Solved

Linux user/group for shell and ftponly

Posted on 2004-08-08
3
495 Views
Last Modified: 2012-08-14
Hi,

user ABC can ssh login and ftp to the server, /home/ABC

user XYZ only can ftp, ftpchroot to /home/ABC/www/*

the problem are:

there might have some html is www created by ABC, but  XYZ might modify/overwrite the html via ftponly,

hows the file ownership & group looks like which able to allow
ABC to access/modified/create the html as well as
XYZ to access/modified/create html in www directory
0
Comment
Question by:qazakax
  • 2
3 Comments
 
LVL 23

Expert Comment

by:Mysidia
Comment Utility
You want /home/ABC/www  to be writable by both, but not allow XYZ to modify/overwrite files created by ABC?

Then use the sticky bit

chown abc.ftponly /home/ABC/www
chmod 1771 /home/ABC/www
or chmod +t /home/ABC/www

(That would be a similar stuation as with /tmp... only the file's creator should be able to update the files)

for ABC to access/modify/create content, make him the owner
for ftponly to be able to write to www make that the group and set group write.

In short
drwxrwx--t        ABC  ftponly          ...           www/


0
 

Author Comment

by:qazakax
Comment Utility
Hi,

basically i wan /home/ABC/www can be writable by both, n also allow either ABC or XYZ can modify/overwrite the files.

then in /etc/group should be like this ??
ABC:x:500:ABC,XYZ

0
 
LVL 23

Accepted Solution

by:
Mysidia earned 25 total points
Comment Utility
In that case, yes, put both users in the same group.

And have the directory owned by the group

and make the mode for /home/abc/www

chown user.group /home/abc/www
chmod 2771 /home/abc/www

(setguid  for a directory means new files will be owned by the same group by default)
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now