Jason Stelzer on 5 May 2010 08:25:03 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] How to share write access to files via scp?...


I was reading this thread and a thought occurred to me that first made
me cringe, then giggle a little.

The real issue here is that you're fighting with a bunch of
permissions problems when you really are after a file system that has
a much more course grained idea of permissions. So, why not use a
different file system?

For instance, you could set up a very simple samba share, mount that
via loopback and have users upload to the mount point.

At that point you'd be using ssh to do user auth and file transfer,
and samba+smbmount to do the permissions mangling.

On Wed, May 5, 2010 at 10:49 AM, Randall A Sindlinger
<rsindlin+plug@seas.upenn.edu> wrote:
> On Wed, May 05, 2010 at 08:38:43AM -0400, Richard Freeman wrote:
>>
>> Another option, assuming you can accept the latency, is to use a cron
>> job to micromanage your permissions in your directory tree.  A script
>> that does a chmod -R every 10 minutes would handle this.  If your tree
>> is very large, that might not perform well.
>>
>> I'm not sure if openssh respects the setgid bit on the parent directory,
>> but a user-group approach might help if this were the case.  You might
>> not need w+rw if you can use setgid and your umask will get you g+wr.
>>
>> Rich
>
> We've done that.  The thing is, even when you've got everything set up
> so it Just Works perfectly, users still manage to screw it up :-P
>
> If you already have an active kerberos realm, you could create a group
> account, and put the memebers of the group in the .k5login file.  Then,
> they'd login in with the group account uid and their kerberos credentials.
>
> The downside is that you would no longer have individuals owning the files;
> they'd all have the group account uid as the owner.
>
> -Randall Sindlinger
>  Systems Programmer, CETS
>  School of Engineering and Applied Science
>  University of Pennsylvania
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
>



-- 
J.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug