Hello, I am setting up a mirror server to my ispconfig server. I follow ISPC3.1 manual even if I am with ispc3.2.1 on ubuntu 20.04 Everything is running well except unison : I run /root/scripts/unison.sh (= "/usr/bin/unison web" in script of ispc manual) and it gives : " connexion ok, to be copied status ok [...] Failed: Error in setting file ownership: Operation not permitted [chown(/var/www/clients/client0/web1)] Failed [clients/client0/web1]: Error in setting file ownership: Operation not permitted [chown(/var/www/clients/client0/web1)] [BGN] Copying properties for clients/client0/web2 from //ns3.xxx.fr//var/www to /var/www Failed: Error in setting file ownership: Operation not permitted [chown(/var/www/clients/client0/web2)] [...] Failed: Error in renaming /var/www/php-fcgi-scripts/web12/.unison..php-fcgi-starter.1ec24bc6dbe29bc1beb1e07b9b7a4460.unison.tmp to /var/www/php-fcgi-scripts/web12/.php-fcgi-starter: Operation not permitted [rename(/var/www/php-fcgi-scripts/web12/.unison..php-fcgi-starter.1ec24bc6dbe29bc1beb1e07b9b7a4460.unison.tmp)] 80% 00:00 ETAFailed [php-fcgi-scripts/web12/.php-fcgi-starter]: Error in renaming /var/www/php-fcgi-scripts/web12/.unison..php-fcgi-starter.1ec24bc6dbe29bc1beb1e07b9b7a4460.unison.tmp to /var/www/php-fcgi-scripts/web12/.php-fcgi-starter: Operation not permitted [rename(/var/www/php-fcgi-scripts/web12/.unison..php-fcgi-starter.1ec24bc6dbe29bc1beb1e07b9b7a4460.unison.tmp)] " I already saw that it is impossible to create a dir in /var/www/clients/client0/webxx even with "sudo -u webxx mkdir /var/www/clients/client0/web1/test" Is there something wrong in my conf ? I didn't find out anything on that in FAQ Many Thanks
i would think unison probably shouldn't be trying to sync /var/www/clients/client0/web1 itself, but /var/www/clients/client0/web1/web any files or folders directly in web1 should only be created by ispconfig as part of the domains/subdomain/aliasdomain/jailkit configuration
i'm not sure, i'd assume you ideally want to sync all of /var/www or at least all of /var/www/clients. i've not tried using unison to do this. maybe if you change the sync path to /var/www/clients/client*/web*/web so it doesn't actually sync the immutable folder itself? i'm not how unison would handle wildcards. you'd also have to do the same for the private folder, and any other vhost subdomains that get put directly in /web##/<vhost folder> rather than /web##/web/<vhost folder> which end up having any name, so you can't really script it in advance. i can't see any other way apart from removing the immutable bit from all the web## folders. the immutable bit limits what root can do, so running your existing script as root won't suddenly start working. but removing the immutable bit could be too insecure, especially for live servers. to be honest, i think for something like this, using shared storage, nfs share, or similar might be easier.
I understand immutable bit issue but try chattr without success. Is there a solution to unable that ispc function during unison process adding it in cronjob... If not, i wouldn't use unison but another code... which one ? Why ispc manual propose unison : is there something to take care with unison ?
Looking into ispconfig / system/ server config/permission, I discover this option : "Make web folders immutable (extended attributes)" I would if unison is working since this option is implemented ?
well, if used, unison is going to be running pretty much continuously, so i suspect you'll have to disable that, otherwise you'll be running chattr -i and chattr +i constantly.
Sure, I am now thinking about rsync. I don't know if I will face same issue. May be would be good to modify ispconfig manual on that particular topic. thank a lot
rsync is unidirectional. unison would be bidirectional. you can't guarantee the files will only change on the same server 100% of the time. so you need a bidirectional sync. also, if set, the immutable bit limits actions for all users including root, rsync would also be affected.
Last time when I set up unison, I basically follow these two tutorials: 1. https://www.howtoforge.com/tutorial...ase-cluster-on-debian-8.4-with-ispconfig-3/4/ 2. https://www.howtoforge.com/tutorial/unison-file-sync-between-two-servers-on-debian-10/ I suspect ssh access is not properly set up as per the tutorials but it just a wild guess, but do check it up.
Then, you are using ispcconfig 3.2 You have mirror server and you use unison. You don't disable immutable bit and it works... Manual doc is exactly that same tuto : https://www.howtoforge.com/tutorial...ase-cluster-on-debian-8.4-with-ispconfig-3/4/ I dig on ssh side !
I dig, and, dig again ! the only solution I found is to remove immutable bit through chattr -i AND remove option in ispconfig : system> server config> web> permission > "Make web folders immutable (extended attributes)" thanks for your help
after changing the 'make web folders immutable' setting in ispconfig, did you resync websites? possibly also need to resync clients and resellers. i don't think just changing the setting in ispconfig will have any effect on folders that already exist, I would assume that at minimum, a website resync is needed.
You are right : first, I run chattr and next change immutable bit setting. I didn't try "resync clients and reseller" because I didn't understand what this option is for ! Tool panel in manual doc is not in line with Ispconfig 3.2... Thanks for this tip !