-2

I'm using ProFTPD 1.3.1 Server on Linux. Currently when you upload files via FTP the files have the permissions mode of 664. I would like to change this to default files to 775 instead.

The aim is to allow users that are in the same group as the group that owns the file(s) to be able to edit and replace them.

By default (664), only the original user can edit and replace the file.

Camsoft
  • 911
  • 4
  • 12
  • 21

2 Answers2

2

I would imagine that would be in a configuration file, a quick google search tells me that the configuration file is called proftpd.conf.

edit the umask values in vi or something to set the permissions you need.

heres a link to what a basic proftpd.conf file would look like so you know where to look to set the uMask. http://www.proftpd.org/docs/configs/basic.conf

Hope this helps.

kyoung
  • 140
  • 11
  • I've set the umask setting to 002 002 in the config file but it still seems to be uploading files as 664. – Camsoft Feb 03 '10 at 15:18
  • Your FTP client may also be setting a umask which would override the config file's default. Try `umask 002` in the FTP client. No clue how to set it from GUI FTP clients, or if some (IE) even let you... – voretaq7 Feb 03 '10 at 15:21
  • I'm using Filezilla for Windows.I can't see any setting that would suggest it overrides the systems default umask values. – Camsoft Feb 03 '10 at 15:27
  • I would hope FileZilla wouldn't blindly override the default, on the off chance it does http://forum.filezilla-project.org/viewtopic.php?f=2&t=2056&p=12410&hilit=post+login+commands#p12410 (the magical undocumented way of executing arbitrary commands like `umask` after login) may be helpful – voretaq7 Feb 03 '10 at 15:38
  • 2
    under normal scenarios, even if the umask allows it files are created *without* execute (as it'd be a security risk), and so the 1s bit in the umask only affects directory creation. – Joe H. Feb 03 '10 at 15:56
  • @Joe H That's really helpful. I was not aware files and directories had different permissions. So to allow user and/or group to edit files and directories what umasks should I be using? – Camsoft Feb 03 '10 at 16:07
  • @Joe H Wow, and I thought i was well versed on the idiosyncracies of FTP - good catch :) – voretaq7 Feb 03 '10 at 16:28
  • @Camsoft - as long as the appropriate (group) write bit is set and they're in the group your other users should be able to edit the file. To replace it they would need write on the parent directory too. FTP uploading is usually (Always?) a "replace" :-) – voretaq7 Feb 03 '10 at 16:32
  • @voretaq7 : it's not just FTP ... it's a function of how posix systems apply the umask : http://linux.die.net/man/2/umask – Joe H. Feb 04 '10 at 01:46
  • @camsoft : there's a few issues; 02 will give files u+rw,g+rw,o+r and directories u+rwx,g+rwx,o+rx. (use 07 to lock out other) ... but you have to make sure that the files are assigned to the correct group, which can get messy when you have have many users each in many groups. You can try setting group sticky (g+s) on the directory to make sure new items get set to the appropriate group for that directory, but if they create stuff elsewhere and move it in, in won't work. You can also look into FACLs if your system supports it. – Joe H. Feb 04 '10 at 01:53
1

First you say "644" then you say "664". Shouldn't that be the difference between user-writable and group-writable? Why should execute permissions be needed? I would recommend against that for security reasons.

Dennis Williamson
  • 60,515
  • 14
  • 113
  • 148
  • It was a typo, this has been corrected now; it should be 664. I used 775 because this allows the owner and group to read / write. I was not sure if I needed execute or not as they are mainly .php files. – Camsoft Feb 03 '10 at 15:54