From owner-freebsd-questions@FreeBSD.ORG Tue Mar 31 21:15:43 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E14071065670 for ; Tue, 31 Mar 2009 21:15:43 +0000 (UTC) (envelope-from claudiu.vasadi@gmail.com) Received: from mail-bw0-f164.google.com (mail-bw0-f164.google.com [209.85.218.164]) by mx1.freebsd.org (Postfix) with ESMTP id 420328FC1A for ; Tue, 31 Mar 2009 21:15:42 +0000 (UTC) (envelope-from claudiu.vasadi@gmail.com) Received: by bwz8 with SMTP id 8so2474857bwz.43 for ; Tue, 31 Mar 2009 14:15:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:to:subject:from :content-type:mime-version:content-transfer-encoding:message-id :user-agent; bh=Xr5URMXpJzjmwmQfwJpn49TQMEA5bySRxRvRcgKSeog=; b=tGQt3PuEMLzlIDdgGFgSsggn6+8qpudQBhbXYVRnEegQbZJrTGOj2u6414GwTXHAMO ViZdR8aM3DstgBJT45inQqKL9b+ZExaHu3GsQ77O6YdpEoSSzbpY9TKWqD0gNsQIpdoP 9TSFTafGVbeF+wBzw/iR0rkT+relrLMgKazmc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:to:subject:from:content-type:mime-version :content-transfer-encoding:message-id:user-agent; b=O+qHYV77tjDd1C5C3DkhQh6/CnmXGzCpnMWqjoTx9LEqURfsbUE0McCjXSU0Iz8DnO xbPe1xW86Mx0i3b/2p5T4gJAAAQDuaZ8dOobP4EBPiQibgsMkDEkJ6zhj981XRT/Cc0I Vfk0JQtfe/CNKKtR9a5Ef7vijFS3zB7rgTqQc= Received: by 10.103.240.15 with SMTP id s15mr2480857mur.102.1238534142077; Tue, 31 Mar 2009 14:15:42 -0700 (PDT) Received: from da1-desktop-x64 ([79.113.15.151]) by mx.google.com with ESMTPS id i7sm12729499mue.44.2009.03.31.14.15.41 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 31 Mar 2009 14:15:41 -0700 (PDT) Date: Wed, 01 Apr 2009 00:13:41 +0300 To: "freebsd-questions@freebsd.org" From: "Vasadi I. Claudiu Florin" Content-Type: text/plain; format=flowed; delsp=yes; charset=iso-8859-15 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: User-Agent: Opera Mail/9.64 (Win32) Subject: ftp with .... ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2009 21:15:44 -0000 Hello guys, Here's the deal: I have a samba server on a FreeBSD 7.1-STABLE running with mod-acl (or whatever it's called). The folder it is connected to (let's call it "share") has acl enabled. Thus all data written with samba (from my xp box) automagicly inharits permision of parent folder (root:wheel). Perfect till now. This is were the catch catches up. I also want ftp access to that folder (a master ftp account that only I will know) but also want it with acl "features"; I mean all files written by/through ftp will (or must) have inherited parent directory permisions, leaving samba full permisions over files/folder in that directory (as stated by acl). Here's the curent setup the "share" folder (actually "/mnt") # file: /mnt/ # owner: root # group: wheel user::rwx user:smbadmin:rwx user:ftpadmin:rwx group::--- mask::rwx other::--- As you can see, the owner is root:wheel. The samba master acount is "smbadmin" with rwx privileges. Now, I wish to employ another username, also with rwx privileges, for a master ftp account (say "ftpadmin"), but all files writen by this user *will* eventually end up on disk as root:wheel, not ftpadmin:group. What I've done so far. Read a bit about chmod +s and by "chmod g+s" managed to ensure that whoever writes files to that folder, end up belonging to wheel group. Didn't manage on the other hand to employ the same thing for the user. Files are owned by "ftpadmin" Of course I could add these accounts into one big group, but then, were would all the fun be ? :) And also, I would have a terrible time when say another ftp user would be required to have some sort or acces but diferent from that group I previously mentioned (say r--). Now, from what I tinkered about I need some sort of control "agent" between the actual ftp and the disk (something similar to mod-acl of samba maybe?) or force the files that are to be written to disk to change theyre usr:group by some chmod-similar manner. Please point me in the right direction. A link, an ideea ... something. Am capable of doing it myself, no need for "please do this for me"..nono. So ?