HPE Community
Operating System - HP-UX
1751748 Members
5686 Online
108781 Solutions
New Discussion юеВ

umask for ftp users

 
SOLVED
Go to solution
skt_skt
Honored Contributor

тАО10-17-2007 08:31 AM

тАО10-17-2007 08:31 AM

umask for ftp users

HP-UX 11.00

I see a difference in the umask command availability for two ftp users . SISCOM user belongs to shell /usr/bin/false.(umask command NOT available).
Other user belongs to /usr/bin/ksh.(umask command available)

230 User SISCOM logged in.
ftp> help
Commands may be abbreviated. Commands are:

! delete literal prompt send
? debug ls put status
append dir mdelete pwd trace
ascii disconnect mdir quit type
bell get mget quote user
binary glob mkdir recv verbose
bye hash mls remotehelp
cd help mput rename
close lcd open rmdir
ftp> umask
?Invalid command


ftp> help
Commands may be abbreviated. Commands are:

! debug mget put size
$ dir mkdir pwd status
account disconnect mls quit struct
append form mode quote system
ascii get modtime recv sunique
bell glob mput reget tenex
binary hash newer rstatus trace
bye help nmap rhelp type
case idle nlist rename user
cd image ntrans reset umask
cdup lcd open restart verbose
chmod ls prompt rmdir ?
close macdef proxy runique
cr mdelete sendport send
delete mdir passive site
ftp> umask
200 Current UMASK is 027
0 Kudos
8 REPLIES 8
Tim Nelson
Honored Contributor

тАО10-17-2007 09:36 AM

тАО10-17-2007 09:36 AM

Re: umask for ftp users

The default umask for ftp is set in the /etc/inetd.conf config file.
i.e. ftp -u 002

If same server and two different users having two different default umasks then that is a good one.


Another option is to review /etc/ftpd/ftpaccess for some specific user/group configs.

0 Kudos
skt_skt
Honored Contributor

тАО10-17-2007 11:09 AM

тАО10-17-2007 11:09 AM

Re: umask for ftp users

here what i intend to use is
change umask value to 133 so that i will have 644 permission on the file after the transfer.it is true for my id whihc uses ksh.

problem is umask command is NOT available for the user who uses /usr/bin/false.

I tried setting umask on user's profile but that is not reflecting for the ftp(even true for ksh user;i change it manually using umask for the ksh user)

Any method which i can acheive this?
0 Kudos
Bill Hassell
Honored Contributor

тАО10-17-2007 12:22 PM

тАО10-17-2007 12:22 PM

Re: umask for ftp users

ftp does not login so it doesn't matter what shell is being used. As mentioned before, the umask value is set by the ftp daemon on the destination machine. Edit the file: /etc/inetd.conf and add the option: -u 133 to the ftpd line. Close the files and type: inetd -c to reread the configuration file. Now all files will be created with the umask value of 133 (or permission 644 for the file).


Bill Hassell, sysadmin
0 Kudos
skt_skt
Honored Contributor

тАО10-17-2007 01:05 PM

тАО10-17-2007 01:05 PM

Re: umask for ftp users

But that is going to effect all the ftp trasfers. This is an option and not sound like a data secure option.

One of my questions still remains. what decide if a user has access to umask(ftp command) or not?
0 Kudos
Bill Hassell
Honored Contributor

тАО10-17-2007 03:08 PM

тАО10-17-2007 03:08 PM

Solution

Re: umask for ftp users

Try using the commands quote site as in:

ftp> quote site umask 022


Bill Hassell, sysadmin
0 Kudos
whiteknight
Honored Contributor

тАО10-17-2007 03:24 PM

тАО10-17-2007 03:24 PM

Re: umask for ftp users

Hi santosh,

You can refer to this doc for workaround

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=ucr_na-KMN8606472894_ssb-1

WK
Problem never ends, you must know how to fix it
0 Kudos
skt_skt
Honored Contributor

тАО10-18-2007 04:35 AM

тАО10-18-2007 04:35 AM

Re: umask for ftp users

did any one configure this type of requirment on ftpaccess?

i put a cron job to do this permission change due to the urgency of requirement.
0 Kudos
skt_skt
Honored Contributor

тАО11-18-2007 11:24 AM

тАО11-18-2007 11:24 AM

Re: umask for ftp users

closig with the current informations. Thanks to all.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.