Attempting to expand on @Zoredache's answer, as I give this a go myself:
Create a new group (www-pub) and add the users to that group
groupadd www-pub
usermod -a -G www-pub usera
## must use -a to append to existing groups
usermod -a -G www-pub userb
groups usera
## display groups for user
Change the ownership of everything under /var/www to root:www-pub
chown -R root:www-pub /var/www
## -R for recursive
Change the permissions of all the folders to 2775
chmod 2775 /var/www
## 2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including apache www-data user)
Set group ID (SETGID) bit (2) causes the group (www-pub) to be copied to all new files/folders created in that folder. Other options are SETUID (4) to copy the user id, and STICKY (1) which I think lets only the owner delete files.
There's a -R
recursive option, but that won't discriminate between files and folders, so you have to use find, like so:
find /var/www -type d -exec chmod 2775 {} +
Change all the files to 0664
find /var/www -type f -exec chmod 0664 {} +
Change the umask for your users to 0002
The umask controls the default file creation permissions, 0002 means files will have 664 and directories 775. Setting this (by editing the umask
line at the bottom of /etc/profile
in my case) means files created by one user will be writable by other users in the www-group without needing to chmod
them.
Test all this by creating a file and directory and verifying the owner, group and permissions with ls -l
.
Note: You'll need to logout/in for changes to your groups to take effect!
Sneakernet Anyone?
Assuming this is a one time copy, I don't suppose its possible to just copy the file to a CD (or other media) and overnight it to the destination is there?
That might actually be your fastest option as a file transfer of that size, over that connection, might not copy correctly... in which case you get to start all over again.
rsync
My second choice/attempt would be rsync as it detects failed transfers, partial transfers, etc. and can pick up from where it left off.
rsync --progress file1 file2 user@remotemachine:/destination/directory
The --progress flag will give you some feedback instead of just sitting there and leaving you to second guess yourself. :-)
Vuze (bittorrent)
Third choice would probably be to try and use Vuze as a torrent server and then have your remote location use a standard bitorrent client to download it. I know of others who have done this but you know... by the time they got it all set up running, etc... I could have overnighted the data...
Depends on your situation I guess.
Good luck!
UPDATE:
You know, I got thinking about your problem a little more. Why does the file have to be a single huge tarball? Tar is perfectly capable of splitting large files into smaller ones (to span media for example) so why not split that huge tarball into more managable pieces and then transfer the pieces over instead?
Best Answer
Depends on whether or not there are host-based restrictions in the sudoers file, but in the absence of those ("ALL" as the host restriction), yes you can.
visudo does not "compile" the file, only locks it and performs sanity audits to make sure you don't manage to lock yourself out.