Access rights for daemons running as nobody

  • 7004753
  • 28-Oct-2009
  • 27-Apr-2012


Novell Open Enterprise Server 2 (OES 2) Linux


Daemons running as nobody, such as 'rsync' cannot store files on NSS volumes.

When running 'rsync' as a daemon, one setup a module which points to a directory where files either storer;

   read only = no
   use chroot = yes
   strict modes = no
   transfer logging = yes

When sending files one specifies the name of the module, in this case 'test'.

# rsync -avzp *  oeshost::test

But default this failes with;

rsync: mkstemp "/.myfile.6FrDxA" (in test) failed: Permission denied (13)

Normally on Linux one controls the access rights with the posix rights (chmod, chown, etc), setting the directory to rwx.rwx.rwx (777) does not solve the problem.


Access rights on NSS are not controlled with the posix rights, but through eDirectory, and 'nobody' is mapped to [public]. There for to allow daemons who run as nobody one have to give [public] access rights to the directory.

# cd /media/nss/VOLUME/rsync
# rights trustee "[public]" -r rf
# rights show
Trustees and Inherited Rights Filter
File: /media/nss/VOLUME/rsync
  (1) [Public]
    [read, scan]

Inherited Rights Filter:
    [supervisor, read, write, create, erase, access control, scan, modify]

This is also possible using iManager.