cwrsync 4.0.4 : permission question

11 posts / 0 new
Last post
klaus.kuplen
Offline
Last seen: 8 years 8 months ago
Joined: 15.07.2010 - 11:11
cwrsync 4.0.4 : permission question

Hi

I am syncing between rsync 3.0.4 and several 3.0.7 versions on mostly windows 2003 R2.

When updating to 3.0.7 I ran into many permission problems:

When using option -a i got the following error: rsync: chown "/CMS/hard/somePath.html" (in depot) failed: Invalid argument (22)

after much trying around i setteled for

rsync --recursive --times --compress --verbose --stats --delete

But that messed up the directory rights on the target machine: 2 or 3 folders below suddenly the user svccwrsync did not have any permissions left. Any use of --owner --perms --group causes many errors telling me that the operation (chown, chgroup ...) failed.

Now i added the local svccwrsync user to the local admin group and it seams to be better now. Is there any better solution?

Here is a short rsyncd.conf and a sample sync call, maybe anyone got a hint for me

 

use chroot = false
strict modes = false
log file = /cygdrive/d/Sites/rsyncd.log
pid file = rsyncd.pid
lock file = rsyncd.lock
max connections = 2
secrets file = rsyncd.secrets
uid=0
gid=0

[somePath]
comment = php application checking depotserver storage use
path    = /cygdrive/D/test/rsyncTest
read only = false
transfer logging = yes
auth users = CWsync

and the call goes like this

SET CWRSYNCHOME="C:\Program Files\cwRsync"
SET CYGWIN=nontsec
SET HOME=%HOMEDRIVE%%HOMEPATH%

SET CWOLDPATH=%PATH%
SET PATH=%CWRSYNCHOME%;%PATH%


SET RSYNC_PASSWORD=youDoNotNeedToKnow
rsync --recursive --times --compress --verbose --stats --delete /cygdrive/d/somePath/ CWsync@someHost::somePath

Bye

Klaus

itefix
Offline
Last seen: 10 hours 33 min ago
Joined: 01.05.2008 - 21:33
This is probably an etc/fstab

This is probably an etc/fstab issue. Make sure that your /cygdrive/d is listed with noacl option.

klaus.kuplen
Offline
Last seen: 8 years 8 months ago
Joined: 15.07.2010 - 11:11
Thanks for the reply. I've

Thanks for the reply.

I've been playing around with it for some time but did not get the results i want:

 

Running
D:\test\rsyncTest>"c:\Program Files\icw\Bin\rsync.exe" --archive testSource CWsync@hkisms016::test

results in

rsync: chown "testSource" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder" (in test) failed: Invalid argument (22)
rsync: chown "testSource/.1.conf.dtVzYB" (in test) failed: Invalid argument (22)
rsync: chown "testSource/.2.conf.tJPong" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder/.3.conf.TYbbpR" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder/.4.conf.gtrQgR" (in test) failed: Invalid argument (22)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1042) [sender=3.0.7]

With this fstab:

C:/Program\040Files/ICW / ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/bin /usr/bin ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/etc/terminfo /usr/share/terminfo ntfs override,binary,noacl 0 0
D:    /cygdrive/d    ntfs    override,binary,acl    0 0

Where the rsync target "test" is below /cygdrive/d/Sites/

 

Now with noacl:

C:/Program\040Files/ICW / ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/bin /usr/bin ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/etc/terminfo /usr/share/terminfo ntfs override,binary,noacl 0 0
D:    /cygdrive/d    ntfs    override,binary,noacl    0 0

This run

D:\test\rsyncTest>"c:\Program Files\icw\Bin\rsync.exe" --archive testSource CWsync@hkisms016::test

results in

 

rsync: chown "testSource" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder" (in test) failed: Invalid argument (22)
rsync: chown "testSource/.1.conf.v0D9Fx" (in test) failed: Invalid argument (22)
rsync: chown "testSource/.2.conf.3kzmuD" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder/.3.conf.pokY77" (in test) failed: Invalid argument (22)
rsync: chown "testSource/subFolder/.4.conf.BPSZPx" (in test) failed: Invalid argument (22)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1042) [sender=3.0.7] 

 using --owner or -a (implizit -o) does not work at all ( chown Invalid argument (22))

I tried the following

  • replacing -a with longer substitues
  • removing all occurences of owners, even implizig ones (-a uses an implizit --owner)
  • adding --super

D:\test\rsyncTest>"c:\Program Files\icw\Bin\rsync.exe"  --recursive  --delete  --perms --group --super --times  --compress testSource CWsync@hkisms016::test

results in a sync without error, but thats not the whole story

  • permissions are not inherited
  • folder permissions are somewhat broken (svccwrsync service account has not rights on the files left, but accesses as local admin)
  • when clicking on the security tab in permissions, the permissions are incorrectly ordered

Here are screens of the windows permissions

 

 

Do you have any hints? I tried the newest version as target and source. My personal guess is that it's an issue within the underlying cygwin. But I could not point my finger at it.

We used -a in the scripts for a long time - i found rsync 2.6.9 on a few machines and it worked like a charm untill a few versions ago.  User accounts on the source machine is a domain user, user account on the receiving end is mostly the local svccwrsync service account and on 2 or 3 machines a domain user.

Currently i'm out of ideas and in need for help.

Bye

/K

haqthat
Offline
Last seen: 9 years 2 weeks ago
Joined: 03.12.2009 - 18:48
I too experience the

I too experience the EXACT same issues, had to move from --archive to --recursive just to get rid of the chown errors.
Although now I experience the wierd permission problems, which were not present in the old cygwin ~cwrsync 3.0.1(ish)

IMO: the old cygwin did not have as many issues as the new version.

I now deal with:
-permission issues
-chown issues
-fstab (that isn't clearly documented anywhere for use with cwrsync)
-and password problems (pwfile must not be other accessable, pwfile must be owned as root when running as root).

I have multiple threads open on the forum, still awaiting a response from tk

Love the work you do tk, I just wish the forums were a bit more active, I'm (we're) at your mercy.

klaus.kuplen
Offline
Last seen: 8 years 8 months ago
Joined: 15.07.2010 - 11:11
Hi My experience in short:

Hi

My experience in short: any use of ownership or permissions on rsync 3.0.4 upward is defunct. What worked yesterday was

rsync --super --recursive --delete --compress --times testSource CWsync@hkisms016::testDestination

This leaves local admins and local users with rights but does not deal with any domain users. Thats good enough for me as we only distribute mirror files to depots. Any use of --owner --group -a --perms is BAD.

In this config the fstab did not matter - in fact i deleted my entry for

D:    /cygdrive/d    ntfs    override,binary,noacl    0 0

from the fstab and it still works. fstab is now in the same state as it was initaly created. We use a default install and that does currently NOT create any pwfile, we use the rsync.secrets and a gid and uid of 0 in rsyncd.conf. If anyone can explain the pwfile in this context to me I'll be grateful.

The messed up permissions can be fixed with a MS utility called ICACLS

ICACLS <folder> /reset /T /C

sets <folder> permissions to inheritence only, deleting all the mess that currently exits. Exporting and importing windows ACLs also works with ICACL. And they say icacls does keep the correct ACL sorting.

