,6 +6799,10 @@ function GetCommandlineArguments {
 			_DRYRUN=true
 			opts=$opts" --dry"
 			;;
+			--krb5)
+			KRB5=true
+			opts=$opts" --krb5"
+			;;
 	    --silent)
 			_LOGGER_SILENT=true
 			opts=$opts" --silent"

dev/n_osync.sh

@@ -234,8 +234,8 @@ function CheckCurrentConfigAll {
 		exit 1
 	fi
 
-	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ]); then
+	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ] && [ ! $KRB5 ]); then
-		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE]. No authentication method provided." "CRITICAL"
+		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE] nor KRB5CCFILE. No authentication method provided." "CRITICAL"
 		exit 1
 	fi
 
@@ -2918,6 +2918,7 @@ function Usage {
 	echo "--initiator=\"\"		 Master replica path. Will contain state and backup directory (is mandatory)"
 	echo "--target=\"\" 		 Local or remote target replica path. Can be a ssh uri like ssh://user@host.com:22//path/to/target/replica (is mandatory)"
 	echo "--rsakey=\"\"		 Alternative path to rsa private key for ssh connection to target replica"
+	echo "--krb5			              use KRB5 credential cache"
 	echo "--ssh-controlmaster      Allow using a single TCP connection for all ssh calls. Will make remote sync faster, but may fail easier on lossy links"
 	echo "--password-file=\"\"       If no rsa private key is used for ssh authentication, a password file can be used"
 	echo "--remote-token=\"\"        When using ssh filter protection, you must specify the remote token set in ssh_filter.sh"
@@ -3094,6 +3095,10 @@ function GetCommandlineArguments {
 			_DRYRUN=true
 			opts=$opts" --dry"
 			;;
+			--krb5)
+			KRB5=true
+			opts=$opts" --krb5"
+			;;
 	    --silent)
 			_LOGGER_SILENT=true
 			opts=$opts" --silent"

dev/ofunctions.sh

@@ -82,7 +82,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 #### DEBUG SUBSET END ####
@@ -512,7 +512,7 @@ function SendAlert {
 	fi
 
 	if [ $runAlert == true ]; then
-		subject="Currently runing - $subject"
+		subject="Currently running - $subject"
 	else
 		subject="Finished run - $subject"
 	fi
@@ -691,7 +691,7 @@ function SendEmail {
 			encryption_string=
 		elif [ "$encryption" == "tls" ]; then
 			encryption_string=-starttls
-		elif [ "$encryption" == "ssl" ]:; then
+		elif [ "$encryption" == "ssl" ]; then
 			encryption_string=-ssl
 		fi
 		if [ "$smtpUser" != "" ] && [ "$smtpPassword" != "" ]; then
@@ -786,7 +786,7 @@ function _PerfProfiler {												#__WITH_PARANOIA_DEBUG
 
 _OFUNCTIONS_SPINNER="|/-\\"
 function Spinner {
-	if [ $_LOGGER_SILENT == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
+	if [ "$_LOGGER_SILENT" == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
 		return 0
 	else
 		printf " [%c]  \b\b\b\b\b\b" "$_OFUNCTIONS_SPINNER"
@@ -2139,6 +2139,11 @@ function PostInit {
 		SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
 		SCP_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
 		RSYNC_SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
+  elif [ $KRB5 ]; then
+    SSH_PASSWORD=""
+    SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
+    SCP_CMD="$(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
+    RSYNC_SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
 	else
 		SSH_PASSWORD=""
 		SSH_CMD=""
@@ -2481,7 +2486,7 @@ function SetConfFileValue () {
 	else
 		echo "$name=$value" > "$file"
 		if [ $? -ne 0 ]; then
-			Logger "Config file [$file] does not exist. Failed to create it witn value [$name]." "ERROR"
+			Logger "Config file [$file] does not exist. Failed to create it with value [$name]." "ERROR"
 		fi
 	fi
 }

dev/tests/run_tests.sh

@@ -57,7 +57,7 @@ homedir=$(eval echo ~${REMOTE_USER})
 
