The permission torture
- From: "Kārlis Repsons" <karlis.repsons@xxxxxxxxx>
- Date: Fri, 12 Jun 2009 09:58:13 +0000
In effort to address at least one of my permission problems, I would be glad
to see a working solution for this kind of problem:
1. at sshd_config:
Subsystem sftp internal-sftp
Match group sftponly
2. at client's bash:
sshfs server:/ /home/kr/krpub-mount -o "IdentityFile=/home/kr/.ssh/id_rsa" -o
uid=$(id -u kr) -o gid=$(id -g kr) -o allow_other -o default_permissions -o
reconnect -o no_check_root -o umask=0002
ls -la /home/kr/krpub-mount/writeable_dir/1
-rwxrwxr-x 1 kr kr 0 2009-06-12 08:51 krpub-mount/writeable_dir/1
3. at server:
ls -la /public/writeable_dir/1
-rw------- 1 kr kr 0 2009-06-12 08:51 1
Removing " -o umask=0002" just shows the actual, too strict permissions.
And here is the trouble. How can those permissions be controlled on server, if
internal-sftp is used with ChrootDirectory?
Please, this has been a problem way to long... If there was a way to set
minimum permissions in sshd_config for newly created files, it would have
been solved, at least in my case! There is a problem with konqueror, which is
eating up the group write bit, that way it could be solved...
Well, please don't hesitate, if you know some relevant solution!
Description: This is a digitally signed message part.
- Prev by Date: Re: openssh make FAILS, any idea, here's the error text
- Next by Date: Re: Restrict port forwarding on server
- Previous by thread: Re: openssh make FAILS, any idea, here's the error text
- Next by thread: Re: Restrict port forwarding on server