Managing Linux Directory Permissions & SFTP

Posted by Dizzle on Server Fault See other posts from Server Fault or by Dizzle
Published on 2012-06-04T16:18:53Z Indexed on 2012/06/04 16:45 UTC
Read the original article Hit count: 344

Filed under:
|
|
|

Good morning; I have a RHEL 5.7 web server configured to allow SSH/SFTP only by specific groups. I'd like for content managers to upload content to their respective directories and have that content inherit the user/group ownership of the directory regardless of upload method or application. For example:

  • John is in group "web" for SSH/SFTP rights and "finance" for directory permissions, and uploads to directory "webstuff" via SFTP.
  • Directory "webstuff" has permissions of "2760" (rwxrws---), and ownership of "apache:finance".

If John uploads an update to an existing file in "webstuff", the ownership of the file stays at "apache:finance". If John uploads a new file to "webstuff", the ownership of the file is "john:finance".

My desire is to have any file from John uploaded to "webstuff" to change to the directory's owner. I've tried with setuid and setgid both set, but the user-ownership didn't take. I've seen mentions on ServerFault of using ACL's, or a chrooted jail for SFTP but I have yet to configure and test them, and I don't know if they're a viable solution (they could be, I just don't know because I've never done either). Any thoughts and assistance would be greatly appreciated.

© Server Fault or respective owner

Related posts about linux

Related posts about permissions