Randall A Sindlinger on 5 May 2010 07:49:20 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] How to share write access to files via scp?...

On Wed, May 05, 2010 at 08:38:43AM -0400, Richard Freeman wrote:
> Another option, assuming you can accept the latency, is to use a cron 
> job to micromanage your permissions in your directory tree.  A script 
> that does a chmod -R every 10 minutes would handle this.  If your tree 
> is very large, that might not perform well.
> I'm not sure if openssh respects the setgid bit on the parent directory, 
> but a user-group approach might help if this were the case.  You might 
> not need w+rw if you can use setgid and your umask will get you g+wr.
> Rich

We've done that.  The thing is, even when you've got everything set up
so it Just Works perfectly, users still manage to screw it up :-P

If you already have an active kerberos realm, you could create a group
account, and put the memebers of the group in the .k5login file.  Then,
they'd login in with the group account uid and their kerberos credentials.

The downside is that you would no longer have individuals owning the files;
they'd all have the group account uid as the owner.

-Randall Sindlinger
 Systems Programmer, CETS
 School of Engineering and Applied Science
 University of Pennsylvania
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug