[lug] rsync permissions problem

Hugh Brown hugh at math.byu.edu
Thu Dec 14 22:50:35 MST 2006


D. Stimits wrote:
> ...
> 
>> On the WWW server /var/www is permissioned 775 wwwrun.www .
>> The user who pushes the files is named "back". "back" is in the www  
>> group.
>>
>>  
>>
> What exactly do you mean by being in the group? Is this his primary 
> group? Or is it another group which is in addition to the one he has 
> from original creation?
> 
>> When I call the script from dev I get all these permission denied 
>> errors and Im not sure why because its group WWW writable. The only 
>> way I can get this to work is by chmod 777 /var/www then reverting.
>>
>> Any idea??
>>  
>>
> 
> If this is not his primary group, he has to use newgrp in order to take 
> on the permissions of that group. Aside from ACL's, probably not being 
> logged in as that particular group would come to mind first.
> 


I don't think the non-primary group would be the immediate problem.  The 
only time I've had to use newgrp was when I'd been added to a group 
after I'd logged in or when the name of the group was after the first 
255 chars of all the other groups I was in (e.g. groups|wc -c >255).  I 
just tested that I could create a file in a directory not owned by me 
nor owned by my primary group.  However, it was owned by 
me:primary_group.  So, the drawback of www not being the primary group 
is that any new files created under /var/www would be owned by 
back:back's_primary_group and the perms would have to be fixed (assuming 
that wwwrun needed to own them).  This can be partially fixed by making 
all the directories be setgid.

Hugh



More information about the LUG mailing list