Ernest.Mueller@ni.com
2006-May-09 18:18 UTC
Post-Win2k3 Upgrade rsync+ssh Permissions Problem
Hi all. OK, so I have a mostly Solaris infrastructure with a group of Windows 2000 server boxes. I installed Cygwin rsync/ssh on them and have been using it to keep Web images up to date by pushing them from a central server thus: /usr/local/bin/rsync -e ssh -vrtz --delete --rsync-path=c:/cygwin/bin/rsync.exe /webnfs/webfiles/images/ winserver:d:/webfiles/images This sync runs as the UNIX user "weblord", uid 3260. This has been working fine. However, now we upgraded the OS to Windows 2003 Server. I installed the newest rsync (2.6.6) on the new system. After the upgrade, new files getting synced over were unreadable by the Web server. Here's what the permissions look like: -rwxr-----+ 1 Administrators mkpasswd 864 Jun 9 1999 yes.gif -rwxr-----+ 1 544 401 864 Jun 9 1999 yes.gif I installed SSH with privsep=no and had it add the ssh account, and added the "weblord" account locally and set its uid to 500 so it'd be Administrator. cygwin/etc/passwd: SYSTEM:*:18:544:,S-1-5-18:: Administrators:*:544:544:,S-1-5-32-544:: Administrator:unused_by_nt/2000/xp:500:513:U-ROBOTRON\Administrator,S-1-5-21-3136447401-2129490065-3906172409-500:/home/Administrator:/bin/bash Guest:unused_by_nt/2000/xp:501:513:U-ROBOTRON\Guest,S-1-5-21-3136447401-2129490065-3906172409-501:/home/Guest:/bin/bash SUPPORT_388945a0:unused_by_nt/2000/xp:1001:513:CN=Microsoft Corporation,L=Redmond,S=Washington,C=US,U-ROBOTRON\SUPPORT_388945a0,S-1-5-21-3136447401-2129490065-3906172409-1001:/home/SUPPORT_388945a0:/bin/bash weblord:unused_by_nt/2000/xp:500:513:weblord,U-ROBOTRON\weblord,S-1-5-21-3136447401-2129490065-3906172409-1004:/home/weblord:/bin/bash sshd_server:unused_by_nt/2000/xp:1009:513:sshd server account,U-ROBOTRON\sshd_server,S-1-5-21-3136447401-2129490065-3906172409-1009:/var/empty:/bin/false When I look at the Windows permissions of the new files they differ in that the old files had an owner list of Administrators SYSTEM Domain Users Users Everyone But the new files have Adminstrator Domain Users Everyone So I blasted in a chmod -R ugo+r and it fixed my problem as of a point in time, but I need to figure out why when rsyncing the files over they're getting different ownership/perms than they were... Any help welcome! Thanks, Ernest Mueller
On Tue, 2006-05-09 at 13:02 -0500, Ernest.Mueller@ni.com wrote:> After the upgrade, new files getting synced over were unreadable by the Web > server. > > Here's what the permissions look like: > > -rwxr-----+ 1 Administrators mkpasswd 864 Jun 9 1999 yes.gif > -rwxr-----+ 1 544 401 864 Jun 9 1999 yes.gifHow Cygwin translates the Unix permissions set by the receiving rsync into NTFS ACLs is beyond me, but this article attempts to describe it: http://cygwin.com/cygwin-ug-net/ntsec.html Anyway, if telling Cygwin to grant everyone read permission seems to be enough to solve the problem, pass --chmod=ugo+r to rsync to have it chmod files as they are transferred. You need at least rsync 2.6.7 on the sender for this to work. Matt