[CentOS-mirror] File permission problems on new mirror

Fri Nov 30 18:43:29 UTC 2007
Kevin Stange <kevin at steadfast.net>

Stevens, Matthew wrote:
> I am working on setting up a local internal mirror to updates multiples
> servers. I am able to build the mirror by using rsync from a Tier2
> server without any problems. Where I encounter a problem, is that I do
> not have permissions to access the files under the centos directory via
> http (apache) or ftp (vsftpd). When attempting to browse the new mirror
> setup in a web browser, I get the error message saying access is denied.
> I believe only the root user is getting access to the files
> 
>  
> 
> Here are the permissions that are listed at the root of the mirror:
> drwxr-xr-x  18  501    501   4096 Nov 20 06:41 centos
> 
>  
> 
> I would like to know if it is normal that the user and group are both 501?
> 
> I run the rsync cron as root user, is this the proper what to sync with
> other mirrors?
> 

It's better not to run the rsync as the root user.  There is not reason
you should have to, and if you run as a specific user that you know both
the FTP and HTTP servers can access, it should ensure all the files are
owned as that user.  In our mirror we run as the user "mirror" so all
files for all mirrors are owned by that user.  Right now you're pulling
the numeric user ID from the mirror you're syncing from, which could be
different if you ever change mirrors, as well, so that 501 might end up
being something else down the road.  Not preserving ownership avoids
this problem.

Either way, the permissions listed on "centos" should allow everyone to
browse the directory, but your problem description centers on the
permissions of the files beneath this directory, which are the ones you
probably need to check.  Changing them manually is not going to help,
since they'll tend to get set back to what they were as you re-sync the
mirror.

Kevin

-- 
Kevin Stange
Chief Technology Officer
Steadfast Networks
http://steadfast.net

Phone: 312-602-2689 x203
Fax:   312-602-2688
Cell:  312-320-5867

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20071130/58483211/attachment-0004.sig>