On Thu, Mar 29, 2012 at 07:37:47PM +0100, Rodolfo Gouveia wrote:
> On Wed, Mar 28, 2012 at 06:33:16PM +0200, Stefan Sieg wrote:
> > are you overwriting existing files that have the previous file mode?
>
> No, these are new files. Let me explain better.
> When I copy a file over with sftp, the permissions of the file created
> on the server, are replicated from the client.
whithout applying the umask?
> This is in contrast, when I'm logged in on the server with that same account
> and create a file, the umask is correct as per /etc/login.conf.
> Even though reading sftp-server(8):
> -u umask
> Sets an explicit umask(2) to be applied to newly-created files
> and directories, instead of the user's default mask.
> I would assume that the files copied over by the client which don't exist
> on the server should be honor this flag.
> Are my assumptions correct?
It should, here is what i get ...
# groupadd -g 1500 user
# useradd -u 1500 -g 1500 -d /chroot/user -m user
# chown root.wheel /chroot/user
# mkdir /chroot/user/files
# chown user.user /chroot/user/files
# groupadd -g 2000 chroot
# usermod -G chroot user
# touch /testfile; chmod 777 /testfile
# grep "Match Group chroot" -A6 /etc/ssh/sshd_config
Match Group chroot
AllowAgentForwarding no
AllowTcpForwarding no
GatewayPorts no
X11Forwarding no
ForceCommand internal-sftp
ChrootDirectory /chroot/%u
# sftp user@localhost
Connected to localhost.
sftp> pwd
Remote working directory: /
sftp> cd files
sftp> put /testfile
sftp> ls -l
-rwxr-xr-x 1 1500 1500 9018334 Mar 29 19:51 testfile
the filemode is what it should be with an umask of 022
--------
with "-u 007" in sshd_config
....
sftp> put /testfile
sftp> ls -l
-rwxrwx--- 1 1500 1500 9018334 Mar 29 19:54 testfile
the filemode is what it should be with an umask of 007
What is different in your setup?
