Paul van der Vlis <p...@vandervlis.nl> wrote: > Op 18-10-17 om 17:31 schreef Sven Hartge: >> Paul van der Vlis <p...@vandervlis.nl> wrote:
>>> And adding "session optional pam_umask.so umask=0002" to >>> /etc/pam.d/sshd/ does change the umask for ssh, but not for sshfs. >> >>> Does somebody understand where it goed wrong? >> >> The umask can only enforce stricter permissions, i.e. the client wants >> to set 0777 but the file gets set to 0775 in your case. >> >> But it can't set wider permissions. If the client sets the permissions >> to 0700 then no umask in the world will get you to 0775. > Thanks for the information, I have tested it and it's correct. I can > set a stricter permission. >> Dirty hack: use something like incron to trigger a script via inotify >> to change the permssions. > That's possible, I can think about it. You also could try Posix-ACLs. (The last time, I tried to use them for a similar use case, I lost nearly all my hair, but YMMV.) S° -- Sigmentation fault. Core dumped.
