I do not want to use the umask mount option for sshfs (in /etc/fstab) as that does not give the desired behavior. I found that the following specification in /etc/ssh/sshd_config is a good solution for setting the umask: Subsystem sftp internal-sftp -u 0006 sftp-server umask setting:Īs sebasth says below, when sftp-server is used, the umask in /etc/profile or ~/.bashrc isn't used. Any user in any group can read and write files in Shared1, which does not meet our requirements. Removing the mount option default_permissions eliminates these errors, but it also eliminates all permissions checking. Also using root in the mount specification doesn't seem to help.) (I had expected the allow_other mount option would prevent this, but it doesn't. The only user that doesn't have the problem is the one used in the mount specification. If I change the mount specification to use those errors go away for user2 but then user1 and user3 experience them. The two errors above appear to be key to understanding the problem. Mv: preserving permissions for ‘./deleteme7.txt’: Operation not permitted Mv: preserving times for './deleteme7.txt': Operation not permitted I can show the same result by moving text files in the terminal: Shared1]$ echo user2 > Shared1]$ mv /home/user2/MoveMe/deleteme7.txt. Permissions errors prevent this, and sometimes it crashes Dolphin. Second problem:Īs a temporary workaround I tested saving the scanned images to user2's home directory, then moving them to the Shared1 directory using Dolphin File manager. Any user in group "team" can create and save a file in Shared1 via nano text editor, and any other user in the group can edit / update it. In the terminal, and with a text editor (Kate in KDE), the users can collaborate on files that were created in Shared1 as expected. In /etc/fstab, the mount is specified as: /home/common fuse.sshfs tomount,_netdev,user,follow_symlinks,identityfile=/home/user3/.ssh/id_rsa,allow_other,default_permissions 0 0 Note that ownership is user3 while this is user2 creating the file. In a terminal, user2 can touch a document in the Shared1 directory and the permissions are: -rw-rw- 1 user3 team 6 Sep 23 19:41 deleteme6.txt user2 can save the scanned document to their home directory. The permissions on that file are owner (user3) rw and group (team) read only (and other none). The save operation fails due to permissions. User2 scans a document with XSane (a Gnome app) and attempts to save it in Shared1 directory, which is part of the SSHFS mount point. We removed all ACLs for the umask-focused configuration. The gid sticky bit is set with chmod g+s. On the server, the shared directory has permissions user3 (owner) rwx and group (team) rwx, while other have r-x permissions. The SSHFS mount is done via with option allow_other. Client and server run Arch Linux (updated a couple days ago). The client computer mounts a share via SSHFS. User1, user2, and user3 all log into the same client computer. Here I am trying to get SSHFS working by making the umask correct (which, in theory, should solve the problems I'm experiencing). I have tried NFS and SSHFS using ACLs without success yet. The -vvv is huge.My goal is to allow all users who are members of the "team" group to edit (r/w) the same set of remote files - normal work collaboration - using a local mount point. I looked in the log files but didn't see any errors coming back from the server, but I may not have looked in the right log? sftp scp /home/pi/Pictures/image.jpg prompted for a password, then access denied in both cases. I did go into the Pi configuration and enable SSH. I'm able to connect to the server with CyberDuck on my Mac and on a windows machine but I can't get my Pi to connect from the command line. I am trying to sftp or scp from the command line on my Pi to my GoDaddy server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |