can you stop the trouble with file masks and default permissions?

[Kārlis Repsons]

Hello!

Please take a look at this problem:

1. at sshd_config:
Subsystem sftp internal-sftp
Match group sftponly
         ChrootDirectory /public
         X11Forwarding no
         AllowTcpForwarding no
         ForceCommand internal-sftp

2. at client's bash:
sshfs server:/ /home/kr/krpub-mount -o uid=$(id -u kr) -o gid=$(id -g kr) -o 
allow_other -o default_permissions -o reconnect -o no_check_root -o 
umask=0002

touch /home/kr/krpub-mount/writeable_dir/1
ls -la /home/kr/krpub-mount/writeable_dir/1
-rwxrwxr-x 1 kr kr 0 2009-06-12 08:51 krpub-mount/writeable_dir/1

3. at server:
ls -la /public/writeable_dir/1
-rw------- 1 kr kr 0 2009-06-12 08:51 1

Removing " -o umask=0002" just shows the actual, too strict permissions. Its 
ok with the umask at client.

And here is the trouble. How can those permissions be controlled on server, if 
internal-sftp is used with ChrootDirectory?

If there was a way to set minimum permissions in sshd_config for newly created 
files, it would solve a problem with konqueror, which is eating up the group 
write bit and causes much of pain.

Any ideas?

Regards,
Kārlis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20090612/0bc0e1c9/attachment.bin>