LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-23-2015, 09:48 AM   #1
djcalve2
LQ Newbie
 
Registered: Feb 2015
Posts: 2

Rep: Reputation: Disabled
RSYNC Permission Issues without Sudo (Retain AFS Permissions)


I'm attempting to rsync a directory with several subdirectories from one machine to another and retain the AFS user-specific permissions in each individual subdirectory. As of now, I tried to fix this by adding the 2 network users and the "throwaway" local user (a dummy user solely for the purpose of having a cronjob to perform the rsync) to the same group as the directory, and giving the local user ownership of the destination directory. When I do this, it gives permission to the local user to use mkdir inside of the directory on the client machine. Unfortunately, the permissions are erased and the dummy user has full permissions. This needs to be done without sudo because that would create security issues. How can I rsync and retain original AFS user permissions without giving the dummy user sudo?
 
Old 02-23-2015, 11:13 PM   #2
Wocky
Member
 
Registered: Oct 2004
Location: Australia
Posts: 37

Rep: Reputation: 3
Have a look at setcap(8). It might work, depending on your OS and the filesystems in use.
 
Old 03-02-2015, 08:24 AM   #3
djcalve2
LQ Newbie
 
Registered: Feb 2015
Posts: 2

Original Poster
Rep: Reputation: Disabled
For setcap, can you give the user these capabilities or the file itself? It also seems as if setcap is only for executable files.

Last edited by djcalve2; 03-02-2015 at 08:49 AM.
 
Old 03-02-2015, 08:49 AM   #4
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: Rocky Linux
Posts: 4,786

Rep: Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216Reputation: 2216
You can give the "dummy" user sudo permissions for just the exact rsync command (including all args) that needs to be run and nothing else. To allow the command to be run from a cron job, you would also need the "!requiretty" and probably "!lecture" options, as well as "NOPASSWD" for that rsync command. For example:
Code:
Defaults: dummyuser !lecture, !requiretty
dummyuser localhost = NOPASSWD: /usr/bin/rsync -av somehost:/some/directory/ /dest/directory
That allows dummyuser to run exactly "sudo /usr/bin/rsync -av somehost:/some/directory/ /dest/directory" and no variation of that rsync command.

Last edited by rknichols; 03-02-2015 at 08:52 AM.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Does mv retain permissions pgb205 Linux - Newbie 5 08-09-2015 11:34 AM
Fine-grained permissions in distributed filesystems Lustre, GlusterFS, AFS and others Turbocapitalist Linux - Server 0 11-20-2013 07:45 PM
[SOLVED] Your thoughts on shared/synced homes? NFS, AFS, rsync, puppet ? KuimFieg Linux - Server 2 01-10-2012 04:21 PM
"sudo rsync -avuzogqb --backup-dir" permissions lost to root Nudelsalat Linux - General 1 01-09-2010 12:33 PM
retain file permission lightpace Linux - Newbie 1 12-06-2007 12:47 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 12:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration