Fedora Linux Support Community & Resources Center
  #1  
Old 26th June 2012, 12:10 PM
henry2010 Offline
Registered User
 
Join Date: Apr 2010
Posts: 39
linuxfirefox
ftpserver

I have installed vsftpd in fedora 14 machine. three ftp users are created. I want users can upload or download files via ftp. but users should not delete these files. How to prevent the users to delete the files in my ftp server. this means uploaded files should be deleted on any account. how to resiolve this.

henry
Reply With Quote
  #2  
Old 26th June 2012, 01:30 PM
jpollard Offline
Registered User
 
Join Date: Aug 2009
Location: Waldorf, Maryland
Posts: 6,865
linuxfirefox
Re: ftpserver

For a user to create files (via upload) the user must be able to write to the directory.

The only requirement for a user to delete files is to be able to write to the directory...

Can't have one without the other.

That said, if what you actually want is for users to be unable to delete other users files then you have to set the "t" flag on the directory (just like it is on /tmp).

Last edited by jpollard; 26th June 2012 at 01:32 PM.
Reply With Quote
  #3  
Old 26th June 2012, 02:01 PM
DBelton Offline
Administrator
 
Join Date: Aug 2009
Posts: 7,320
linuxfirefox
Re: ftpserver

Another thing to try is setting the "immutable" bit on the file (+i)

This has to be set (and unset) by the root user, and while set, even root will not be able to delete (or modify) the file.

You could possibly set the defaults for your ftp upload folder to set the +i or have a script that picks up when new files are written in the folder and sets it for you.
Reply With Quote
  #4  
Old 26th June 2012, 02:58 PM
jpollard Offline
Registered User
 
Join Date: Aug 2009
Location: Waldorf, Maryland
Posts: 6,865
linuxfirefox
Re: ftpserver

You can only set the immutable bit from a command line. Files that are dropped in via ftp cannot get it set.

Until the bit gets set, it can be overwritten or deleted.

Of course, it also prevents the user from updating the file...
Reply With Quote
  #5  
Old 26th June 2012, 03:23 PM
beaker_ Offline
Registered User
 
Join Date: Nov 2008
Location: Canada
Posts: 2,396
linuxfirefox
Re: ftpserver

Any reason not to try:
Force uid
Force groupid
Set stickybit
Most or all, except the owner who probably will never log on, vsftp users have rwx rights through group membership only.

Late Edit: So it'd look something like:
Code:
chown VSFTP_GodLikeUser:VSFTP_Group FTP_Directory
chmod 770 FTP_Directory              <<------ I'm guessing here.
chmod u+s FTP_Directory
chmod u+g FTP_Directory
chmod +t FTP_Directory
Though I wonder if a user could write null to a file.



Late Late Edit: Never mind. I see the circle: u+s is crippled for what I want to do.

Last edited by beaker_; 26th June 2012 at 04:28 PM.
Reply With Quote
  #6  
Old 26th June 2012, 03:27 PM
DBelton Offline
Administrator
 
Join Date: Aug 2009
Posts: 7,320
linuxfirefox
Re: ftpserver

You could use something like inotify or incron to monitor the directory and run certain commands when new files are detected.

I do believe that incron can run commands as root if it's defined in the system tables rather than in the user tables.

I would start with looking at inotify since it's included in the kernel now.

Look at the packages inotify-tools and incron (in the fedora repos) and see if they would do what's needed.
Reply With Quote
Reply

Tags
ftpserver

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
550 error from ftpserver on linked dirs triplehead Servers & Networking 3 21st July 2005 10:42 PM


Current GMT-time: 11:23 (Monday, 20-10-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Lakinsk Instagram Photos - Castillejos Instagram Photos - Szczytno Travel Photos