How to Preserve User Ownership When Running Rsync as Root: A Complete Guide


2 views

When performing system backups as root using rsync, you'll often encounter an issue where all transferred files inherit root ownership. This occurs because:

  • Rsync defaults to preserving the numeric UID/GID rather than username/groupname
  • Root privileges override the original ownership during transfer
  • Remote systems may have different UID/GID mappings

These flags form the core solution:

rsync -aHAX --super --fake-super --numeric-ids

Let's break down what each option does:

  • -a: Archive mode (preserves permissions, ownership, timestamps)
  • -H: Preserve hard links
  • -A: Preserve ACLs
  • -X: Preserve extended attributes
  • --super: Allow receiver to attempt super-user activities
  • --fake-super: Store privileged attributes in extended attributes
  • --numeric-ids: Transfer numeric IDs rather than username resolution

Backup while preserving all attributes:

rsync -aHAX --super --fake-super --numeric-ids \
    /home/user1/ backup-server:/backups/home/user1/

For remote backups via SSH:

rsync -e "ssh -T -c aes128-ctr -o Compression=no -x" \
    -aHAX --super --fake-super --numeric-ids \
    /home/ user@backup-server:/backups/home/

For more control over transferred files:

find /home -user username -print0 > filelist.txt
rsync -aHAX --super --fake-super --numeric-ids \
    --files-from=filelist.txt / backup-server:/backups/

After transfer, verify ownership with:

ls -l /backups/home/user1/
getfacl /backups/home/user1/important_file.txt

Common issues and solutions:

  • If usernames don't match, use --numeric-ids
  • For ACL errors, ensure -A flag is included
  • Extended attributes require -X and proper filesystem support

If you need to modify ownership after transfer:

find /backups/home/user1/ -exec chown user1:user1 {} \;

When performing system backups as root using rsync, you'll encounter ownership issues where all transferred files inherit root ownership. This breaks the original permission structure and creates headaches when restoring user-specific files.

By default, rsync operates with these permission rules:

# Default behavior (preserves modification times, permissions)
rsync -avz /source/ user@remote:/destination/

The -a flag (archive mode) preserves permissions but not necessarily ownership when running as root.

Use these key flags in combination:

rsync -avz --owner --group --numeric-ids /home/ user@backup:/backups/

When UIDs don't match between systems:

rsync -avz --numeric-ids --usermap=1001:1005 --groupmap=1001:1005 \
    /source/ user@remote:/destination/

This maps UID 1001 on source to 1005 on destination.

Always test with --dry-run first:

rsync -avzn --owner --group --numeric-ids /source/ user@remote:/destination/

Then verify permissions with:

ls -ln /destination/path