The Samba-Bugzilla – Bug 3253
Feature request - Sync perms/ownership/time etc but with no file transfer
Last modified: 2006-03-12 02:56:58 UTC
Feature Request: It would be very useful to be able to specify the normal
options such as --numeric-ids --owner --group --perms --recursive --existing etc
but with --no-transfer or something similar that would allow you to sync the
attributes of the files/dirs/etc but not actually transfer anything. (--existing
might be implied by --no-transfer, or perhaps not using --existing would
transfer missing files only)
Reasoning: It would allow for tasks like tightening security on identical
systems to be done with a lot more speed. You could go through and
painstaikingly adjust permissions on one server and then sync all the other
identical servers to match.
It would also be useful for cases where you back up an entire server nightly to
a backup server which allows access only to a normal user. You can then restore
it to a new server from the backup and sync to an existing server to fix the
permissions. With the current code I don't expect that it would be that
difficult to just skip the file transfer.
At the risk of adding bloat, rsync could even create an attributes file that
could be stored on the backup server and used to restore the permissions in the
event there is no remaining server to sync the perms from. This would allow
admins to back up to normal user accounts that can be subject to quota restrictions.
I think this would be best handled by some other application. For instance, it would be simple to write a perl script that would be able to parse the output of "ls -lR" from one system and apply the permissions/ownership/groups to the matching files on another system (skipping those that don't exist).
Created attachment 1575 [details]
perl script solution
I enjoy coding simple perl scripts like this, so here is a perl script that will parse the output of "ls -lR dir [dir...]" or "ls -nR dir [dir...]" and restore the permissions, owner, and group of all the files it finds. You can feel free to manually edit ls's output to remove unnecessary directories and/or files, and then use the result to apply the listed attrs to another host's files. For instance, assuming the script "file-attr-restore" is somewhere in the $PATH of server "remotehost", this sequence of commands would should update the attrs on remotehost:
ls -lR /etc /usr/local/etc >saved-permissions
cat saved-permissions | ssh remotehost file-attr-restore