setting correct default permissions on directories and files created by sftp user in same group
1
vote
1
answer
2300
views
In my folder 
The owner is sftpuser and there is no write permission on that directory for my www-data user to create a subdirectory.
This causes my www-data user php script to spew out
> Backtrace from 'mkdir(): Permission denied' at /var/www/install-master/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php 336:
If I check the acl permissions on the parent directories from when I first set it to be group writable first, the topmost directory has correct acl permissions.
But the second level, created by sftp doesn't have these
I found this question , but not really a useful answer except that sftp ignores acls.
I have tried setting the umask bit for sftp in /etc/ssh/sshd_config
but even that didn't have an effect on the newly created directory. Still not writable for group.
How do I use sftp to give browse and create subdirectories permissions to newly created folders for owner and group, read and write permissions for owner and group, but not execute permissions on the files in those subdirectories?
Or should I use a different approach? As I understand it, sftp has only limited options on changing file permissions from the remote side, and acl are aparently ignored by openssh sftp.
So how do I get these proper permissions running on ubuntu 18.04 with an sftpuser?
/var/www/storage/app/uploads/public I have a lot of subdirectories that are made by my website CMS and sftpupload script from a remote server.
Now the problem I'm facing arises from the sftp upload created directories.
The owner is sftpuser and there is no write permission on that directory for my www-data user to create a subdirectory.
This causes my www-data user php script to spew out
> Backtrace from 'mkdir(): Permission denied' at /var/www/install-master/vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php 336:
If I check the acl permissions on the parent directories from when I first set it to be group writable first, the topmost directory has correct acl permissions.
But the second level, created by sftp doesn't have these
I found this question , but not really a useful answer except that sftp ignores acls.
I have tried setting the umask bit for sftp in /etc/ssh/sshd_config
but even that didn't have an effect on the newly created directory. Still not writable for group.
How do I use sftp to give browse and create subdirectories permissions to newly created folders for owner and group, read and write permissions for owner and group, but not execute permissions on the files in those subdirectories?
Or should I use a different approach? As I understand it, sftp has only limited options on changing file permissions from the remote side, and acl are aparently ignored by openssh sftp.
So how do I get these proper permissions running on ubuntu 18.04 with an sftpuser?
Asked by Tschallacka
(163 rep)
Aug 6, 2019, 09:19 AM
Last activity: May 12, 2025, 10:03 PM
Last activity: May 12, 2025, 10:03 PM