|
Freenas Ftp + users and permission problem
I'm having trouble with freenas and ftp users. I cannot seem to make it so any user created can download the files from the server despite who created them. I would like it so the files cannot be deleted, Just downloaded. Is there anything i should look into? (i'm using filezilla as the client)
|
I think that if the files have read permissions but not write permissions, then they may be copied but not deleted. In the folder where you are keeping the files available for ftp transfer, you can execute the command
Code:
chmod ugoa+r-w *Cheers, jdk |
Ok thanks. However any user can upload and delete existing files. But if a file is uploaded by user "A" then user "B" cannot download a file uploaded by user "A".
But! user "B" can delete all files uploaded by user "A" I hope that makes sense :s |
Quote:
cheers, jdk |
Ah sorry. I'll try and explain it again
example: Lets say "john" logs into the server with Filezilla and uploads a file called example.doc Then "mike" logs into the server with Filezilla and tries to download example.doc, mike will be unable to download that file. However! mike can delete any file that is uploaded by john or mike. I'm trying to make it so that if "john" uploads a file any user whether it's mike, chris, beca etc can download that file. Basically any user should be able to download a file uploaded by another user but should NOT be able to delete anything is that better? Thanks |
Yes,...I think. Isn't that what I addressed originally? I'm still unclear as to whether you tried my suggestion or not. Is the problem that users are constantly adding new files and you want to make sure that they are assigned the +r-w permissions so they can be copied but not deleted?
cheers, jdk |
By using that command you listed. Would that be in the shell from the login via a browser?
|
You could run a script from the server (where the files are up and downloaded) that would set those permissions every x minutes depending on how long you wanted to leave the newly uploaded files vulnerable to deletion. There are more clever ways of doing this but I'm still not quite sure what you want. For example you could keep the upload and download folders separate on the the server and copy the upload contents to the download folder every x minutes (user cron or a crontab setting, for example) but there are loads of other ways of doing this.
cheers, jdk |
Ah ok..
Well here's the setup When a user logs in there are 4 drives that the user can access. All i want is that any user can access anything. Download and upload whatever they want. the only limitation on their "user" is that they cannot delete anything. For example if "john" logs in and access the drive called 17gb, he can upload and download whatever he wants to that drive/folder. But cannot delete anything. Then any other user can download what john has uploaded. At the moment i'm stuck, as if a user called "john" (for example) uploads a file, no one else can download it. so would chmod ugoa+r-w /mnt/17gb be a suitable command? |
The problem is that if you restrict the folder where the users upload stuff to, to -w then how can the upload stuff there. Also I am not TOTALLY sure that any file copied to a folder with automatically inherit the permissions of that folder. I'd say the two folder solution is the simplest (one folder for uploads with +w permission and then at regular intervals copy those files to the download folder and changing permissions to -w).
Get it? cheers, jdk |
Try putting them all in the same group and using setgid http://en.wikipedia.org/wiki/Setuid#...on_directories for read/ownership issues.
However, you need dir +w to write OR delete a file, so I don't think you can do it with perms (or even ACLS). http://content.hccfl.edu/pollock/AUn...ermissions.htm I think(?) you'd need to customise the FTP server cmd options to disallow 'rm' ie remove it as an avail cmd. I could be wrong |
| All times are GMT -5. The time now is 06:26 PM. |