On Wed, 2010-08-11 at 10:18 -0700, travis+ml-rs...@subspacefield.org
wrote:
> I often push files from my user account over SSH to my web server, and
> want them owned by www-user, which may not have a login shell, should
> never accept remote logins, and who may not have a ~/.ssh directory
> (and i
On Wed, Aug 11, 2010 at 02:51:35PM -0700, travis+ml-rs...@subspacefield.org
wrote:
> On Wed, Aug 11, 2010 at 01:32:42PM -0400, Brian Cuttler wrote:
> [Set u+s on directories, don't worry about owners]
>
> It seems to work relatively well. I get an error about not being
> able to chgrp the files
On Wed, Aug 11, 2010 at 01:32:42PM -0400, Brian Cuttler wrote:
[Set u+s on directories, don't worry about owners]
It seems to work relatively well. I get an error about not being
able to chgrp the files owned by other users, and, in my case,
the group ends up wrong because it's not supposed to be
On 08/11/10 13:18, travis+ml-rs...@subspacefield.org wrote:
I often push files from my user account over SSH to my web server, and
want them owned by www-user, which may not have a login shell, should
never accept remote logins, and who may not have a ~/.ssh directory
(and if it did, it would be
On Wed, Aug 11, 2010 at 01:34:44PM -0400, Brian Cuttler wrote:
> As a matter of principle, SOP, we don't like to ssh/rsync as root
> and generally don't allow root ssh/rsync into a box. Better/safer
> to move the security stuff to a lower powered user if you can.
I'm familiar with the argument. L
Travis,
We also use rsync to push our files. While there are several users with
the ability to do the push, the files on the webserver host are set with
su-gid bit set.
No matter which of our web people push the files to the visible
server the files all move to a consistent groupship that allows
Travis,
As a matter of principle, SOP, we don't like to ssh/rsync as root
and generally don't allow root ssh/rsync into a box. Better/safer
to move the security stuff to a lower powered user if you can.
On Wed, Aug 11, 2010 at 10:18:11AM -0700, travis+ml-rs...@subspacefield.org
wrote:
> I oft
I often push files from my user account over SSH to my web server, and
want them owned by www-user, which may not have a login shell, should
never accept remote logins, and who may not have a ~/.ssh directory
(and if it did, it would be under the wwwroot, ack!).
Currently I push as root and then d