Use the "_rsync" user and group by default, instead of nobody.

Tweak man pages accordingly.
While here:
simplify @extra marker in PLIST
set GPL version

"looks good" to naddy@
with inputs from and ok schwarze@, ok sthen@

net/rsync/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.61 2011/03/27 17:16:47 naddy Exp $
+# $OpenBSD: Makefile,v 1.62 2011/04/02 15:13:25 ajacoutot Exp $
 
 COMMENT =	mirroring/synchronization over low bandwidth links
 
@@ -6,13 +6,16 @@ DISTNAME =	rsync-3.0.8
 CATEGORIES =	net
 HOMEPAGE =	http://rsync.samba.org/
 
+REVISION =	0
+
 MAINTAINER =	Marc Espie <espie@openbsd.org>
 
-# GPL
+# GPLv3
 PERMIT_PACKAGE_CDROM =	Yes
 PERMIT_PACKAGE_FTP =	Yes
 PERMIT_DISTFILES_CDROM =Yes
 PERMIT_DISTFILES_FTP =	Yes
+
 WANTLIB =		c
 
 MASTER_SITES =	ftp://ftp.samba.org/pub/rsync/ \
@@ -24,7 +27,8 @@ MASTER_SITES =	ftp://ftp.samba.org/pub/rsync/ \
 CONFIGURE_STYLE =gnu
 CONFIGURE_ARGS =--with-included-popt \
 		--with-rsyncd-conf="${SYSCONFDIR}/rsyncd.conf" \
-		--with-rsh="ssh -T"
+		--with-rsh="ssh -T" \
+		--with-nobody-group=_rsync
 
 DOCDIR =	${PREFIX}/share/doc/rsync
 USE_GROFF =	Yes

net/rsync/patches/patch-authenticate_c

@@ -0,0 +1,12 @@
+$OpenBSD: patch-authenticate_c,v 1.1 2011/04/02 15:13:25 ajacoutot Exp $
+--- authenticate.c.orig	Mon Mar 28 13:59:40 2011
++++ authenticate.c	Mon Mar 28 13:59:55 2011
+@@ -291,7 +291,7 @@ void auth_client(int fd, const char *user, const char 
+ 	char pass2[MAX_DIGEST_LEN*2];
+ 
+ 	if (!user || !*user)
+-		user = "nobody";
++		user = "_rsync";
+ 
+ 	if (!(pass = getpassf(password_file))
+ 	 && !(pass = getenv("RSYNC_PASSWORD"))) {

net/rsync/patches/patch-configure_sh

@@ -0,0 +1,12 @@
+$OpenBSD: patch-configure_sh,v 1.1 2011/04/02 15:13:25 ajacoutot Exp $
+--- configure.sh.orig	Mon Mar 28 13:58:00 2011
++++ configure.sh	Mon Mar 28 13:59:13 2011
+@@ -4210,7 +4210,7 @@ fi
+ 
+ 
+ cat >>confdefs.h <<_ACEOF
+-#define NOBODY_USER "nobody"
++#define NOBODY_USER "_rsync"
+ _ACEOF
+ 
+ 

net/rsync/patches/patch-rsync_1

@@ -0,0 +1,12 @@
+$OpenBSD: patch-rsync_1,v 1.1 2011/04/02 15:13:25 ajacoutot Exp $
+--- rsync.1.orig	Mon Mar 28 13:57:27 2011
++++ rsync.1	Mon Mar 28 13:57:35 2011
+@@ -3465,7 +3465,7 @@ consult the remote shell\(cq\&s documentation.
+ .IP "\fBUSER\fP or \fBLOGNAME\fP"
+ The USER or LOGNAME environment variables
+ are used to determine the default username sent to an rsync daemon.
+-If neither is set, the username defaults to \(dq\&nobody\(dq\&.
++If neither is set, the username defaults to \(dq\&_rsync\(dq\&.
+ .IP "\fBHOME\fP"
+ The HOME environment variable is used to find the user\(cq\&s
+ default .cvsignore file.

net/rsync/patches/patch-rsyncd_conf_5

@@ -1,6 +1,6 @@
-$OpenBSD: patch-rsyncd_conf_5,v 1.1 2011/03/07 19:48:20 ajacoutot Exp $
+$OpenBSD: patch-rsyncd_conf_5,v 1.2 2011/04/02 15:13:25 ajacoutot Exp $
---- rsyncd.conf.5.orig	Thu Dec 31 22:15:51 2009
+--- rsyncd.conf.5.orig	Sat Mar 26 22:37:52 2011
-+++ rsyncd.conf.5	Tue Feb 22 11:22:44 2011
++++ rsyncd.conf.5	Wed Mar 30 14:12:53 2011
 @@ -67,12 +67,11 @@ When run via inetd you should add a line like this to 
  and a single line something like this to /etc/inetd.conf:
  .PP 
@@ -16,7 +16,25 @@ $OpenBSD: patch-rsyncd_conf_5,v 1.1 2011/03/07 19:48:20 ajacoutot Exp $
  reread its config file.
  .PP 
  Note that you should \fBnot\fP send the rsync daemon a HUP signal to force
-@@ -460,7 +459,7 @@ limit the length of passwords that can be typed at the
+@@ -341,14 +340,13 @@ for modules to be listable.
+ This parameter specifies the user name or user ID that
+ file transfers to and from that module should take place as when the daemon
+ was run as root. In combination with the \(dq\&gid\(dq\& parameter this determines what
+-file permissions are available. The default is uid \-2, which is normally
+-the user \(dq\&nobody\(dq\&.
++file permissions are available. The default is \(dq\&_rsync\(dq\&.
+ .IP 
+ .IP "\fBgid\fP"
+ This parameter specifies the group name or group ID that
+ file transfers to and from that module should take place as when the daemon
+-was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is gid \-2,
+-which is normally the group \(dq\&nobody\(dq\&.
++was run as root. This complements the \(dq\&uid\(dq\& parameter. The default is
++\(dq\&_rsync\(dq\&.
+ .IP 
+ .IP "\fBfake super\fP"
+ Setting \(dq\&fake super = yes\(dq\& for a module causes the
+@@ -460,7 +458,7 @@ limit the length of passwords that can be typed at the
  you may find that passwords longer than 8 characters don\(cq\&t work.
  .IP 
  There is no default for the \(dq\&secrets file\(dq\& parameter, you must choose a name
@@ -25,7 +43,18 @@ $OpenBSD: patch-rsyncd_conf_5,v 1.1 2011/03/07 19:48:20 ajacoutot Exp $
  by \(dq\&other\(dq\&; see \(dq\&strict modes\(dq\&.
  .IP 
  .IP "\fBstrict modes\fP"
-@@ -785,12 +784,12 @@ pid file = /var/run/rsyncd.pid
+@@ -758,8 +756,8 @@ A more sophisticated example would be:
+ .PP 
+ .nf 
+ 
+-uid = nobody
+-gid = nobody
++uid = _rsync
++gid = _rsync
+ use chroot = yes
+ max connections = 4
+ syslog facility = local5
+@@ -785,12 +783,12 @@ pid file = /var/run/rsyncd.pid
          path = /data/cvs
          comment = CVS repository (requires authentication)
          auth users = tridge, susan
@@ -40,7 +69,7 @@ $OpenBSD: patch-rsyncd_conf_5,v 1.1 2011/03/07 19:48:20 ajacoutot Exp $
  .PP 
  .RS 
  \f(CWtridge:mypass\fP
-@@ -803,7 +802,7 @@ The /etc/rsyncd.secrets file would look something like
+@@ -803,7 +801,7 @@ The /etc/rsyncd.secrets file would look something like
  .SH "FILES"
  
  .PP 

net/rsync/pkg/PLIST

@@ -1,8 +1,9 @@
-@comment $OpenBSD: PLIST,v 1.11 2009/01/06 16:34:34 naddy Exp $
+@comment $OpenBSD: PLIST,v 1.12 2011/04/02 15:13:25 ajacoutot Exp $
+@newgroup _rsync:669
+@newuser _rsync:669:_rsync:daemon:rsync Daemon:/var/empty:/sbin/nologin
 @bin bin/rsync
 @man man/man1/rsync.1
 @man man/man5/rsyncd.conf.5
 share/doc/rsync/
 share/doc/rsync/tech_report.tex
-@cwd ${SYSCONFDIR}
+@extra ${SYSCONFDIR}/rsyncd.conf
-@extra rsyncd.conf