Date: Tue, 7 Oct 2008 07:30:53 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: John Almberg <jalmberg@identry.com> Cc: Jeremy Hooks <jeremyhooks@googlemail.com>, freebsd-questions@freebsd.org Subject: Re: thorny (for me) permissions problem Message-ID: <20081007143053.GA51120@icarus.home.lan> In-Reply-To: <D13B1383-C327-44D6-B84E-A438599222ED@identry.com> References: <0C63914A-E3A3-4FC7-92AD-797F407A5FF7@identry.com> <bf2fbe6d0810070634p4ea1b086j96363e7d308268eb@mail.gmail.com> <D13B1383-C327-44D6-B84E-A438599222ED@identry.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 07, 2008 at 10:23:53AM -0400, John Almberg wrote: > > On Oct 7, 2008, at 9:34 AM, Jeremy Hooks wrote: > >>>> 4. however, after upload, the file has the ownership A:B (i.e, >>>> owned by >> A, group B) with permissions -rw-r--r--. So B does not have permission >> to >> delete the file. >> -rw-r--r-- 1 user_a user_b 154879 Oct 7 08:40 data_file.csv >> >> Hi John. >> >> Correct me if I am wrong but permission to delete a file depends on >> the >> users permissions for the containing directory. If B has write >> permission >> on the directory then B can delete the file. However you will likely >> need >> to use 'rm -f'. > > Argh!!!! > > As a newbie admin, I really have a tough time with permissions. I swear I > got a permissions error when I tried to delete this dang file, but I just > logged in as B and was able to delete it just fine. Of course this is > because B owns the directory. > > I guess I must have done something boneheaded an hour or two ago... > gosh, I hate wasting time. Mine, and the lists, of course. > > Well, thanks to Valintin, I did figure out how to change the umask for > pure-ftpd. So now uploaded files have the permissions I wanted, even if > they are not needed. Be careful with what you've done. If you changed the umask on the ftpd as a whole, then suddenly unrelated users are going to find their files writeable by whatever group/GID they default to. For example, on my systems, everyone's default group is "users", and I definitely would not want group-write set to files people upload on their accounts! The idea of a user being able to edit or zero out other users' data is not good. But that's also what the underlying directory permissions are for... As you've learned/remembered today. :-) > And thanks to the rest, I figured out it was working all along... And > now I can't even duplicate the error I saw before... > > <sigh> Does this ever get any easier??? How can any one person remember > all this stuff??? It gets easier with time; don't rush yourself. :-) Even those of us who have been using UNIX for almost 20 years forget the simplest of things on a regular basis. Be sure to let us know when you make the infamous "rm -fr" typo that nukes either / or ~. :-) -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081007143053.GA51120>