john pfeiffer
  • Home
  • Categories
  • Tags
  • Archives

Linux vsftpd sharing files mount bind local umask

vsftpd-sharing-files-mount-bind-local-umask

YOU can either have a top level user - e.g. Marketing Director with FTP sub contractor users

create Marketing user & home folder

create SubContractor1 user & home folder

create SubContractor2 user & home folder

in the FTP/Marketing/home folder mkdir sub1 sub2

HMMM... BUT you need to set the Subcontractor in the "marketing Group" so that any files created by marketing (owned by marketing & default group = marketing) can be seen...

usermod -aG marketing Subcontractor1

then chgrp marketing /FTP/Subcontractor1/ then chmod 770 /FTP/Subcontractor1/

then

mount --bind /FTP/SubContractor1/ /FTP/Marketing/sub1 mount --bind /FTP/SubContractor2/ /FTP/Marketing/sub2

Now marketing can login and add files for subcontractors, and subs can add files but sub1 can't see marketing or sub2!

BUT vsftpd has a default "permissions mask" for newly created files, modify this by local_umask:

nano /etc/vsftpd.conf

listen=YES connect_from_port_20=YES pasv_enable=YES

USER MANAGEMENT

anonymous_enable=NO local_enable=YES write_enable=YES

chroot_local_user=YES

user_sub_token=$USER local_root=/anders-ftp/$USER

virtual_use_local_privs=YES dirlist_enable=YES

local_umask=027

owner = rwx, group = rx, other = none

LOGGING

xferlog_enable=YES xferlog_file=/var/log/vsftpd.log

SECURITY

hide_ids=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=nobody

rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

anon_umask=022 anonymously uploaded files permissions -rw-r--r--


  • « Linux wine running windows apps
  • Trac error apache php www data can't write python eggs »

Published

Feb 6, 2010

Category

linux

~161 words

Tags

  • bind 3
  • files 16
  • linux 249
  • local 4
  • mount 7
  • sharing 2
  • umask 1
  • vsftpd 6