troubleshooting Question

SFTP and default file permissions (umask?)

Avatar of GarbsTheTurtle
GarbsTheTurtleFlag for United States of America asked on
Linux
3 Comments1 Solution10514 ViewsLast Modified:
I have a Linux (Red Hat Enterprise) webserver that hosts a collection of websites. This system uses kerberos authentication to allow me to create local accounts for Active Directory users, and then authenticate those accounts off the kerberos server. None of the login accounts have home directories, but each of the websites have their own local user (/home/site) directory and group (I created the "site" user, but never ran "passwd" to assign a password - you cannot login using the "site" accounts). There are multiple site administrators for a few of the sites, and they are each members of the site's group.

The problem that I'm running into is that even though Billy uploads a file to /home/site/www, and the ownership is "billy:site", the permissions default to 644, making Billy the only user able to edit that file, instead of granting access to all users in the "site" group (664). Is it possible to specify a default file permission mask for files uploaded via SFTP so that each of the users (who aren't in any way linux-ly gifted) don't have to specifically assign group rights through the SFTP client for the files they upload?

I'd prefer to do this without individual user home directories if at all possible - for housekeeping's sake - less clutter (users don't need their own home directories).

Your help is appreciated.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros