group permissions for scp

0

2

We have a server running as a firebird user. We want to scp files to the server that are need by firebird but copied as another user: it-test.

What is the best way to set that up on the server-side so only the firebird user and the it-test user can access the file copied? The destination is always the same folder.

Something like this:

sudo setfacl -m u:firebird:r /opt/firebird/extern

That command did not work however (Operation not supported). I think that is for files only...

jcalfee314

Posted 2013-05-21T20:30:24.950

Reputation: 593

I have setfacl installed.... – jcalfee314 – 2013-05-21T20:57:19.227

Answers

0

You would need then set the parent folder to 0770, owned by firebird:somegroup. it-test and firebird should be in somegroup.

Then set the parent folder to be owned by somegroup and set the setgid bit on it. This will result in all subfolders and files owned by the parent folder owner group, not their creator group.

Finally upload all files as 0660, folders as 0770. This will result in both users being able to read and modify the files.

Janos Pasztor

Posted 2013-05-21T20:30:24.950

Reputation: 767

Asked: 2013-05-21T20:30:24.950

Viewed: 1 393 times

Active: 2013-05-22T15:38:33.960