scp permissions problem - SSH

This is a discussion on scp permissions problem - SSH ; Hi All! This really is a file permissions problem ... although I'm not sure how to solve it. Any assistance would be greatly appreciated. I have a series of load balanced servers. Each of the servers is arranged exactly the ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: scp permissions problem

  1. scp permissions problem

    Hi All!

    This really is a file permissions problem ... although I'm not sure how

    to solve it. Any assistance would be greatly appreciated.

    I have a series of load balanced servers. Each of the servers is
    arranged exactly the same and handles file uploads from users as
    follows:

    1) User submits file to www1 server
    2) www1 server saves file with permissions showing user "www" is the
    owner, dir owner is the group for the file ("sg" in this case).
    3) cron script on www1 scp's the file to www2 server.
    3a) cron executes scp -p origfile sg@www1:destfile
    3b) destfile appears on www2 with ownership sg/sg, same permissions as
    origfile

    All of this works great up until the following happens ...

    4) User resubmits the file to www2 server
    5) www2 attempts to update file located on www2 server with new
    version, but cannot modify file (attempting to overwrite a file owned
    by sg/sg with a file to be owned by www/sg).
    6) User continues to see old image, new image is not replicated

    Where am I going wrong here? Any assistance would be appreciated.

    Stephen


  2. Re: scp permissions problem

    3a) cron executes scp -p origfile sg@www1:destfile

    oops should be

    3a) cron executes scp -p origfile sg@www2:destfile


  3. Re: scp permissions problem

    On 2006-02-23, stephen.mayer@gmail.com wrote:
    > 4) User resubmits the file to www2 server
    > 5) www2 attempts to update file located on www2 server with new
    > version, but cannot modify file (attempting to overwrite a file owned
    > by sg/sg with a file to be owned by www/sg).


    Are the files group writable?

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  4. Re: scp permissions problem

    stephen.mayer@gmail.com wrote:
    >This really is a file permissions problem ... although I'm not sure how
    >to solve it. Any assistance would be greatly appreciated.


    I'd call it a user identity problem rather than a file permissions problem.

    >1) User submits file to www1 server
    >2) www1 server saves file with permissions showing user "www" is the
    >owner, dir owner is the group for the file ("sg" in this case).
    >3) cron script on www1 scp's the file to www2 server.
    >3a) cron executes scp -p origfile sg@www2:destfile
    >3b) destfile appears on www2 with ownership sg/sg, same permissions as
    >origfile


    What is your reason for having www own the incoming file and sg own the
    copy?

    >All of this works great up until the following happens ...
    >4) User resubmits the file to www2 server
    >5) www2 attempts to update file located on www2 server with new
    >version, but cannot modify file (attempting to overwrite a file owned
    >by sg/sg with a file to be owned by www/sg).


    Right, this won't work. You've set it up so that uploaded files are writable
    by a different user than copied files, but both go to the same place. Fix the
    design

    Option 1: only allow uploads to www1. They'll all be owned by www, and the
    mirrors will all be owned by sg, there's never a conflict.
    Option 2: scp the file as "www" rather than "sg", so all the files are always
    owned by "www".
    Option 3: create a different upload area than the copy area - uploaded files
    go to uploads/ owned by "www", and copies on all machines (including the
    upload machine, scp'd to itself) can be owned by "sg".
    --
    Mark Rafn dagon@dagon.net

+ Reply to Thread