Re: set default file permissions for a directory
From: Numberwhun [snip] when you ar[e] specifying where you want to transfer to you need to spe[c]ify the following: user@ip or machine name:/directory/on/other/machine Just tO be precise, any of the source file(s) or the target can be prefixed by either '[EMAIL PROTECTED]:' or 'host:' . User defaults to $USER or $LOGNAME. Multiple source files (on possibly multiple hosts) can be specified as with cp(1), but better have unique file.ext names if from multiple dirs or hosts (as with cp(1)). If the target isn't an existing directory, it's taken as the filename (as with cp(1)), so it's safer to say $ scp file [EMAIL PROTECTED]:/directory/on/other/machine/. or $ scp file [EMAIL PROTECTED]:/directory/on/other/machine/file to avoid surprises. If you don't put the users it will default to using the user you are on the local machine but will ask you for the password. If you have a default identity in ~/.ssh on the local host and that default identity is in the remote host:~/.ssh/authorized_keys (or ~/.ssh/authorized_keys2) scp like ssh will not prompt for remote password. It may prompt for passphrase for your local private key, if ssh-agent hasn't already unlocked it and if the identity isn't passphrase-free (normal for BatchMode but not for use in untrusted environments or with portable devices!) If you don't transfer certain files as the correct user, then permissions are not correctly set. As previously stated, SETUID and SETGID (u+s, g+s) on the directory controls the UID and GID of new files. On Linux, Solaris, VMS, and WinNT/XP, the POSIX ACEs (Access Control Elements) implementation of Access Control Lists (ACLs) can specify default permissions for new files in a directory. (AIX and probably other early adopters of CMW ACLs lack this, alas.) I would say the .profile(s) are read and used. Easily verified by adding echo PROFILE to your .profile or .cshrc as appropriate -- yes. So, SCP gets you (777 minus profile:umask) unless you use scp -p. -- /\ Bill Ricker N1VUX [EMAIL PROTECTED] \ / http://world.std.com/~wdr/ X Member of the ASCII Ribbon Campaign Against HTML Mail / \ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: set default file permissions for a directory
Oh, I should add to my own comment - So, SCP gets you (777 minus profile:umask) unless you use scp -p. The -p of course sets the permissions to what they were on the source file, ignoring user UMASK (subject probably to the SYSTEM umask?). Per man scp, -p Preserves modification times, access times, and modes from the original file. Note that -o lets you set any .ssh/config parameter on scp commandline. -- /\ Bill Ricker N1VUX [EMAIL PROTECTED] \ / http://world.std.com/~wdr/ X Member of the ASCII Ribbon Campaign Against HTML Mail / \ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: set default file permissions for a directory
Charles Farinella [EMAIL PROTECTED] writes: Hi, I have a problem to solve, hopefully someone can help. :-) I need all files in a specific directory to be created with group write permission (664) and all sub-directories 775. I can set umask 002 in the individual accounts for group members, but they are all remote and just uploading files via WinSCP which means they aren't logged in or using the shell. I haven't so far been able to find out how to do this. Set the appropriate permissions on the parent directory, then set the sgid bit on it. This will cause the children of the parent directory to inherit the permissions of their parent: chmod g+s foo -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: set default file permissions for a directory
On Fri, 2005-12-09 at 13:54, Paul Lussier wrote: I need all files in a specific directory to be created with group write permission (664) and all sub-directories 775. I can set umask 002 in the individual accounts for group members, but they are all remote and just uploading files via WinSCP which means they aren't logged in or using the shell. I haven't so far been able to find out how to do this. Set the appropriate permissions on the parent directory, then set the sgid bit on it. This will cause the children of the parent directory to inherit the permissions of their parent: chmod g+s foo I need to work on my question asking. I've already done that but the newly created files only inherit the group, not the permissions. I need all newly created files to be 664, and they end up 644 with the correct group name. Thanks, though. --charlie -- Charles Farinella Appropriate Solutions, Inc. (www.AppropriateSolutions.com) [EMAIL PROTECTED] 603.924.6079 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: set default file permissions for a directory
Charles Farinella [EMAIL PROTECTED] writes: On Fri, 2005-12-09 at 13:54, Paul Lussier wrote: Set the appropriate permissions on the parent directory, then set the sgid bit on it. This will cause the children of the parent directory to inherit the permissions of their parent: chmod g+s foo I need to work on my question asking. I've already done that but the newly created files only inherit the group, not the permissions. I need all newly created files to be 664, and they end up 644 with the correct group name. Thanks, though. Hmm, yeah, g+s works but umask settings will over-ride that. This page: http://www.udel.edu/topics/os/unix/general/groupsharing.html seems to discuss your problem exactly, but makes mention of a 'setfacl' command which seems at best completely non-standard, but at least available in debian via the package: acl - Access control list utilities Therefore, do: apt-get install acl -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: set default file permissions for a directory
In your first post, you said that you can set the umask to 002. Have you tried that? I'm pretty sure that even using scp actually logs in the user enough so that the shell environment is set up and things like the umask set in .profile or whatever for their shell is sourced and does work. At least it does seem to in my experience. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
