vsftpd-sharing-files-mount-bind-local-umask
YOU can either have a top level user - e.g. Marketing Director with FTP sub contractor users
create Marketing user & home folder
create SubContractor1 user & home folder
create SubContractor2 user & home folder
in the FTP/Marketing/home folder mkdir sub1 sub2
HMMM... BUT you need to set the Subcontractor in the "marketing Group" so that any files created by marketing (owned by marketing & default group = marketing) can be seen...
usermod -aG marketing Subcontractor1
then chgrp marketing /FTP/Subcontractor1/ then chmod 770 /FTP/Subcontractor1/
then
mount --bind /FTP/SubContractor1/ /FTP/Marketing/sub1 mount --bind /FTP/SubContractor2/ /FTP/Marketing/sub2
Now marketing can login and add files for subcontractors, and subs can add files but sub1 can't see marketing or sub2!
BUT vsftpd has a default "permissions mask" for newly created files, modify this by local_umask:
nano /etc/vsftpd.conf
listen=YES connect_from_port_20=YES pasv_enable=YES
USER MANAGEMENT
anonymous_enable=NO local_enable=YES write_enable=YES
chroot_local_user=YES
user_sub_token=$USER local_root=/anders-ftp/$USER
virtual_use_local_privs=YES dirlist_enable=YES
local_umask=027
owner = rwx, group = rx, other = none
LOGGING
xferlog_enable=YES xferlog_file=/var/log/vsftpd.log
SECURITY
hide_ids=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=nobody
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
anon_umask=022 anonymously uploaded files permissions -rw-r--r--