I need to set up 2 Pure-FTPd accounts - ftpuser and ftpadmin. Both will have access to a directory that contains 2 subdirectories - upload and downlaod. The permissions criteria needs to be as follows:
- ftpuser can upload to /upload but cannot view the contents (blind drop).
- ftpuser can download from /download but cannot write to it.
- ftpadmin has full read/write permissions to both, including file deletion
Currently, the first two are not a problem - disabling /upload read access and /download write access for ftpuser did the job. The problem is that when a file is uploaded by ftpuser, it's permissions are set to 644, meaning that user ftpadmin can only read it (note that all FTP directories are chown'd to ftpuser:ftpadmin). How can I give ftpadmin the power he so rightfully deserves?
-
Starting the process with a different umask (-U) flag set will solve the permissions issue. For example:
/usr/sbin/pure-ftpd -U 113:002 &
Note that each umask number is subtracted from 7 to get the final permissions:
113:002 results in 664 for files and 775 for directories.
From modulaaron -
Just set the sgid bit on the top dir, since group is already set correctly you're done.
From CarpeNoctem
0 comments:
Post a Comment