Regarding ownership !!
Tim Conway
conway at us.ibm.com
Fri Apr 9 23:11:49 GMT 2004
Holy cow! Now that's a blast from the past. The thread started two years
ago... at least, the one he included part of. Since then, I lost that
job, spent 14 months unemployed, and got into a new job.
Anyway: your set of options is an almost complete specification of the
"--archive" or "-a" option. All you lack is "--links" or "-l"... bear
that in mind if you'd like to shorten what you have to type.
The --owner option is meaningless unless the process at the destination is
running with at least an effective UID of root(or 0), as only the root
user can "give files away". Looking at your results, I suspect you're
sending to an rsync daemon - a very fine option. The default is for an
rsync daemon to spawn as UID "nobody". If you want the rsync server to be
able to write files to belong to a user besides "nobody", you'll have to
specify a UID - either that of the person you want to own the files, or
"root" if you're handling multiple uids in a sync, as is undoubtedly the
case. If you're opening an rsyncd with root perms, make sure you control
it. If you have to give it access to multiple directories in / at the
same time, exclude /etc/ /bin, and so on. Better yet, change your process
so you can handle different directories under different modules, and put
them in chroot jails. A trick around that is to crossmount, if your OS
permits it... like say you need to give somebody access to /usr/openv and
/oracledata in the same module.
make a module with a path "/rsyncout".
make the directory /rsyncout and /rsyncout/usr/openv and
/rsyncout/oracledata
mount /oracledata /rsyncout/oracledata
mount /usr/openv /rsyncout/usr/openv
Now, those filesystems appear to be right there in their correct
relations to /, but hiding in your chroot jail.
Like I said, many operating systems don't like that. Most refuse. Some
comply and corrupt the filesystem. Some probably explode. :-)
You probably just need a destination all by itself, and have a quick,
simple, and easy road ahead. I just want to ensure that your'e thinking
about security as you open a root access to your system.
Tim Conway
Unix System Administration
Contractor - IBM Global Services
desk:3032734776
conway at us.ibm.com
Lakshminarayanan Radhakrishnan <lradhakr at ssd.usa.alcatel.com>
Sent by: rsync-bounces+conway=us.ibm.com at lists.samba.org
04/09/2004 09:38 AM
To
tim.conway at philips.com
cc
rsync at lists.samba.org, rsync-admin at lists.samba.org, mbp at humbug.org.au,
Lakshminarayanan Radhakrishnan <lradhakr at ssd.usa.alcatel.com>
Subject
Regarding ownership !!
Dear Mr.Tim,
Options used in rsync command in our system:
rsync --verbose --recursive --update --delete
--group --owner --times --perm
Eventhough i am using "-owner" option while synching to the mate system.
The owner ship from the System A is not restored in the System B.
( System B is destination ).
Why the ownership of System A is not restored in System B ?
( eg. ) file in system A : rwxr--r-- lakshmi comp a.c
file in system B:
becomes, rwxr--r-- nobody nobody a.c
Is there any option to restore the permission ?
thanks,
Lakshmi
tim.conway at philips.com wrote:
> Sent by: rsync-admin at lists.samba.org
> 02/05/2002 08:57 AM
>
More information about the rsync
mailing list