 

And for the record: I admire your work to tk :)

 

/K

 

klaus.kuplen
Offline
Last seen: 8 years 8 months ago
Joined: 15.07.2010 - 11:11
Another thing: the local

Another thing:

the local service account svccwrsync needs FULL  CONTROLL on the sync shares, otherwise --time parameters will not work. Modify-rights will not work.

itefix
Offline
Last seen: 10 hours 33 min ago
Joined: 01.05.2008 - 21:33
Please make sure that you

Please make sure that you have the following line in your fstab file

none /cygdrive cygdrive binary,posix=0,user,noacl 0 0

That will make sure that Cygwin will not try to enforce linux-like permissions. You  may need to restart the service in the case you have a server installation.

haqthat
Offline
Last seen: 9 years 2 weeks ago
Joined: 03.12.2009 - 18:48
tk, I added the entry into

tk, I added the entry into my fstab.

 none /cygdrive cygdrive binary,posix=0,user,noacl 0 0 

I attempted to run my command again, changing -r to -a, I still get:

 Chown failed: Invalid argument (22) 
klaus.kuplen
Offline
Last seen: 8 years 8 months ago
Joined: 15.07.2010 - 11:11
I tried the new entry in the

I tried the new entry in the FSTAB

It now looks like this:

C:/Program\040Files/ICW / ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/bin /usr/bin ntfs override,binary,noacl 0 0
C:/Program\040Files/ICW/etc/terminfo /usr/share/terminfo ntfs override,binary,noacl 0 0
none /cygdrive cygdrive binary,posix=0,user,noacl 0 0

The rsyncd.conf looks like that (exept the IPs)

use chroot = false
strict modes = false
hosts allow = 10.0.0.0/255.0.0.0
hosts deny = 6.6.6.0/255.255.255.0
log file = /cygdrive/d/Sites/rsyncd.log
pid file = rsyncd.pid
lock file = rsyncd.lock
max connections = 2
secrets file = rsyncd.secrets
gid=0
uid=0

[synctest]
comment = install files for depot server
path    = /cygdrive/d/Sites/test
read only = false
transfer logging = yes
auth users = CWsync

Running the command

SET CYGWIN=nontsec
SET RSYNC_PASSWORD=supersecret
rsync -a test CWsync@hkisms016::synctest


results in


rsync: chown "test" (in synctest) failed: Invalid argument (22)
rsync: chown "test/PEAR" (in synctest) failed: Invalid argument (22)
rsync: chown "test/PEAR/Testing" (in synctest) failed: Invalid argument (22)
rsync: chown "test/PEAR/Testing/Selenium" (in synctest) failed: Invalid argument (22)
rsync: chown "test/doc" (in synctest) failed: Invalid argument (22)

A look at the synctest share:

 

The files get transfered, but the service account locks himself out

 

 

Bye

/K

itefix
Offline
Last seen: 10 hours 33 min ago
Joined: 01.05.2008 - 21:33
I think the problem is

I think the problem is generated at the client side because of the use of the -a switch:

-a, --archive
This is equivalent to -rlptgoD. It is a quick way of saying you want recursion and want to preserve almost everything (with -H being a notable omission).

As options -g (preserve group),  -o (preserve ownership) and -p (preserve permissions) are implied by the -a option AND you don't have an fstab at the client side, you get permissions wrecked. There are two options worth to try:

  • run your rsync command without -a option. you can use -rltD instead
  • Create an etc directory one level up from the directory rsync executable adn place your fstab file there as well

Hope it helps.

haqthat
Offline
Last seen: 9 years 2 weeks ago
Joined: 03.12.2009 - 18:48
tk, My fstab file IS on the

tk, My fstab file IS on the client side ( I run an actual rsync server on an ubuntu machine out in the cloud).

/bin
/etc/fstab
/docs

and so on. Having the fstab on the client, and trying to use -a still results in:

Chown failed: Invalid argument (22)

The only solution so far is to use -r instead of -a.

Although I still have issues with "Password file must be owned by root when running as root."

My rsync commands are not run from within a batch script, so I can't set the passwordfile variable, I have to resort to using --password-file=c:\pw to keep it from prompting for a pw.

I have a post awaiting a reply on this topic. So far, I think using the fstab is looking like it doesn't make any difference. On the other hand, using the old cygwin dll and using nontsec worked fine.