[CentOS] problems with acl permissions changing ownership

Fri Mar 6 11:34:06 UTC 2009
Gerhardus.Geldenhuis at gta-travel.com <Gerhardus.Geldenhuis at gta-travel.com>


I am trying to get a non privileged user to update config files for
apache httpd and have attempted the following:

I have set the following permissions:

setfacl -m user:deployer:--x /etc/httpd
setfacl -R -m u:deployer:rwx,o::--- /etc/httpd/conf.d
setfacl -R -m u:deployer:rwx,o::--- /etc/httpd/conf

I then have a script that is run as the deployer user to checkout config
files from svn and copies it to /etc/httpd directory in the following
cd /tmp/versioned-config;
cp -Rfp --backup --suffix=.$(date +%F_%T) apache/etc/ /

However when I do that the ownership of the config files changes to
deployer.deployer and it looses the special permissions...

How can I prevent changing of ownership? The setfacl man page suggest
the use of the -p flag to preserve permissions.
Should I be using ACL's?
Is there a better way of doing this?

The --backup flag also complicates matters and I am considering getting
rid of it.


This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email