[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sshfs and umask



Op 18-10-17 om 17:31 schreef Sven Hartge:
> Paul van der Vlis <paul@vandervlis.nl> wrote:
> 
>> I try to force the umask of an sshfs on the server side.
> 
>> I've tried /etc/ssh/sshd_config with for example:
>> Subsystem       sftp    /usr/lib/openssh/sftp-server -u 0002
>> or:
>> ForceCommand internal-sftp -u 0002
>> But this does not change the umask.
> 
>> And adding "session optional pam_umask.so umask=0002" to
>> /etc/pam.d/sshd/ does change the umask for ssh, but not for sshfs.
> 
>> Does somebody understand where it goed wrong?
> 
> The umask can only enforce stricter permissions, i.e. the client wants
> to set 0777 but the file gets set to 0775 in your case.
> 
> But it can't set wider permissions. If the client sets the permissions
> to 0700 then no umask in the world will get you to 0775.

Thanks for the information, I have tested it and it's correct. I can set
a stricter permission.

> Dirty hack: use something like incron to trigger a script via inotify to
> change the permssions.

That's possible, I can think about it.

> Grüße,
> Sven.

Groeten, Paul




-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/


Reply to: