rsync ssh Userrights

maccinx · June 28, 2012, 9:38pm

Hi there,

i have two SLES Server and want to sync my Website on Sourcemachine /srv/www/htdocs/mySite/ to the other Targetmachine same Directory /srv/www/htdocs/mySite/.
On the Sourcemachine all Files have the User wwwrun Group www. After sync with rsync the Rights on the Targetmachine changed to sshUser:www.
Here my rsync Command:
rsync -avze ssh /srv/www/htdocs/mySite/ sshUser@targetmachine:/srv/www/htdocs/mySite/.
I thought with -a the rights are transfered to.

Cant find what im missing.

any ideas?

maccinx:cool:

system · June 29, 2012, 1:05am

On Thu, 28 Jun 2012 18:44:01 +0000, maccinx wrote:
[color=blue]

On the Sourcemachine all Files have the User wwwrun Group www. After
sync with rsync the Rights on the Targetmachine changed to sshUser:www.[/color]

Does the user wwwrun exist on the target machine?

If it does, does it have the same UID?

Jim

Jim Henderson, CNA6, CDE, CNI, LPIC-1, CLA10, CLP10
Novell Knowledge Partner

maccinx · June 29, 2012, 12:02pm

yes User wwwrun UID 30 are Systemusers on both Machines. I even thought about given wwwrun a passwort and use this user to connect via ssh wwwrun@targetmachine. But i think this is not a clever idea.

enovaklbank · June 29, 2012, 6:08pm

-o, --owner
This option causes rsync to set the owner of the destination file to be the same as the source file, but only if the receiving rsync is being run as the
super-user (see also the --super and --fake-super options). Without this option, the owner of new and/or transferred files are set to the invoking user on the
receiving side.

Jens-U · July 2, 2012, 2:50pm

Hi maccinx,

as has been pointed out by enovaklbank, the problem is that an ordinary user may not change file ownership. As you connect to the target server as “sshUser”, that’s the context you get and the reason why only scp within the root user context can effectively use “–owner”.

But rather than setting a password for wwwrun or even connecting as root, here’s another way to skin that cat: If it’s not necessary to trigger the transfer from sourcemachine, why not run the scp copy from targetmachine (“pull” instead of “push”), from the user wwwrun? As the files on sourcemachine are probably world-readable anyhow, you can use a low-privilege user on that machine to read the files, and as you’re running in a wwwrun context on targetmachine, you’ll be able to write the files with the proper ownership.

I even thought about given wwwrun a passwort and use this user to connect via ssh wwwrun@targetmachine. But i think this is not a clever idea.

You should use at least public key authentication, rather than setting (and using) passwords. Especially in automated environments, that’s much easier to handle…

Regards,
Jens

maccinx · July 2, 2012, 3:51pm

ah i see, running a pull on the targetmachine as wwwrun may solve my problem. IÂ´ll give it a try.
And of course i use public key authenification

Topic		Replies	Views
Re: Command to set folder\\file permitions SLES Configure-Administer	4	157	September 1, 2011
sFTP setup, what's missing? SLES Configure-Administer	1	195	November 1, 2012
Samba CIFS mount conflict SLES Configure-Administer	1	205	October 19, 2015
Shared folders/files issues SLES Configure-Administer	1	155	March 27, 2012
Samba share limited to only root SLES Configure-Administer	6	171	May 8, 2014

rsync ssh Userrights

Jim

Related Topics