 # drupal servers are often unreachable for whetever reason or give 0 bytes files
 #LARGE_FILESET_URL="http://ftp.drupal.org/files/projects/drupal-8.2.2.tar.gz"
-LARGE_FILESET_URL="http://www.netpower.fr/sites/default/files/osync-test-files.tar.gz"
+LARGE_FILESET_URL="https://ftp.drupal.org/files/projects/drupal-11.0.10.tar.gz"
 
 OSYNC_DIR="$(pwd)"
 OSYNC_DIR=${OSYNC_DIR%%/dev*}

install.sh

@@ -10,7 +10,7 @@ PROGRAM_BINARY=$PROGRAM".sh"
 PROGRAM_BATCH=$PROGRAM"-batch.sh"
 SSH_FILTER="ssh_filter.sh"
 
-SCRIPT_BUILD=2023061101
+SCRIPT_BUILD=2025012001
 INSTANCE_ID="installer-$SCRIPT_BUILD"
 
 ## osync / obackup / pmocr / zsnap install script
@@ -61,7 +61,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 
@@ -907,14 +907,22 @@ function RemoveAll {
 	else
 		Logger "Skipping removal of [$BIN_DIR/$SSH_FILTER] because other programs present that need it." "NOTICE"
 	fi
+
+	# Try to uninstall every possible service file
+	if [ $init == "systemd" ]; then
 		RemoveFile "$SERVICE_DIR_SYSTEMD_SYSTEM/$SERVICE_FILE_SYSTEMD_SYSTEM"
 		RemoveFile "$SERVICE_DIR_SYSTEMD_USER/$SERVICE_FILE_SYSTEMD_USER"
+		RemoveFile "$SERVICE_DIR_SYSTEMD_SYSTEM/$TARGET_HELPER_SERVICE_FILE_SYSTEMD_SYSTEM"
+		RemoveFile "$SERVICE_DIR_SYSTEMD_USER/$TARGET_HELPER_SERVICE_FILE_SYSTEMD_USER"
+	elif [ $init == "initV" ]; then
 		RemoveFile "$SERVICE_DIR_INIT/$SERVICE_FILE_INIT"
-
+		RemoveFile "$SERVICE_DIR_INIT/$TARGET_HELPER_SERVICE_FILE_INIT"
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_SYSTEMD_SYSTEM/$SERVICE_FILE_SYSTEMD_SYSTEM"
+	elif [ $init == "openrc" ]; then
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_SYSTEMD_USER/$SERVICE_FILE_SYSTEMD_USER"
+		RemoveFile "$SERVICE_DIR_OPENRC/$SERVICE_FILE_OPENRC"
-	RemoveFile "$TARGET_HELPER_SERVICE_DIR_INIT/$SERVICE_FILE_INIT"
+		RemoveFile "$SERVICE_DIR_OPENRC/$TARGET_HELPER_SERVICE_FILE_OPENRC"
-
+	else
+		Logger "Can uninstall only from initV, systemd or openRC." "WARN"
+	fi
 	Logger "Skipping configuration files in [$CONF_DIR]. You may remove this directory manually." "NOTICE"
 }
 

osync.sh

@@ -57,7 +57,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 
@@ -458,7 +458,7 @@ function SendAlert {
 	fi
 
 	if [ $runAlert == true ]; then
-		subject="Currently runing - $subject"
+		subject="Currently running - $subject"
 	else
 		subject="Finished run - $subject"
 	fi
@@ -636,7 +636,7 @@ function SendEmail {
 			encryption_string=
 		elif [ "$encryption" == "tls" ]; then
 			encryption_string=-starttls
-		elif [ "$encryption" == "ssl" ]:; then
+		elif [ "$encryption" == "ssl" ]; then
 			encryption_string=-ssl
 		fi
 		if [ "$smtpUser" != "" ] && [ "$smtpPassword" != "" ]; then
@@ -712,7 +712,7 @@ function LoadConfigFile {
 
