Set permissions and owner's group for destination folder with rsync
I'm transferring html pages to my web server with rsync with:
rsync -r -og --chown=transfer:www-data webpage/* transfer@myserver:/path/to/wwwfolder/
I use the transfer account (dedicated for data transfer and limited to rsync and scp by rssh); the transfer user is a member of the www-data group but its primary group is wizard; the www-data group is the primary group of the www-data user which is the user that runs the web server. The destination folder wwwfolder does not exists and is created by rsync.
With this setup I have two problems related to the destination folder wwwfolder:
the created folder is owned by transfer:wizard, thus the web server cannot read its content. How can I tell rsync that the owner should be transfer:www-data? This owner is correctly set for the folder content by means of the --chown flag but the flag seems to be ignored for the container folder
the created folder has drwxrw-rw- permissions, so even if I would be able to set the owner to transfer:www-data then it would still not be readable by the web server since the group does not have X permission. How can I specify the destination folder permissions to rsync?
Please note that I cannot simply login with ssh and use chown/chomd since the shell for the transfer user on the server only accepts rsync and scp commands for security reasons. The rsync version on both the server and the client is 3.1.2 protocol version 31.
rsync
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
add a comment |
I'm transferring html pages to my web server with rsync with:
rsync -r -og --chown=transfer:www-data webpage/* transfer@myserver:/path/to/wwwfolder/
I use the transfer account (dedicated for data transfer and limited to rsync and scp by rssh); the transfer user is a member of the www-data group but its primary group is wizard; the www-data group is the primary group of the www-data user which is the user that runs the web server. The destination folder wwwfolder does not exists and is created by rsync.
With this setup I have two problems related to the destination folder wwwfolder:
the created folder is owned by transfer:wizard, thus the web server cannot read its content. How can I tell rsync that the owner should be transfer:www-data? This owner is correctly set for the folder content by means of the --chown flag but the flag seems to be ignored for the container folder
the created folder has drwxrw-rw- permissions, so even if I would be able to set the owner to transfer:www-data then it would still not be readable by the web server since the group does not have X permission. How can I specify the destination folder permissions to rsync?
Please note that I cannot simply login with ssh and use chown/chomd since the shell for the transfer user on the server only accepts rsync and scp commands for security reasons. The rsync version on both the server and the client is 3.1.2 protocol version 31.
rsync
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
rsync runs as usertransfer, and one user only has one uid and one gid.
– Ipor Sircer
Jan 29 at 11:51
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01
add a comment |
I'm transferring html pages to my web server with rsync with:
rsync -r -og --chown=transfer:www-data webpage/* transfer@myserver:/path/to/wwwfolder/
I use the transfer account (dedicated for data transfer and limited to rsync and scp by rssh); the transfer user is a member of the www-data group but its primary group is wizard; the www-data group is the primary group of the www-data user which is the user that runs the web server. The destination folder wwwfolder does not exists and is created by rsync.
With this setup I have two problems related to the destination folder wwwfolder:
the created folder is owned by transfer:wizard, thus the web server cannot read its content. How can I tell rsync that the owner should be transfer:www-data? This owner is correctly set for the folder content by means of the --chown flag but the flag seems to be ignored for the container folder
the created folder has drwxrw-rw- permissions, so even if I would be able to set the owner to transfer:www-data then it would still not be readable by the web server since the group does not have X permission. How can I specify the destination folder permissions to rsync?
Please note that I cannot simply login with ssh and use chown/chomd since the shell for the transfer user on the server only accepts rsync and scp commands for security reasons. The rsync version on both the server and the client is 3.1.2 protocol version 31.
rsync
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
I'm transferring html pages to my web server with rsync with:
rsync -r -og --chown=transfer:www-data webpage/* transfer@myserver:/path/to/wwwfolder/
I use the transfer account (dedicated for data transfer and limited to rsync and scp by rssh); the transfer user is a member of the www-data group but its primary group is wizard; the www-data group is the primary group of the www-data user which is the user that runs the web server. The destination folder wwwfolder does not exists and is created by rsync.
With this setup I have two problems related to the destination folder wwwfolder:
the created folder is owned by transfer:wizard, thus the web server cannot read its content. How can I tell rsync that the owner should be transfer:www-data? This owner is correctly set for the folder content by means of the --chown flag but the flag seems to be ignored for the container folder
the created folder has drwxrw-rw- permissions, so even if I would be able to set the owner to transfer:www-data then it would still not be readable by the web server since the group does not have X permission. How can I specify the destination folder permissions to rsync?
Please note that I cannot simply login with ssh and use chown/chomd since the shell for the transfer user on the server only accepts rsync and scp commands for security reasons. The rsync version on both the server and the client is 3.1.2 protocol version 31.
rsync
rsync
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
edited Jan 29 at 12:45
Rui F Ribeiro
40k1479135
40k1479135
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
asked Jan 29 at 11:18
Nicola MoriNicola Mori
1
1
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
rsync runs as usertransfer, and one user only has one uid and one gid.
– Ipor Sircer
Jan 29 at 11:51
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01
add a comment |
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
rsync runs as usertransfer, and one user only has one uid and one gid.
– Ipor Sircer
Jan 29 at 11:51
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
rsync runs as user
transfer, and one user only has one uid and one gid.– Ipor Sircer
Jan 29 at 11:51
rsync runs as user
transfer, and one user only has one uid and one gid.– Ipor Sircer
Jan 29 at 11:51
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f497427%2fset-permissions-and-owners-group-for-destination-folder-with-rsync%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f497427%2fset-permissions-and-owners-group-for-destination-folder-with-rsync%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Only the root user can write as any user/group.
– Ipor Sircer
Jan 29 at 11:38
But the transfer user is member of www-data, so why can't he create the folder with its secondary group?
– Nicola Mori
Jan 29 at 11:49
rsync runs as user
transfer, and one user only has one uid and one gid.– Ipor Sircer
Jan 29 at 11:51
I found a workaround: 1) I created a new user www-transfer with primary group www-data and use that for transferring data 2) I change the source folder permissions to drwxr-xr-x and call rsync with -a option which preserves the permissions
– Nicola Mori
Jan 29 at 12:01