rsync : permission denied

Hardy Merrill hmerrill at redhat.com
Wed Nov 26 07:08:00 EST 2003


I've been following this list for several months, and
there has been discussion about ACL's, but I believe
that ACL's have NOT been included in rsync so far, and
especially not in version 2.5.5.

Based on the information you've given so far, I haven't
been able to reproduce your problem.  I am able to rsync
as the root user a directory that is owned by an
unprivileged user, and the directory I'm rsync'ing
has drwxrwx--- permissions - same as yours.

Please paste in the exact command you're using to do the
rsync.

-- 
Hardy Merrill
Red Hat, Inc.

Thierry ITTY [thierry.itty at besancon.org] wrote:
> I have 2 servers I'm keeping synch'ed via rsync
> intel rh9 boxes with 2.4.20 kernel with xfs (1.3.0), acl, quota... and ootb
> rsync 2.5.5 rpm
> 
> it works fine since a while
> 
> recently I created a directory with restricted access, and I get
> "permission denied" error messages. this directory named RESTRICTED belongs
> to user "user1" group "group1" and has drwxrwx--- access, + explicit acls
> (see below)
> 
> on both sides (client and server) I'm running as root, as you'll see below,
> and it doesn't work thought root is supposed to have an implicit access
> 
> I tried to give an explicit root access through ACLs, but it doesn't work
> 
> on the other hand, if I give "other" rx rights, it works fine.
> 
> the problem is that it is NOT secure to give "other" a read/execute access
> to this directory, nor is it possible to change the user or group owners
> 
> 
> [root at master dir]# getfacl RESTRICTED/
> # file: RESTRICTED
> # owner: user1
> # group: group1
> user::rwx
> group::rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:group:group1:rwx
> default:mask::rwx
> default:other::---
> 
> 
> [root at master dir]# ls -ald RESTRICTED/
> drwxrwxr-x    5 user1   group1    16384 nov 20 18:00 RESTRICTED/
> 
> 
> [root at master dir]# cat /etc/xinetd.d/rsync 
> # default: off
> # description: The rsync server is a good addition to an ftp server, as it \
> #       allows crc checksumming etc.
> service rsync
> {
>         disable = no
>         # *** disable   = yes
>         socket_type     = stream
>         wait            = no
>         user            = root
>         server          = /usr/bin/rsync
>         server_args     = --daemon
>         log_on_failure  += USERID
> }
> 
> 
> 
> How does rsync check permissions ??? is it ACL compatible ?
> 
> thanks for advice
> 
> Please cc me (thierry.itty at besancon.org) I'm not subscribed
> -- 
> To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync
> Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html



More information about the rsync mailing list