On Wed, Jan 31, 2007 at 06:01:09PM -0600, Scott Moseman
wrote:> I have the need to do the same thing on some Internet facing servers,
> on which I do not allow root to ssh.
There are several options:
If all you care about is getting the permissions right (and not the
ownership), you should just chown all the files to a single user and
then login to run the rsync command as that user.
You could setup a sudo authorization from a user account that lets it
run any rsync command (or a specific rsync command) as root.
You could setup an rsync daemon on the host running as root, and then
use ssh to tunnel the daemon's socket connection into the system. The
firewall webpage mentions this tunneled access in Method 4:
http://rsync.samba.org/firewall.html
You could setup an account that has root privileges without being named
root and login to that (if that login would be allowed).
Finally, there is an rsync patch called fake-super.diff that is in the
patches directory of 2.6.9. This patch allows a non-root user to retain
ownership information for the files. This requires that your OS and the
disk partition support xattrs, and that you compile rsync with xattr
support (though you don't need to use the xattr transfer mode, and you
could even disable the xattr option, should you care to do so). See the
patched manpage for the usage, which looks something like this:
rsync -av --fake-super host:/src/ /dest/
rsync -av --rsync-path="rsync --fake-super" /src/ host:/dest/
This will only be helpful if the fake files are being used for backups,
and not for live files. If that is not the case, you'd need to reverse
the connection (have a root-run rsync connect to the backup host) or use
one of the other methods.
..wayne..