Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

UNIX File permissions when using STFP

Posted on 2013-11-25
9
Medium Priority
?
740 Views
Last Modified: 2013-12-02
I am perfomring PUT using SFTP (FTP with SSH), I require explicit file permissions on the landed file based on user and group of the destination host.

The host destination is PUTing with a set of permissions although when the file arrives at the destination the permissions are reduced.

I need the the gid 101 to have rwx
I need the user to have rwx
Eveyone else nothing.
0
Comment
Question by:Nicenchrisp
  • 4
  • 4
9 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39675249
Your issue might be due to the remote umask modifying the permissions.

sftp supports the chmod, chown and chgrp subcommands.

So you can do

sftp hostname
put /path/to/local/file /path/to/uploaded/file
chmod 770 /path/to/uploaded/file


Add chown/chgrp statements as needed.
0
 

Author Comment

by:Nicenchrisp
ID: 39676955
Which umask is coming into play here, where would the umask file be located ?  what should it contain ? How would I apply the umask in order to test ?

all transfers will require the same permissions and a FTP script change will be tough to implement.  Changing the umask will be easier, therefore......

Which umask is coming into play here, where would the umask file be located ?  what should it contain ? How would I apply the umask in order to test ?
0
 
LVL 5

Expert Comment

by:John Pope
ID: 39677188
Hi, you can set the umask value in the sshd_config using;

1. All users;

Subsystem       sftp    /usr/sbin/sftp-server -u 2

2. Or the 'Match group' stanza like;

Match Group <groupname>
ForceCommand /usr/sbin/sftp-server -u 2

You'll have to figure out your umask value needed based on the system default or such like.

I've used the 'Match User/Group' stanzas for a chroot SFTP jailing, but I've not had to alter any umask values.

Of course don't forget to stop/start the sshd to pick up the sshd_config changes.

Cheers, JP.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39677401
Hi,

popesy's suggestion implies changing the sshd config on the target machine - I assumed that you didn't want to do that.

The umask in question is the default umask "022" on the target machine, which should not be changed globally, only by changing the configuration of the writer process (sftp server in this case).

So if you're allowed and willing to change the sshd configuration on the target machine follow popesy's suggestion (set "-u 7" to get the desired permissions), but if you don't want to touch the target server my suggestion is the way to go.
0
 

Accepted Solution

by:
Nicenchrisp earned 0 total points
ID: 39680669
ALL,

Solved by using a sticky bit !
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39680682
Neither the "sticky" bit nor the SUID or SGID bits for directories can influence permissions, only ownership.

May I ask you to explain your solution in detail?
0
 

Author Comment

by:Nicenchrisp
ID: 39680929
a sticky bit was applied to the directory where the file lands which provided the nesscary group membership in order for the onward processing to take place.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 39681276
Ok, so far for the group ownership.

But you wrote in your question

>> when the file arrives at the destination the permissions are reduced <<

and

>> I need the the gid 101 to have rwx
I need the user to have rwx
Eveyone else nothing.  <<

Which way did you cope with these requirements?
0
 

Author Closing Comment

by:Nicenchrisp
ID: 39689434
simple is best
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded‚Ķ
Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month10 days, 2 hours left to enroll

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question