Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Who is familiar with rsync. A little problem?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Who is familiar with rsync. A little problem?

coolgoolecoolgoole Barred
edited September 2021 in Help

Hi

Both vps are not allowed to log in as root
Both machines A and B are logged in as user X

When A rsync to B. The file user name will be all changed to x

for example

rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

redis.conf --- the username is redis rsync to the remote will be changed to X

-rw-r--r-- 1 redis redis 9.4K Apr 23 12:57 redis.conf
Local---to---remote
-rw-r--r-- 1 XXX XXX 9.4K Apr 23 12:57 redis.conf

Why is this problem ?

thank you all

Comments

  • A non-root user cannot chown files to someone else (in most cases).

  • @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

  • @coolgoole said:

    @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

    sudo rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

    Give the user sudo rights if they don't have it yet. For example, while logged in as that user, switch to root, su - root, then add the user to the sudo group, switch back to the user and run the above rsync command.

  • coolgoolecoolgoole Barred
    edited September 2021

    @scooke said:

    @coolgoole said:

    @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

    sudo rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

    Give the user sudo rights if they don't have it yet. For example, while logged in as that user, switch to root, su - root, then add the user to the sudo group, switch back to the user and run the above rsync command.

    Using sudo, root user cannot login to the remote host

    Could not resolve hostname bbb: Name or service not known

    The following cases are also unavailable

    add the following to your /etc/sudoers file: rsyncuser ALL= NOPASSWD:/usr/bin/rsync

    rsync -avz -e ssh /home/ xxx@ip:/remote/ --rsync-path="cat my_password.txt | sudo -Sv && sudo rsync"

    Only the root user can complete rsync

    https://superuser.com/questions/270911/run-rsync-with-root-permission-on-remote-machine

    I would recommend that you just use the root account in the first place. If you set it up like this:

    Configure your sshd_config on the target machine to PermitRootLogin without-password.
    Use ssh-keygen on the machine that pulls the backup to create an SSH private key (only if you don't already have an SSH key). Do not set a passphrase. Google a tutorial if you need details for this, there should be plenty.
    Append the contents of /root/.ssh/id_rsa.pub of the backup machine to the /root/.ssh/authorized_keys of your target machine.
    Now your backup machine has root access to your target machine, without having to use password authentication.
    then the resulting setup should be pretty safe.

  • If not of being root, otherwise having membership of a sufficiently privileged group, or access via sudo, are not possible, look at --fake-super and -M--fake-super (see the manpage via "man rsync" or one of the online options like https://manpages.debian.org/bullseye/rsync/rsync.1.en.html). These options use extended attributes (which most modern filesystems support: https://en.wikipedia.org/wiki/Extended_file_attributes#Linux) to store the information that otherwise cannot be preserved by a lower privileged user.

  • rsync -zavP --no-owner

    Thanked by 1dahartigan
  • @coolgoole said:

    @scooke said:

    @coolgoole said:

    @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

    sudo rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

    Give the user sudo rights if they don't have it yet. For example, while logged in as that user, switch to root, su - root, then add the user to the sudo group, switch back to the user and run the above rsync command.

    Using sudo, root user cannot login to the remote host

    Could not resolve hostname bbb: Name or service not known

    The following cases are also unavailable

    add the following to your /etc/sudoers file: rsyncuser ALL= NOPASSWD:/usr/bin/rsync

    rsync -avz -e ssh /home/ xxx@ip:/remote/ --rsync-path="cat my_password.txt | sudo -Sv && sudo rsync"

    Only the root user can complete rsync

    https://superuser.com/questions/270911/run-rsync-with-root-permission-on-remote-machine

    I would recommend that you just use the root account in the first place. If you set it up like this:

    Configure your sshd_config on the target machine to PermitRootLogin without-password.
    Use ssh-keygen on the machine that pulls the backup to create an SSH private key (only if you don't already have an SSH key). Do not set a passphrase. Google a tutorial if you need details for this, there should be plenty.
    Append the contents of /root/.ssh/id_rsa.pub of the backup machine to the /root/.ssh/authorized_keys of your target machine.
    Now your backup machine has root access to your target machine, without having to use password authentication.
    then the resulting setup should be pretty safe.

