On Aug 27, 12:50 pm, Henrique de Moraes Holschuh <[EMAIL PROTECTED]> wrote: > On Wed, 27 Aug 2008, Bob wrote: > > On Aug 27, 9:00 am, Henrique de Moraes Holschuh <[EMAIL PROTECTED]> > > wrote: > > > On Tue, 26 Aug 2008, Bob Goldberg wrote: > > > > running etch; rssh/chroot with users allowed sftp only > > > > I have myumask=007 in my rssh.conf; I have setgid=true on all home > > > > dir's. > > > > > When a user uploads a file, that file does NOT have mode=660 as I would > > > > expect - instead it's 640. > > > > Did you check that the code is trying to create the file with file mode > > > 777 > > > (so thatumaskhas full control of what will end up on the inode)? If it > > > does, e.g, 644, yourumaskwill never be able to get a 660 out of it. > > > Henrique- > > TX for your reply... > > > I'm not sure I understand where I would look for that... > > because this is a chroot'ed user, and they can only use sftp thru rssh > > - I had thought the mode settings associated with those packages would > > over-ride any others... > > > now if a normal user creates a file - it IS 644... is that what you > > mean? > > What I mean is thatUmaskcan only *CLEAR* bits. If sftp/rssh is trying to > create a file of mode 0644, all your 0777umaskcan do is cause it to become > 0640. >
Sorry - I should have also mentioned in my last post... that I've tried doing EVERYTHING with pam / pam_umask while I can control the umask of shell users; NOTHING I do seems to control the umask of rssh/sftp users. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]