[opensuse] howto require specific uid & gid & mode for files copied via fish to server?
Listmates, When remote users copy files to my server via fish, the files get copied to the shared directories on the server under the users uid and the users default gid with the file mode of 0644. I would like to impose the requirement that files copied to the server via fish (or any other ssl based protocol have my uid and the staff groups gid and sets the file permissions to 0770. How would I do this? I have had varying degrees of success setting file permissions of the parent directories to 7770 which imposes the uid and gid requirements I want, but the file permissions still come across as 0644. What other mask/etc... do I need to set to do this. I would like to get rid of my cron job that has been taking care of this. What puzzle piece am I looking for? -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 19 August 2009 17:47:12 David C. Rankin wrote:
Listmates,
When remote users copy files to my server via fish, the files get copied to the shared directories on the server under the users uid and the users default gid with the file mode of 0644.
I would like to impose the requirement that files copied to the server via fish (or any other ssl based protocol have my uid and the staff groups gid and sets the file permissions to 0770. How would I do this?
I have had varying degrees of success setting file permissions of the parent directories to 7770 which imposes the uid and gid requirements I want, but the file permissions still come across as 0644. What other mask/etc... do I need to set to do this. I would like to get rid of my cron job that has been taking care of this. What puzzle piece am I looking for?
If you are using an ssh server that supports the sftp extension to ssh, use sftp instead of fish, which preserves the file permissions, as well as being faster and more robust. Will -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Aug 19, 2009 at 10:47:12AM -0500, David C. Rankin wrote:
When remote users copy files to my server via fish, the files get copied to the shared directories on the server under the users uid and the users default gid with the file mode of 0644.
I would like to impose the requirement that files copied to the server via fish (or any other ssl based protocol have my uid and the staff groups gid and sets the file permissions to 0770. How would I do this?
Use a default ACL on the incoming directory. For the defaults you might have to read the setfacl man page. http://acl.bestbits.at/man/man.shtml is the online version. The version included with openSUSE 11.1 might be a bit newer. But you mainly need to get the concept. IIRC Andreas even wrote a more verbose paper about the topic. And it's still available at http://www.suse.de/~agruen/acl/linux-acls/online/ The default ACL approach should work independent of the used transport method. Even if I use the same dir with Samba? Then please use the inherit acls = Yes option on the share level as it is the default for several shares in /etc/samba/smb.conf included with SUSE. See http://en.openSUSE.org/Samba with pointers to current Samba binaries provided by the openSUSE Build Service. Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Wednesday 19 August 2009 05:43:03 pm Lars Müller wrote:
Use a default ACL on the incoming directory.
For the defaults you might have to read the setfacl man page.
http://acl.bestbits.at/man/man.shtml is the online version. The version included with openSUSE 11.1 might be a bit newer. But you mainly need to get the concept.
IIRC Andreas even wrote a more verbose paper about the topic. And it's still available at http://www.suse.de/~agruen/acl/linux-acls/online/
The default ACL approach should work independent of the used transport method.
Even if I use the same dir with Samba?
Then please use the
inherit acls = Yes
option on the share level as it is the default for several shares in /etc/samba/smb.conf included with SUSE.
See http://en.openSUSE.org/Samba with pointers to current Samba binaries provided by the openSUSE Build Service.
Lars
Glad to be on the list with you Lars! Great solution, thanks! -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
David C. Rankin
-
Lars Müller
-
Will Stephenson