 _OFUNCTIONS_SPINNER="|/-\\"
 function Spinner {
-	if [ $_LOGGER_SILENT == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
+	if [ "$_LOGGER_SILENT" == true ] || [ "$_LOGGER_ERR_ONLY" == true ] || [ "$_SYNC_ON_CHANGES" == "initiator" ] || [ "$_SYNC_ON_CHANGES" == "target" ] ; then
 		return 0
 	else
 		printf " [%c]  \b\b\b\b\b\b" "$_OFUNCTIONS_SPINNER"
@@ -1970,6 +1970,11 @@ function PostInit {
 		SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
 		SCP_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
 		RSYNC_SSH_CMD="$(type -p sshpass) -f $SSH_PASSWORD_FILE $(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
+  elif [ $KRB5 ]; then
+    SSH_PASSWORD=""
+    SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS $REMOTE_USER@$REMOTE_HOST -p $REMOTE_PORT"
+    SCP_CMD="$(type -p scp) $SSH_COMP -q -P $REMOTE_PORT"
+    RSYNC_SSH_CMD="$(type -p ssh) $SSH_COMP -q $SSH_OPTS -p $REMOTE_PORT"
 	else
 		SSH_PASSWORD=""
 		SSH_CMD=""
@@ -2683,8 +2688,8 @@ function CheckCurrentConfigAll {
 		exit 1
 	fi
 
-	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ]); then
+	if [ "$REMOTE_OPERATION" == true ] && ([ ! -f "$SSH_RSA_PRIVATE_KEY" ] && [ ! -f "$SSH_PASSWORD_FILE" ] && [ ! $KRB5 ]); then
-		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE]. No authentication method provided." "CRITICAL"
+		Logger "Cannot find rsa private key [$SSH_RSA_PRIVATE_KEY] nor password file [$SSH_PASSWORD_FILE] nor KRB5CCFILE. No authentication method provided." "CRITICAL"
 		exit 1
 	fi
 
@@ -2829,7 +2834,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -3258,7 +3263,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -3862,7 +3867,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -4546,7 +4551,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -5490,7 +5495,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -5815,7 +5820,7 @@ else
 	_LOGGER_VERBOSE=true
 fi
 
-if [ "$SLEEP_TIME" == "" ]; then # Leave the possibity to set SLEEP_TIME as environment variable when runinng with bash -x in order to avoid spamming console
+if [ "$SLEEP_TIME" == "" ]; then # Leave the possibility to set SLEEP_TIME as environment variable when running with bash -x in order to avoid spamming console
 	SLEEP_TIME=.05
 fi
 function TrapError {
@@ -6375,6 +6380,7 @@ function Usage {
 	echo "--initiator=\"\"		 Master replica path. Will contain state and backup directory (is mandatory)"
 	echo "--target=\"\" 		 Local or remote target replica path. Can be a ssh uri like ssh://user@host.com:22//path/to/target/replica (is mandatory)"
 	echo "--rsakey=\"\"		 Alternative path to rsa private key for ssh connection to target replica"
+	echo "--krb5			              use KRB5 credential cache"
 	echo "--ssh-controlmaster      Allow using a single TCP connection for all ssh calls. Will make remote sync faster, but may fail easier on lossy links"
 	echo "--password-file=\"\"       If no rsa private key is used for ssh authentication, a password file can be used"
 	echo "--remote-token=\"\"        When using ssh filter protection, you must specify the remote token set in ssh_filter.sh"
@@ -6550,6 +6556,10 @@ function GetCommandlineArguments {
 			_DRYRUN=true
 			opts=$opts" --dry"
 			;;
+			--krb5)
+			KRB5=true
+			opts=$opts" --krb5"
+			;;
 	    --silent)
 			_LOGGER_SILENT=true
 			opts=$opts" --silent"

sync.conf.example

@@ -21,6 +21,9 @@ SSH_RSA_PRIVATE_KEY="/home/backupuser/.ssh/id_rsa"
 ## Alternatively, you may specify an SSH password file (less secure). Needs sshpass utility installed.
 SSH_PASSWORD_FILE=""
 
+## use the KRB5 credential cache to access SSH or rsync
+#KRB5=true
+
 ## When using ssh filter, you must specify a remote token matching the one setup in authorized_keys
 _REMOTE_TOKEN=SomeAlphaNumericToken9