-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://www.sanitarium.net/rsyncfaq/#sudo
On 06/20/12 18:26, PEOPLES, MICHAEL P wrote: > I have spent a day researching and attempting to debug this issue. > I am hoping someone can tell me how (or disabuse me of the delusion > that it's possible) to do the following: > > - Mirror the contents of a directory on one server to a remote > server where there are diverse ownership and permissions > > - File and directory ownership on both the source and destination > servers would normally prevent the user account initiating the > rsync session from accessing, modifying, or changing attributes of > the files and directories in question > > - Session authentication of the initiating user on the remote > server must be by public key > > - No root logins are permitted on either server > > I can successfully transfer the files with the user account, but if > the files have ownership attributes that need to be set on the > remote (destination) server, using the --owner, --group, and/or > --perms options produces errors indicating the "Operation is not > permitted". When logged into the remote server as the user, I > still cannot modify the attributes, only root (super user) can do > this. The "--super" command line option appears to have no > effect. > > Both servers are Red Hat Linux. I am using rsync 3.0.9. > > The only way I can conceive of doing this would be to record the > file attributes, transfer the files (along with a record of their > attributes), then run a script using sudo that would move the files > into their final location and set the attributes. This, however, > would seem to defeat much of the purpose of rsync. > > The manuals suggest there is a way to invoke super user > functionality when contacting a daemon instance, but I could not > get this to work. However, this appears to require contacting an > rsync daemon started by root. Attempting to perform the rsync, > while simultaneously using the public key, which can only be used > when "ssh" is invoked, seems to exclude the use of the daemon on > the remote side, effectively running the entire rsync session as > the user without elevated privileges. > > In short, I want to copy files from one server to another, and have > all ownership and permissions preserved (including root), using > rsync to perform "privileged" operations to set file attributes > properly and a public key to authenticate the user. > > Thanks. > > > Michael Peoples (mp4783) Senior Systems Manager AT&T - ATTSI > Office/Cell: 614-886-0923 > mpeop...@att.com<mailto:mpeop...@att.com> > > This e-mail and any files transmitted with it are AT&T property, > are confidential, and are intended solely for the use of the > individual or entity to whom this email is addressed. If you are > not one of the named recipient(s) or otherwise have reason to > believe that you have received this message in error, please notify > the sender and delete this message immediately from your computer. > Any other use, retention, dissemination, forwarding, printing, or > copying of this e-mail is strictly prohibited." > > > - -- ~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~ Kevin Korb Phone: (407) 252-6853 Systems Administrator Internet: FutureQuest, Inc. ke...@futurequest.net (work) Orlando, Florida k...@sanitarium.net (personal) Web page: http://www.sanitarium.net/ PGP public key available on web site. ~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/iTrUACgkQVKC1jlbQAQcgXwCeKYU/ES3s1Hs3qS3rVO7MiWmS MhkAniWNqB05p38ZGGWRP9HCcSGdYBD2 =OdwZ -----END PGP SIGNATURE----- -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
