Op 18-10-17 om 17:31 schreef Sven Hartge: > Paul van der Vlis <p...@vandervlis.nl> wrote: > >> I try to force the umask of an sshfs on the server side. > >> I've tried /etc/ssh/sshd_config with for example: >> Subsystem sftp /usr/lib/openssh/sftp-server -u 0002 >> or: >> ForceCommand internal-sftp -u 0002 >> But this does not change the umask. > >> And adding "session optional pam_umask.so umask=0002" to >> /etc/pam.d/sshd/ does change the umask for ssh, but not for sshfs. > >> Does somebody understand where it goed wrong? > > The umask can only enforce stricter permissions, i.e. the client wants > to set 0777 but the file gets set to 0775 in your case. > > But it can't set wider permissions. If the client sets the permissions > to 0700 then no umask in the world will get you to 0775.
Thanks for the information, I have tested it and it's correct. I can set a stricter permission. > Dirty hack: use something like incron to trigger a script via inotify to > change the permssions. That's possible, I can think about it. > Grüße, > Sven. Groeten, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
