[lug] rsync permissions problem
hugh at math.byu.edu
Thu Dec 14 22:50:35 MST 2006
D. Stimits wrote:
>> On the WWW server /var/www is permissioned 775 wwwrun.www .
>> The user who pushes the files is named "back". "back" is in the www
> What exactly do you mean by being in the group? Is this his primary
> group? Or is it another group which is in addition to the one he has
> from original creation?
>> When I call the script from dev I get all these permission denied
>> errors and Im not sure why because its group WWW writable. The only
>> way I can get this to work is by chmod 777 /var/www then reverting.
>> Any idea??
> If this is not his primary group, he has to use newgrp in order to take
> on the permissions of that group. Aside from ACL's, probably not being
> logged in as that particular group would come to mind first.
I don't think the non-primary group would be the immediate problem. The
only time I've had to use newgrp was when I'd been added to a group
after I'd logged in or when the name of the group was after the first
255 chars of all the other groups I was in (e.g. groups|wc -c >255). I
just tested that I could create a file in a directory not owned by me
nor owned by my primary group. However, it was owned by
me:primary_group. So, the drawback of www not being the primary group
is that any new files created under /var/www would be owned by
back:back's_primary_group and the perms would have to be fixed (assuming
that wwwrun needed to own them). This can be partially fixed by making
all the directories be setgid.
More information about the LUG