[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sshfs and permissions

On Wed, Mar 14, 2012 at 7:21 PM, Pierre Penninckx
<Pierre.Penninckx@gmail.com> wrote:
>
> @ Tom H:
> This seems to be the problem but I must say that I don't really
> understand what this paragraph means, especially this:
>  "But the problem is, that the openssh sftp server indeed cares about
> the server side umask [...] On the remote computer the SFTP subsystem
> of SSH is used. You should therefore be able to set the umask for sftp
> via the usual wrapper script and get the umask that you want."
> What wrapper script ?

The wrapper script is to change the "Subsystem sftp ..." lin in
"/etc/ssh/sshd_config" to "Subsystem sftp
/usr/local/bin/sftp-server.sh" and override the default "0022" umask
by creating "/usr/local/bin/sftp-server.sh" as:
#!/bin/sh
umask 0002
/usr/lib/openssh/sftp-server

I've never seen any acl-related configuration possibilities in
sshd_config (which doesn't mean that they don't exist!). Maybe you can
set up "AllowGroups ..." and/or "Match Group ..." stanzas that'll make
ssh/sftp behave the way that you'd like them to.
Reply to: