2

So I have this workflow which works but is clumsy"

RSYNC to ultrapress.co

rsync -azP --delete /Users/rocketadmin/Sites/vagrant-local/www/wordpress-default/wp-content/themes root@107.170.237.162:/var/www/ultrapress.co/htdocs/wp-content/

rsync -azP --delete /Users/rocketadmin/Sites/vagrant-local/www/wordpress-default/wp-content/plugins root@107.170.237.162:/var/www/ultrapress.co/htdocs/wp-content/

=============================================================

Then REPAIR ownership

sudo chown -R www-data:www-data /var/www

I'd like to know what arguments to use in rsync so I don't have chown my www folder everytime I sync Thank you in advance for your guidance...

Yoyo
  • 21
  • 2

4 Answers4

2

You have 3 ways of doing this:

  • Give SSH access to www-data and rsync using www-data user. This is highly not recommended but, if you do it with much care (block all SSH access except from your own IP, use an SSH key and remove the password for the www-data user), it may as well work.
  • Create a user and group on your local PC with the same names and numeric user IDs as the ones on your server and make sure that all files have these as owner before rsyncing (the -a flag that you are already using does this).
  • Make a wrapper script for rsync on the server that does the chown right after the rsync is done, then use --rsync-path argument for the client.
Florin Asăvoaie
  • 6,932
  • 22
  • 35
2

You can use sticky bits to make sure that everything that is created under /var/www/ultrapress.co would be owned by www-data user/group.

To do this, on the server set these permissions:

chown ultrapress.co www-data:www-data
chmod u+s ultrapress.co
chmod g+s ultrapress.co

Now whenever any user will make a new directory or file in this directory, it will have www-data's user and group.

You can also set the sticky bits on all of the existing subdirectories with:

find ultrapress.co -type d -exec chmod u+s,g+s '{}' +

Or alternatively, set sticky bit to /var/www directory:

chmod u+s,g+s /var/www
phoops
  • 2,073
  • 4
  • 18
  • 23
  • This solution is very elegant solution - I have more than one site on here in the www dir. I should have mentioned that. ultrapress.co and fuega.co - is there a way for a version of your solution to work with this new information in mind? – Yoyo Apr 11 '14 at 04:35
  • Just chown each. However you may need to apply these permissions recursively for all subdirectories. – Florin Asăvoaie Apr 11 '14 at 06:38
  • I edited @edvinas-me s post to reflect the subdirectories permissions updating. – Florin Asăvoaie Apr 11 '14 at 06:45
  • Well wouldn't it be simpler just to set these permissions on `/var/www` then? – phoops Apr 11 '14 at 07:43
  • Still, recursively on /var. – Florin Asăvoaie Apr 11 '14 at 12:43
  • Very cool fellas... I'm going try this now and report back it's success – Yoyo Apr 12 '14 at 01:34
  • I tried the sticky bits along with `rsync --no-o --no-g ...` and although new files and folders do inherit the group, their owner is not inherited from the parent folder, but instead determined by the rsync login account. – joeytwiddle Aug 13 '15 at 11:17
2

If you have access to rsync v.3.1.0 or later, the --chown option should be what you're looking for:

rsync -azP --chown=www-data:www-data [src] [dst]

Note: the -o and -g options are required for it to work, but of course, already included via the -a option you've set.

More info can be found via an answer on a similar question here: Rsync command issues, owner and group permissions doesn´t change

Community
  • 1
David Thompson
  • 1,136
  • 1
  • 7
  • 7
  • @Yoyo, glad this helped. If this did address your question, would you mind accepting it as the answer? It will help others find it easier. – David Thompson Aug 13 '15 at 19:49
  • yes @Yoyo please find a moment and push on that button Accept it as the right answer, thank you – silpol Mar 31 '17 at 07:04
1

My usual approach when doing this sort of thing is to do

rsync <options> www-data@remote-host

I then use SSH-key authentication for www-data on the remote server.

Personally I run the local script as www-data too, as I find that more logical.

chriscowley
  • 523
  • 4
  • 17
  • This seems pretty simple. I currently have a key working for root and forgot how to add another user (www-data) to it... this seems very logical to me as well – Yoyo Apr 11 '14 at 04:43