Re: SFTP via ssh and symlink permissions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Jan 12, 2016 at 06:11:06PM -0500, Steve Matzura wrote:
> My SFTP setup works, almost. Local file access is OK. However,
> symlinks can be seen but not followed. The symlink itself is owned by
> root and in the root group, but the thing to which the symlink points
> I have changed to the owner and group names associated with the login
> username I'm using for the SFTP. If I use chown on the symlink, it
> doesn't change, but the thing it's a symlink of, does. Remember, all
> my symlinks are to mounted filesystems (Windows shares and NAS
> shares).
>
> This is clearly a permissions problem, but I'm not sure which of these
> three things it is, and it could possibly be a combination of any two:
>
> . the permission and ownership of the symlink itself,
Those are totally meaningless. Just ignore them (BTW there was a
discussion about this not long ago in this mailing list: if you're
interested I can dig it out for you).
> . the permission and ownership of the object the symlink points to
Those *do* matter.
> . the permission and ownership of the mount point created with `mkdir
> -p' on which the filesystem is mounted.
The FTP server might not even know about these details. But it might
fail to open a file given its name if it fails to read some of the
directories along the path.
And there's one last point: the FTP server might decide to not
resolve symlinks, depending on some security settings.
What do the FTP server's logs say when attempting such an access?
Is it possible to request (via configuration) verbose logs?
regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlaV/BgACgkQBcgs9XrR2kZ/OQCdGn5n21SsIOr2F9O00LJx6ss9
MQEAnjc/4oOg0Dg1+60Rtm/vZYP+srel
=DeJb
-----END PGP SIGNATURE-----
Reply to: