Linux to Windows Rsync Permission Problems

mwoehlke mwoehlke@tibco.com
Mon Aug 7 20:55:00 GMT 2006 

(ugh, http://cygwin.com/acronyms/#TOFU... no fake meat for me, please!)

Jimmy McMillan wrote:
> mwoehlke wrote:
>> Jimmy McMillan wrote:
>>> I've had this problem for some time now, and just getting around to 
>>> doing something about it.  I'll keep the description as brief as 
>>> possible.
>>>
>>> I'm rsyncing from a linux server to a Windows XP machine's firewire 
>>> drive via SSH\cygwin\rsync.  The linux server pushs with the 
>>> following command.
>>>
>>> /usr/local/bin/rsync -e ssh --recursive --verbose --delete --force 
>>> --update /mnt/hd/mail_store/ 
>>> jackcorn@192.168.66.99:/cygdrive/i/backups/webs_data/
>>>
>>> 192.168.66.99 == My Workstation. (Windows XP + Cygwin)
>>> /cygdrive/i == 250GB firewire drive on my workstation. (NTFS)
>>> jackcorn == a Local user on my workstation.  (Didn't want to bother 
>>> with a domain account)
>>>
>>> it appears that any file owned by root once on it's NTFS filesystem 
>>> after the backup can be opened successfully.  However any file owned 
>>> by vpopmail:vchkpw cannot be opened.
>>> -rw-r--r--   1 root     root   167851 2005-10-04 15:33 byebye.sh
>>> -rwx--x--x   1 vpopmail vchkpw  55996 2005-06-28 14:44 clearopensmtp*
>>> (In this case I can open byebye.sh on the firewire drive after the 
>>> backup, but not the clearopensmtp)
>>>
>>> The only way I can access those files are to "Replace permission 
>>> entries on all child....yatta yatta" under the Advanced Security 
>>> Settings under windows.  However there are a couple hundred thousand 
>>> files in there and that can take some time.
>>>
>>> I've tried with the -g -o -p options with rsync and I've also tried 
>>> using CYGWIN=nontsec or CYGWIN=ntsec under the windows Enviro 
>>> Variables, with no luck.
>>>
>>> Is there anyway I can map the vpopmail user to a windows local user?  
>>> Or does anyone know what else to do?
>>
>> Well, first off, you don't have permission to read that file unless 
>> you are "vpopmail" (notice that only the owner has read permission?). 
>> Thus, you need to change the permissions to allow you to read it.
>>
>> Brute force solution #1 (assuming you can chown):
>> find . -user vpopmail -print0 | xargs -0 chown Administrator
>>
>> Brute force solution #2 (assuming you can chmod):
>> chown -R a+r .
>>
>> Both of those should be done on the backups ONLY - which would mean in 
>> Cygwin - as changing permissions on the computer using the files is a 
>> potential security risk (well, it's that on the backups, too, but I 
>> assume you feel comfortable with whatever safeguards you have against 
>> your backup drive being hacked into) and might cause programs to 
>> malfunction.
> 
> Matt, Thank, but I'd rather determine a way to preserve the perms by 
> using some type of ACL\UID exchange.  That way I don't have to doctor up 
> all the perms again if I have to restore from a backup.   It seems that 
> root\administrator have been mapped, hence the reason I can read root 
> owned files.

So you want to make a Windows user named 'vpopmail'? If you do that, and 
have done mkgroup and mkpasswd ('man' is your friend; so is searching 
the archives for these), and edited the respective files to match the 
UID/GID from Linux, then I would expect that 'vpopmail' can read the file.

If you are expecting any user OTHER then 'vpopmail' to be able to read 
the file, with the above permissions, I don't think that's going to 
happen (assuming you've verified that a member of Administrators is 
unable to read the file, and that an Administrators member really can't 
read it with the above permissions).

-- 
Matthew
And now back to your regularly scheduled e-mail.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list