Juerg,
We have a very similar problem; I'm trying to figure out how to get
local user uploads (non-guest, non-anonymous) chowned to a specific
user and group. Below is the relevant piece of our current wu_ftpd
ftpaccess file that forces uploads by users with $HOME="/app/www"
to be owned by the user and group that owns the directory they upload
into. I've read everything I could find trying to find a way to
replicate this functionality implemented in wu_ftpd. In maintaining
our website, we have groups of users who need to be able to update
the same file. In order to do that, we put the users into groups
that correspond to directory names. We also have an administrator that
needs to be able to write to all directories (not as root). To do
this, we have a "webadmin" account own all directories and files.
When we add the following "upload" config to the ftpaccess file, it
forces all uploaded files to be owned by the
proper "webadmin":"directoryname(group)" so that that "webadmin" gets
the "owner" permissions and the "directoryname(group)" get the "group"
permissions. When we migrate to vsftpd, we can handle the
"directoryname(group)" part of this by using the sticky bit on the
directories, but the OS doesn't have an equivalent "owner-sticky"
option. Apparently vsftpd.conf doesn't have an equivalent "upload"
directive to force file ownership for local (non-guest, non-anonymous)
uploads to be owned by another user ("webadmin"). We could put
"webadmin" user into all of the groups, except that there are over
100 of them, and the OS only allows a user to be in 32 groups.
# ARB ************************************************** ***
# The following line "upload" command makes uploads to subdirs of /app/www
# be owned by the owner/group of the directory. This will preserve
# "overwrite-abilility" for group members, note that this is specific to
# users whose "root" is /app/www
upload /app/www * yes * * 0664 "dir" 0775 * *
# ARB ************************************************** ***
I think we can work around this by having a CRON job go
through and chown (recursively) all uploaded files to
the web admin user, but I'd much rather find a way to get
vsftpd to do it. Anyone else running into problems migrating
"upload" directives from wu-ftpd to vsftpd? Any thoughts?
Gerald Klaas
(E-Mail Removed)
http://sacto.com/g
>From: Juerg Sommer ((E-Mail Removed))
>Subject: vsftpd - chown on upload
>Newsgroups: comp.os.linux.networking
>Date: 2003-07-03 07:17:14 PST
>
>Hi
>
>Recently I installed vsftpd on my linux machine (redhat 9.0). The server
>works fine, but I have some configuration problems:
>
>I've several user-accounts for uploading (NOT anonymous). If they upload
>some files, it should be impossible to download them again. Only one
>administrator account must can download and delete these files.
>
>With wuftpd (which was installed on my previous server), I made a user and
>permission change (in ftpaccess):
>
>So "user1" has uploaded a file. Now ownership and permissions are changed to
>user "admin", chmod 600.
>
>With vsftpd I can change the permissions (local_umask), but NOT the owner.
>
>Is it possible to change the file owner on file-upload? Have somebody
>another idea to solve this problem?
>
>Thanks in advance.
>
>Greetings
>Juerg
Similar Threads
Linear Mode
