travis+ml-rsync at subspacefield.org
2010-Aug-11 17:18 UTC
feature request: "remote user is root, make remote owner is foo"
I often push files from my user account over SSH to my web server, and want them owned by www-user, which may not have a login shell, should never accept remote logins, and who may not have a ~/.ssh directory (and if it did, it would be under the wwwroot, ack!). Currently I push as root and then do a chmod, but isn't there a better way? While I'm doing this, the files are temporarily unavailable, since they aren't readable by www-user as they exist on the local system. -- A Weapon of Mass Construction My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email john at subspacefield.org to get blacklisted. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://lists.samba.org/pipermail/rsync/attachments/20100811/e14fbcc9/attachment.pgp>
Brian Cuttler
2010-Aug-11 17:32 UTC
feature request: "remote user is root, make remote owner is foo"
Travis, We also use rsync to push our files. While there are several users with the ability to do the push, the files on the webserver host are set with su-gid bit set. No matter which of our web people push the files to the visible server the files all move to a consistent groupship that allows the other users to replace them later. You may do something similar with your setup, the webserver group being in the same group as your webmaster(s)', at least on the receiving end of things. Are files on webserver are 775 and directories 1775 and we are less concerned about the owner of the file than the group of the file. YMMV Brian On Wed, Aug 11, 2010 at 10:18:11AM -0700, travis+ml-rsync at subspacefield.org wrote:> I often push files from my user account over SSH to my web server, and > want them owned by www-user, which may not have a login shell, should > never accept remote logins, and who may not have a ~/.ssh directory > (and if it did, it would be under the wwwroot, ack!). > > Currently I push as root and then do a chmod, but isn't there a better > way? While I'm doing this, the files are temporarily unavailable, since > they aren't readable by www-user as they exist on the local system. > -- > A Weapon of Mass Construction > My emails do not have attachments; it's a digital signature that your mail > program doesn't understand. | http://www.subspacefield.org/~travis/ > If you are a spammer, please email john at subspacefield.org to get blacklisted.> -- > Please use reply-all for most replies to avoid omitting the mailing list. > To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html--- Brian R Cuttler brian.cuttler at wadsworth.org Computer Systems Support (v) 518 486-1697 Wadsworth Center (f) 518 473-6384 NYS Department of Health Help Desk 518 473-0773 IMPORTANT NOTICE: This e-mail and any attachments may contain confidential or sensitive information which is, or may be, legally privileged or otherwise protected by law from further disclosure. It is intended only for the addressee. If you received this in error or from someone who was not authorized to send it to you, please do not distribute, copy or use it or any attachments. Please notify the sender immediately by reply e-mail and delete this from your system. Thank you for your cooperation.
Brian Cuttler
2010-Aug-11 17:34 UTC
feature request: "remote user is root, make remote owner is foo"
Travis, As a matter of principle, SOP, we don't like to ssh/rsync as root and generally don't allow root ssh/rsync into a box. Better/safer to move the security stuff to a lower powered user if you can. On Wed, Aug 11, 2010 at 10:18:11AM -0700, travis+ml-rsync at subspacefield.org wrote:> I often push files from my user account over SSH to my web server, and > want them owned by www-user, which may not have a login shell, should > never accept remote logins, and who may not have a ~/.ssh directory > (and if it did, it would be under the wwwroot, ack!). > > Currently I push as root and then do a chmod, but isn't there a better > way? While I'm doing this, the files are temporarily unavailable, since > they aren't readable by www-user as they exist on the local system. > -- > A Weapon of Mass Construction > My emails do not have attachments; it's a digital signature that your mail > program doesn't understand. | http://www.subspacefield.org/~travis/ > If you are a spammer, please email john at subspacefield.org to get blacklisted.> -- > Please use reply-all for most replies to avoid omitting the mailing list. > To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html--- Brian R Cuttler brian.cuttler at wadsworth.org Computer Systems Support (v) 518 486-1697 Wadsworth Center (f) 518 473-6384 NYS Department of Health Help Desk 518 473-0773 IMPORTANT NOTICE: This e-mail and any attachments may contain confidential or sensitive information which is, or may be, legally privileged or otherwise protected by law from further disclosure. It is intended only for the addressee. If you received this in error or from someone who was not authorized to send it to you, please do not distribute, copy or use it or any attachments. Please notify the sender immediately by reply e-mail and delete this from your system. Thank you for your cooperation.
Steve Polyack
2010-Aug-11 19:28 UTC
feature request: "remote user is root, make remote owner is foo"
On 08/11/10 13:18, travis+ml-rsync at subspacefield.org wrote:> I often push files from my user account over SSH to my web server, and > want them owned by www-user, which may not have a login shell, should > never accept remote logins, and who may not have a ~/.ssh directory > (and if it did, it would be under the wwwroot, ack!).This is off-topic, but I don't see a reason for having the files owned by the www user. If anything, they should only be in the www group and only group-readable. That is, unless you really want the www user to be able to write to your files. Think about a vulnerability (in apache, for instance) which would give someone the ability to act as the www user. They would then be able to change all of your site content. There's an approach that's even tighter than this that requires ACLs.> Currently I push as root and then do a chmod, but isn't there a better > way? While I'm doing this, the files are temporarily unavailable, since > they aren't readable by www-user as they exist on the local system.I think Brian's solution is ideal. Use the setgid bit on your web directories. -Steve Polyack
Matt McCutchen
2010-Aug-15 05:36 UTC
feature request: "remote user is root, make remote owner is foo"
On Wed, 2010-08-11 at 10:18 -0700, travis+ml-rsync at subspacefield.org wrote:> I often push files from my user account over SSH to my web server, and > want them owned by www-user, which may not have a login shell, should > never accept remote logins, and who may not have a ~/.ssh directory > (and if it did, it would be under the wwwroot, ack!). > > Currently I push as root and then do a chmod, but isn't there a better > way? While I'm doing this, the files are temporarily unavailable, since > they aren't readable by www-user as they exist on the local system.See the --usermap option, which is in the current development rsync and available in the "usermap.diff" maintained patch for rsync 3.0.*. -- Matt