HPE Community
Operating System - HP-UX
1819984 Members
3884 Online
109608 Solutions
New Discussion юеВ

How to setup SFTP directory with "Upload files" ONLY ?

 
yyghp
Super Advisor

тАО08-17-2005 12:49 AM

тАО08-17-2005 12:49 AM

How to setup SFTP directory with "Upload files" ONLY ?

How to setup SFTP directory with "Upload files" ONLY ?

I have SSH service running on HP-UX 11.11, users want to access one directory via SFTP. They can only upload files to that directory, that is, ADD files, but they can't REMOVE or UPDATE those files under that directory.
Is that possible? If yes, how?
( as I know, if I give user the permission to WRITE to that directory, "drwx------", then they can not only add files, but also change the name of the file, remove the file... )
Thanks!
0 Kudos
Reply
5 REPLIES 5
Simon Hargrave
Honored Contributor

тАО08-17-2005 01:03 AM

тАО08-17-2005 01:03 AM

Re: How to setup SFTP directory with "Upload files" ONLY ?

Are they uploading as one username, or different users?

You can set the sticky bit on the directory which will stop people deleting files owned by other users, but if you want to stop anyone deleting any files you really want a batch job that will move them out of the upload directory on a regular basis.

A loop that performs an fuser on a file to ensure it's not open (and therefore isn't mid-copy), then mv it to another directory.
0 Kudos
Reply
yyghp
Super Advisor

тАО08-17-2005 01:23 AM

тАО08-17-2005 01:23 AM

Re: How to setup SFTP directory with "Upload files" ONLY ?

I will setup one generic account for the user. The directory is either owned by this user or other user( if owned by other user, for example: oracle, such generic account can access via group permission ).

What's sticky bit?

Thanks!
0 Kudos
Reply
Simon Hargrave
Honored Contributor

тАО08-17-2005 01:36 AM

тАО08-17-2005 01:36 AM

Re: How to setup SFTP directory with "Upload files" ONLY ?

To set the sticky bit on a directory, you use:

chmod 1777 dir

The permissions will look like

drwxrwxrwt

The t is the sticky bit. Basically it means that, even though the directory can be changed by anyone, it forces that ONLY the owner of the directory or the file can change/delete the file.

However since you have only 1 user it will not help in this case.

You will need to use the scripted moving I suggested earlier.
0 Kudos
Reply
yyghp
Super Advisor

тАО08-17-2005 03:23 AM

тАО08-17-2005 03:23 AM

Re: How to setup SFTP directory with "Upload files" ONLY ?

Thanks Simon!

Is there any other option to let the owner of the directory to add files to that dir only, but no delete files allowed?
I don't think the batch job solution can fit my case well, but thanks anyway.

0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО08-17-2005 03:33 AM

тАО08-17-2005 03:33 AM

Re: How to setup SFTP directory with "Upload files" ONLY ?

If you are careful with ownership, read and write permissions you can pull this off.

You may need to add a cron program that runs every few minutes and uses root to change the permissions on new files so that once uploade the users can't do anything like delete them.

That program will probably need to run once a minute but won't be that cpu intensive.

I suppose given some more time, I could design it further, let me know.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.