Bug 1506234
Summary: | rsync daemon chgrp failed: Operation not permitted | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Martin Zelený <mzeleny> |
Component: | rsync | Assignee: | Michal Ruprich <mruprich> |
Status: | CLOSED NOTABUG | QA Contact: | Martin Zelený <mzeleny> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.5 | ||
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-11-30 12:43:10 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Martin Zelený
2017-10-25 13:16:03 UTC
Ok, I found a workaround. When I added the 'fake super = yes' to the conf file, it ended without any error. However, I will try to figure out what is happening without this option. It seems to me that this behaviour is correct. The daemon is started as root but when you run the rsync, the transfer is executed by user tester. And the user tester doesn't have permissions to change group to other than tester (assuming you only created the user and it belongs to one group - tester). I'm in contact with the upstream just to check whether this is a correction of behaviour in the previous version. Ok so I finally have some answers here. rsync is capable of changing to a different group only if the group is in the list of groups in the rsynd.conf for specific module. So if for example you try copy a file owned by root to your module, the root group needs to be one of the groups in the gid option. Because only these groups are then available for the actual transfer process. So the reproducer here needs this in the rsyncd.conf: [my_data] comment = test dir for rsync path = /home/tester read only = no uid = tester gid = tester root The fact that there is an error output is a new feature introduced in 3.1.0: - Added a way for more than one group to be specified in the daemon's config file, including a way to specify that you want all of the specified user's groups without having to name them. Also changed the daemon to complain about an inability to set explicitly-specified uid/gid values, even when not run by a super-user. |