scp permissions problem

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi All!

This really is a file permissions problem ... although I'm not sure how

to solve it.  Any assistance would be greatly appreciated.

I have a series of load balanced servers.  Each of the servers is
arranged exactly the same and handles file uploads from users as

1) User submits file to www1 server
2) www1 server saves file with permissions showing user "www" is the
owner, dir owner is the group for the file ("sg" in this case).
3) cron script on www1 scp's the file to www2 server.
3a) cron executes scp -p origfile sg@www1:destfile
3b) destfile appears on www2 with ownership sg/sg, same permissions as

All of this works great up until the following happens ...

4) User resubmits the file to www2 server
5) www2 attempts to update file located on www2 server with new
version, but cannot modify file (attempting to overwrite a file owned
by sg/sg with a file to be owned by www/sg).
6) User continues to see old image, new image is not replicated

Where am I going wrong here?  Any assistance would be appreciated.


Re: scp permissions problem

3a) cron executes scp -p origfile sg@www1:destfile

oops should be

3a) cron executes scp -p origfile sg@www2:destfile

Re: scp permissions problem

Quoted text here. Click to load it

Are the files group writable?

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Re: scp permissions problem

Quoted text here. Click to load it

I'd call it a user identity problem rather than a file permissions problem.

Quoted text here. Click to load it

What is your reason for having www own the incoming file and sg own the

Quoted text here. Click to load it

Right, this won't work.  You've set it up so that uploaded files are writable
by a different user than copied files, but both go to the same place.  Fix the
design :)

Option 1: only allow uploads to www1.  They'll all be owned by www, and the
mirrors will all be owned by sg, there's never a conflict.
Option 2: scp the file as "www" rather than "sg", so all the files are always
owned by "www".
Option 3: create a different upload area than the copy area - uploaded files
go to uploads/ owned by "www", and copies on all machines (including the
upload machine, scp'd to itself) can be owned by "sg".  
Mark Rafn    <

Site Timeline