[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sshfs and umask



Paul van der Vlis <paul@vandervlis.nl> wrote:
> Op 18-10-17 om 17:31 schreef Sven Hartge:
>> Paul van der Vlis <paul@vandervlis.nl> wrote:

>>> And adding "session optional pam_umask.so umask=0002" to
>>> /etc/pam.d/sshd/ does change the umask for ssh, but not for sshfs.
>> 
>>> Does somebody understand where it goed wrong?
>> 
>> The umask can only enforce stricter permissions, i.e. the client wants
>> to set 0777 but the file gets set to 0775 in your case.
>> 
>> But it can't set wider permissions. If the client sets the permissions
>> to 0700 then no umask in the world will get you to 0775.

> Thanks for the information, I have tested it and it's correct. I can
> set a stricter permission.

>> Dirty hack: use something like incron to trigger a script via inotify
>> to change the permssions.

> That's possible, I can think about it.

You also could try Posix-ACLs. 

(The last time, I tried to use them for a similar use case, I lost
nearly all my hair, but YMMV.)

S°

-- 
Sigmentation fault. Core dumped.


Reply to: