can you stop the trouble with file masks and default permissions?
Kārlis Repsons
karlis.repsons at gmail.com
Sat Jun 13 00:34:48 EST 2009
Hello!
Please take a look at this problem:
1. at sshd_config:
Subsystem sftp internal-sftp
Match group sftponly
ChrootDirectory /public
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
2. at client's bash:
sshfs server:/ /home/kr/krpub-mount -o uid=$(id -u kr) -o gid=$(id -g kr) -o
allow_other -o default_permissions -o reconnect -o no_check_root -o
umask=0002
touch /home/kr/krpub-mount/writeable_dir/1
ls -la /home/kr/krpub-mount/writeable_dir/1
-rwxrwxr-x 1 kr kr 0 2009-06-12 08:51 krpub-mount/writeable_dir/1
3. at server:
ls -la /public/writeable_dir/1
-rw------- 1 kr kr 0 2009-06-12 08:51 1
Removing " -o umask=0002" just shows the actual, too strict permissions. Its
ok with the umask at client.
And here is the trouble. How can those permissions be controlled on server, if
internal-sftp is used with ChrootDirectory?
If there was a way to set minimum permissions in sshd_config for newly created
files, it would solve a problem with konqueror, which is eating up the group
write bit and causes much of pain.
Any ideas?
Regards,
Kārlis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20090612/0bc0e1c9/attachment.bin>
More information about the openssh-unix-dev
mailing list