    You don’t use the root user for the rsync command or login, you use the root user to add user XXX to the sudoers list. But, I think it will still be a problem because user XXX probably won’t have sudo rights on the machine of user xxx. One work around I’ve done in a similar situation is to just make one or both users on the other machines. Then the permissions remain the same. If I’ve needed to then chown the files to another user, I just do that locally.

    The reason this isn’t possible, as you’ve initially asked, is then almost anyone could use something like rsync to get into anyone else’s machines and wreak havoc. Permissions are KEY.

  • @coolgoole said:

    @scooke said:

    @coolgoole said:

    @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

    sudo rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

    Give the user sudo rights if they don't have it yet. For example, while logged in as that user, switch to root, su - root, then add the user to the sudo group, switch back to the user and run the above rsync command.

    Using sudo, root user cannot login to the remote host

    Could not resolve hostname bbb: Name or service not known

    The following cases are also unavailable

    add the following to your /etc/sudoers file: rsyncuser ALL= NOPASSWD:/usr/bin/rsync

    rsync -avz -e ssh /home/ xxx@ip:/remote/ --rsync-path="cat my_password.txt | sudo -Sv && sudo rsync"

    Only the root user can complete rsync

    https://superuser.com/questions/270911/run-rsync-with-root-permission-on-remote-machine

    I would recommend that you just use the root account in the first place. If you set it up like this:

    Configure your sshd_config on the target machine to PermitRootLogin without-password.
    Use ssh-keygen on the machine that pulls the backup to create an SSH private key (only if you don't already have an SSH key). Do not set a passphrase. Google a tutorial if you need details for this, there should be plenty.
    Append the contents of /root/.ssh/id_rsa.pub of the backup machine to the /root/.ssh/authorized_keys of your target machine.
    Now your backup machine has root access to your target machine, without having to use password authentication.
    then the resulting setup should be pretty safe.

    Wait a minute, why are you answering your own question? Was this a quiz for the rest of us???

    Thanked by 2zafouhar bulbasaur
  • ArkasArkas Moderator

    Have you considered using BTRFS ?

  • bdlbdl Member
    edited September 2021

    @scooke said:

    @coolgoole said:

    @scooke said:

    @coolgoole said:

    @tetech said:
    A non-root user cannot chown files to someone else (in most cases).

    how to solve this problem

    sudo rsync -zavP -e 'ssh -p port' xxx@IP:/home/xxx/ /home/xxx/

    Give the user sudo rights if they don't have it yet. For example, while logged in as that user, switch to root, su - root, then add the user to the sudo group, switch back to the user and run the above rsync command.

    Using sudo, root user cannot login to the remote host

    Could not resolve hostname bbb: Name or service not known

    The following cases are also unavailable

    add the following to your /etc/sudoers file: rsyncuser ALL= NOPASSWD:/usr/bin/rsync

    rsync -avz -e ssh /home/ xxx@ip:/remote/ --rsync-path="cat my_password.txt | sudo -Sv && sudo rsync"

    Only the root user can complete rsync

    https://superuser.com/questions/270911/run-rsync-with-root-permission-on-remote-machine

    I would recommend that you just use the root account in the first place. If you set it up like this:

    Configure your sshd_config on the target machine to PermitRootLogin without-password.
    Use ssh-keygen on the machine that pulls the backup to create an SSH private key (only if you don't already have an SSH key). Do not set a passphrase. Google a tutorial if you need details for this, there should be plenty.
    Append the contents of /root/.ssh/id_rsa.pub of the backup machine to the /root/.ssh/authorized_keys of your target machine.
    Now your backup machine has root access to your target machine, without having to use password authentication.
    then the resulting setup should be pretty safe.

    Wait a minute, why are you answering your own question? Was this a quiz for the rest of us???

    The dude copied and pasted someone's response from another forum :smile:

    The OP with root access scares me.

Sign In or Register to comment.