Topic "Permission Denied"

Author Message
drokare
[View user's profile]

Joined: 2008-04-04
Posts: 2
WinSCP 4.1.0 (Build 375) Using SFTP

I have a linux server that a group of Developers use for our Webpage.

I created a Group called dev and all the developers are in this group, I also made sure the dev was the default group in the /etc/passwd for those users.

I made sure that the all the files in the directory have the group set to dev and I made sure the files all had rw for the group. I have also made sure the default umask in the /etc/bashrc is set to 002 so that any new file created is automatically set to group dev and the rights default to rw-rw---.

Now I am on my Windows machine I use WinSCP to remote into the server, I drill down to the directory /var/www/html/ and copy over a file I modified locally, if the user is set to me, no problems, but if the user is set to another, I get access denied. yet I am a member of the dev group and the file has rw-rw---- so group has permission.

Am I missing something? Also the server is Fedora 5.

Thanks in advance..
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25025
Location: Prague, Czechia
Do you have write access to the directory itself? In case the file is first uploaded to a temporary name (e.g. to allow resuming the interrupted transfer), you need it. You can also disable this in preferences.
_________________
Martin Prikryl
drokare
[View user's profile]

Joined: 2008-04-04
Posts: 2
prikryl thank you for the reply

Yes I have right access. I posted this also to the Linux Group, but I will copy the question here to give you the full scope of the issue.

I think I may have found the issue, as the files themselves are owned by individuals. When overwriting the files it deletes the old one then creates the new one, and even though they are members of the group that have rwx(read, write, execute) on the files, the OS will not allow another group member to delete the file, only modify it...

At least that seems to be the issue I am seeing.

For example. User joe is a member of Group dev and User rob and bob are also members of Group dev.

joe has created a number of files for a website.

so we have the following;

/var/www/html/website
All the files in the website directory have the following rights;
-rw-rwxr-- joe dev about.html
-rw-rwxr-- joe dev contact.html
-rw-rwxr-- joe dev index.html

And the Directory has website has the following rights;
drwxrwxr-x joe dev website

Now bob has updated the the index.html, contact.html, and about.html. He has sftp into the linux server and attempts to overright the existing files, now he will get Access Denied. Even though bob is in the dev group and under the /etc/passwd his default group is dev.

So if bob creates a new file in the website, this from using sftp or I guess I should say copying a new file into the server these are the permissions that are shown when doing a ls -al

-rw-rwxr-- joe dev about.html
-rw-rwxr-- joe dev contact.html
-rw-rwxr-- joe dev index.html
-rw-rwxr-- bob dev test.html

As you can see the default group is dev for bob also and the dev group has full access to all the files in this directory.

I just can not find out how to get around this???? the only idea is to create another user that is ownership of the website files and we developers have to login as that user to overright/update the pages, but to track changes this makes more of a pain to see who actually made the changes for auditing or whatever....

I really hope this makes more sense.... and someone can explain why the group can not make the necessary changes. At this time we need to ssh in and chown the files to who ever is needing to update the files then use the sftp to place them on there. Then the next developer if they have made newer changes needs to then chown the files to him so he can make the changes. Problem is we have three developers that are not linux savvy, I and the other have to make the changes first for them in there directories they are working in....

There has to be something I am missing.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 25025
Location: Prague, Czechia
WinSCP deletes the file being overwritten only in case it is uploading the file to temporary name first. You can disable this behaviour on Endurance tab of preferences dialog. I believe that it should solve your problem.
_________________
Martin Prikryl
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License