5
3
I want to set the default permission for all files in a folder, including newly uploaded ones, to a certain value, say 644, instead of doing "chmod 644" all the time.
Is there any command making this possible?
user866435
Posted 2011-09-05T23:51:40.643
Reputation: 51
6
I've spent considerable time searching for a more complete answer to this question. Configuring a different umask for sftp is well and good, but it is not a universal answer, since the umask will only restrict permissions and not grant additional ones. What exact permissions a file uploaded via sftp end up with depend also on the permissions of the original source file, and on the client used for the upload.
As an example, I've set the umask on my (OpenSSH, on a Red Hat server) sftp server to 0002, but if I upload a text file with 0600 permissions on the source system using the OpenSSH sftp client, it will still have 0600 permissions at the destination. Notably this means I cannot, to the best of my knowledge, ensure that files uploaded to this sftp server have any group permissions at all, which by extension means I also cannot use access control lists (ACL) to extend permissions to other users or groups.
To attempt two methods that would address this, though in both cases they are more workarounds than solutions:
I came upon a blog post at positon.org which nicely explains the inotify option, with examples and even init scripts. It's best read there, but in the event the site ever disappears, the key command is:
inotifywait -mrq -e CREATE --format %w%f /tmp/mytest/ | while IFS= read -r FILE; do chmod g=u "$FILE"; done
As neat as this is, I would still be very interested in a way, by feature or trickery, to obtain the same result within sftp or at least the shell, without involving separate utilities.
anlag
Posted 2011-09-05T23:51:40.643
Reputation: 138
5
Alternatively, you can set the umask for all sftp logins in sshd's config file (/etc/ssh/sshd_config on my Debian box). For that add -u 022 to the sftp subsystem line like so:
Subsystem sftp /usr/lib/openssh/sftp-server -u 022
From man sftp-server:
-u umask
Sets an explicit umask(2) to be applied to newly-created files and directo‐
ries, instead of the user's default mask.
cstork
Posted 2011-09-05T23:51:40.643
Reputation: 151
0
Modify /etc/ssh/sshd_config to have:
Subsystem sftp internal-sftp -m 0644
Reload SSHD configuration:
sudo systemctl reload sshd
tomuxi
Posted 2011-09-05T23:51:40.643
Reputation: 1
0
The permission files are created with depends on your umask. To get 644 permissions, set your umask to 022 (umask 022).
To make this change permanent, put that command in the remote servers ~/.profile (depending on your shell).
Ingmar Hupp
Posted 2011-09-05T23:51:40.643
Reputation: 435
I searched umask and got the idea of that. But I still don't know where to change/edit that value. Can you give me more hints? – user866435 – 2011-09-06T00:27:23.233
In the remote servers ~/.profile, most likely. Simply add the line umask 022 at the very bottom (in most cases). – Ingmar Hupp – 2011-09-06T00:29:08.257
sorry, but I can't find the file .profile under the folder. Do I just create one? – user866435 – 2011-09-06T00:34:34.523
@user: Yes, just create one. (However, note that if ~/.bash_profile exists, then ~/.profile will be ignored.) – user1686 – 2011-09-06T07:39:11.247
0
The .profile will be in the home directory for your user account. When ssh in you're going to be in your home directory, but you can also cause the shell to change to your home directory by typing:
cd
If you're on linux and your user shell is bash, as most people are, you probably won't have a .profile, but you may have a .bash_profile and .bashrc. Set the umask in either of those files rather than make a .profile.
gview
Posted 2011-09-05T23:51:40.643
Reputation: 506
This is should be acceptable answer as this is only one solution after 10 hours which works.... Thanks man. Really works... Here what doenst work for me: https://stackoverflow.com/a/10221511/2309309 https://unix.stackexchange.com/a/12847/258413
– fdrv – 2017-11-01T10:04:05.257