Why does rsync change directory permissions
Bryan O'Neal
Bryan.ONeal at TheONealAndAssociates.com
Thu May 6 18:31:04 MST 2010
You are corect that -a should do it. Indeed specifying -p is redundent
since -a is just a shortcut for -rlptgoD.
Question: Are you using ACL's? If so that requires -A
Question: Does vsiqcom have permission on the target directory?
Question: Are your UI'd the same for your owner user and group?
Question: What permissions do you get? Can you post a ls -aCl for both
source and target?
Question: Can you post a verbose itemized transfer that includes how
it is handling the permissions?
You can also do a chmod directly from the sync comand
-H, --hard-links preserve hard links
-p, --perms preserve permissions
-E, --executability preserve executability
--chmod=CHMOD affect file and/or directory permissions
-A, --acls preserve ACLs (implies -p)
-X, --xattrs preserve extended attributes
-o, --owner preserve owner (super-user only)
-g, --group preserve group
--devices preserve device files (super-user only)
--specials preserve special files
-p, --perms
This option causes the receiving rsync to set the destination
permissions to be the same as the source permissions. (See also the
--chmod option for a way to modify what rsync considers to be the
source permissions.)
When this option is off, permissions are set as follows:
Existing files (including updated files) retain their existing
permissions, though the --executability option might change just the
execute permission for the file.
New files get their "normal" permission bits set to the source file's
permissions masked with the receiving directory's default permissions
(either the receiving process's umask, or the permissions specified
via the destination directory's default ACL), and their special
permission bits disabled except in the case where a new directory
inherits a setgid bit from its parent directory.
Thus, when --perms and --executability are both disabled, rsync's
behavior is the same as that of other file-copy utilities, such as
cp(1) and tar(1).
In summary: to give destination files (both old and new) the source
permissions, use --perms. To give new files the destination-default
permissions (while leaving existing files unchanged), make sure that
the --perms option is off and use --chmod=ugo=rwX (which ensures that
all non-masked bits get enabled). If you'd care to make this latter
behavior easier to type, you could define a popt alias for it, such as
putting this line in the file ~/.popt (the following defines the -Z
option, and includes --no-g to use the default group of the
destination dir):
rsync alias -Z --no-p --no-g --chmod=ugo=rwX
You could then use this new option in a command such as this one:
rsync -avZ src/ dest/
(Caveat: make sure that -a does not follow -Z, or it will re-enable
the two "--no-*" options mentioned above.)
The preservation of the destination's setgid bit on newly-created
directories when --perms is off was added in rsync 2.6.7. Older rsync
versions erroneously preserved the three special permission bits for
newly-created files when --perms was off, while overriding the
destination's setgid bit setting on a newly-created directory. Default
ACL observance was added to the ACL patch for rsync 2.6.7, so older
(or non-ACL-enabled) rsyncs use the umask even if default ACLs are
present. (Keep in mind that it is the version of the receiving rsync
that affects these behaviors.)
--chmod
This option tells rsync to apply one or more comma-separated "chmod"
strings to the permission of the files in the transfer. The resulting
value is treated as though it were the permissions that the sending
side supplied for the file, which means that this option can seem to
have no effect on existing files if --perms is not enabled.
In addition to the normal parsing rules specified in the chmod(1)
manpage, you can specify an item that should only apply to a directory
by prefixing it with a 'D', or specify an item that should only apply
to a file by prefixing it with a 'F'. For example:
--chmod=Dg+s,ug+w,Fo-w,+X
It is also legal to specify multiple --chmod options, as each
additional option is just appended to the list of changes to make.
See the --perms and --executability options for how the resulting
permission value can be applied to the files in the transfer.
--fake-super
When this option is enabled, rsync simulates super-user activities by
saving/restoring the privileged attributes via special extended
attributes that are attached to each file (as needed). This includes
the file's owner and group (if it is not the default), the file's
device info (device & special files are created as empty text files),
and any permission bits that we won't allow to be set on the real file
(e.g. the real file gets u-s,g-s,o-t for safety) or that would limit
the owner's access (since the real super-user can always access/change
a file, the files we create can always be accessed/changed by the
creating user). This option also handles ACLs (if --acls was
specified) and non-user extended attributes (if --xattrs was
specified).
This is a good way to backup data without using a super-user, and to
store ACLs from incompatible systems.
The --fake-super option only affects the side where the option is
used. To affect the remote side of a remote-shell connection, specify
an rsync path:
rsync -av --rsync-path="rsync --fake-super" /src/ host:/dest/
Since there is only one "side" in a local copy, this option affects
both the sending and receiving of files. You'll need to specify a copy
using "localhost" if you need to avoid this, possibly using the "lsh"
shell script (from the support directory) as a substitute for an
actual remote shell (see --rsh).
This option is overridden by both --super and --no-super.
See also the "fake super" setting in the daemon's rsyncd.conf file.
-i, --itemize-changes
Requests a simple itemized list of the changes that are being made to
each file, including attribute changes. This is exactly the same as
specifying --out-format='%i %n%L'. If you repeat the option, unchanged
files will also be output, but only if the receiving rsync is at least
version 2.6.7 (you can use -vv with older versions of rsync, but that
also turns on the output of other verbose messages).
The "%i" escape has a cryptic output that is 11 letters long. The
general format is like the string YXcstpoguax, where Y is replaced by
the type of update being done, X is replaced by the file-type, and the
other letters represent attributes that may be output if they are
being modified.
The update types that replace the Y are as follows:
A < means that a file is being transferred to the remote host (sent).
A > means that a file is being transferred to the local host (received).
A c means that a local change/creation is occurring for the item (such
as the creation of a directory or the changing of a symlink, etc.).
A h means that the item is a hard link to another item (requires --hard-links).
A . means that the item is not being updated (though it might have
attributes that are being modified).
A * means that the rest of the itemized-output area contains a message
(e.g. "deleting").
The file-types that replace the X are: f for a file, a d for a
directory, an L for a symlink, a D for a device, and a S for a special
file (e.g. named sockets and fifos).
The other letters in the string above are the actual letters that will
be output if the associated attribute for the item is being updated or
a "." for no change. Three exceptions to this are: (1) a newly created
item replaces each letter with a "+", (2) an identical item replaces
the dots with spaces, and (3) an unknown attribute replaces each
letter with a "?" (this can happen when talking to an older rsync).
The attribute that is associated with each letter is as follows:
A c means either that a regular file has a different checksum
(requires --checksum) or that a symlink, device, or special file has a
changed value. Note that if you are sending files to an rsync prior to
3.0.1, this change flag will be present only for checksum-differing
regular files.
A s means the size of a regular file is different and will be updated
by the file transfer.
A t means the modification time is different and is being updated to
the sender's value (requires --times). An alternate value of T means
that the modification time will be set to the transfer time, which
happens when a file/symlink/device is updated without --times and when
a symlink is changed and the receiver can't set its time. (Note: when
using an rsync 3.0.0 client, you might see the s flag combined with t
instead of the proper T flag for this time-setting failure.)
A p means the permissions are different and are being updated to the
sender's value (requires --perms).
An o means the owner is different and is being updated to the sender's
value (requires --owner and super-user privileges).
A g means the group is different and is being updated to the sender's
value (requires --group and the authority to set the group).
The u slot is reserved for future use.
The a means that the ACL information changed.
The x means that the extended attribute information changed.
One other output is possible: when deleting files, the "%i" will
output the string "*deleting" for each item that is being removed
(assuming that you are talking to a recent enough rsync that it logs
deletions instead of outputting them as a verbose message).
--out-format=FORMAT
This allows you to specify exactly what the rsync client outputs to
the user on a per-update basis. The format is a text string containing
embedded single-character escape sequences prefixed with a percent (%)
character. A default format of "%n%L" is assumed if -v is specified
(which reports the name of the file and, if the item is a link, where
it points). For a full list of the possible escape characters, see the
"log format" setting in the rsyncd.conf manpage.
Specifying the --out-format option will mention each file, dir, etc.
that gets updated in a significant way (a transferred file, a
recreated symlink/device, or a touched directory). In addition, if the
itemize-changes escape (%i) is included in the string (e.g. if the
--itemize-changes option was used), the logging of names increases to
mention any item that is changed in any way (as long as the receiving
side is at least 2.6.4). See the --itemize-changes option for a
description of the output of "%i".
Rsync will output the out-format string prior to a file's transfer
unless one of the transfer-statistic escapes is requested, in which
case the logging is done at the end of the file's transfer. When this
late logging is in effect and --progress is also specified, rsync will
also output the name of the file being transferred prior to its
progress information (followed, of course, by the out-format output).
--log-file=FILE
This option causes rsync to log what it is doing to a file. This is
similar to the logging that a daemon does, but can be requested for
the client side and/or the server side of a non-daemon transfer. If
specified as a client option, transfer logging will be enabled with a
default format of "%i %n%L". See the --log-file-format option if you
wish to override this.
Here's a example command that requests the remote side to log what is happening:
rsync -av --rsync-path="rsync --log-file=/tmp/rlog" src/ dest/
This is very useful if you need to debug why a connection is closing
unexpectedly.
--log-file-format=FORMAT
This allows you to specify exactly what per-update logging is put into
the file specified by the --log-file option (which must also be
specified for this option to have any effect). If you specify an empty
string, updated files will not be mentioned in the log file. For a
list of the possible escape characters, see the "log format" setting
in the rsyncd.conf manpage.
The default FORMAT used if --log-file is specified and this option is
not is '%i %n%L'.
--stats
This tells rsync to print a verbose set of statistics on the file
transfer, allowing you to tell how effective rsync's delta-transfer
algorithm is for your data.
The current statistics are as follows:
Number of files is the count of all "files" (in the generic sense),
which includes directories, symlinks, etc.
Number of files transferred is the count of normal files that were
updated via rsync's delta-transfer algorithm, which does not include
created dirs, symlinks, etc.
Total file size is the total sum of all file sizes in the transfer.
This does not count any size for directories or special files, but
does include the size of symlinks.
Total transferred file size is the total sum of all files sizes for
just the transferred files.
Literal data is how much unmatched file-update data we had to send to
the receiver for it to recreate the updated files.
Matched data is how much data the receiver got locally when recreating
the updated files.
File list size is how big the file-list data was when the sender sent
it to the receiver. This is smaller than the in-memory size for the
file list due to some compressing of duplicated data when rsync sends
the list.
File list generation time is the number of seconds that the sender
spent creating the file list. This requires a modern rsync on the
sending side for this to be present.
File list transfer time is the number of seconds that the sender spent
sending the file list to the receiver.
Total bytes sent is the count of all the bytes that rsync sent from
the client side to the server side.
Total bytes received is the count of all non-message bytes that rsync
received by the client side from the server side. "Non-message" bytes
means that we don't count the bytes for a verbose message that the
server sent to us, which makes the stats more consistent.
On Thu, May 6, 2010 at 4:56 PM, <joe at actionline.com> wrote:
>
> When using rsync to upload files to my web host,
> it is changing directory permissions so things don't work
> until I ssh in and change the directory permission back
> to 755.
>
> Why is it doing this and what do I need to do to keep
> the permissions as they are set on my local system at 755.
>
> Here's the syntax that I used first and second. I added the 'p'
> thinking that would preserve permissions, but it did not.
>
> rsync -avH --progress /home/joe/mydata/av7/website/
> vsiqcom at box582.bluehost.com:www/av7/website/
> rsync -avHp --progress /home/joe/mydata/av7/website/
> vsiqcom at box582.bluehost.com:www/av7/website/
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
More information about the PLUG-discuss
mailing list