System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

permission issue afetr trusted system

 
SOLVED
Go to solution
Highlighted
Super Advisor

permission issue afetr trusted system

Hi ,

 

I have a setup wherein am using remsh from one box to another.

as soon as i converted box a and box b trusted ,

the file getting generated on box b using remsh from box a has only 600 permissions.

I tried setting umask 017 in both boxes /etc/profile but o/p still the same.

 

Suggestions needed .

 

Thanks.

11 REPLIES 11
Highlighted
Acclaimed Contributor

Re: permission issue after trusted system

>the file getting generated on box b using remsh from box a has only 600 permissions.

>I tried setting umask 017 in both boxes /etc/profile but output still the same.

 

umask permissions for remsh probably come from inetd(1m) and not /etc/profile.

Have you looked in /etc/rc.config.d/* or /etc/inetd.conf?

 

Also, if it comes from inetd(1m), you will need to restart that demon with:

inetd -k

inetd

Or maybe better:

/sbin/init.d/inetd stop

/sbin/init.d/inetd start

Highlighted
Super Advisor

Re: permission issue after trusted system

Hi Dennis ,

 

In /etc/inetd.conf i have ;

 

kshell stream tcp nowait root /usr/lbin/remshd remshd -K

 

where am i supposed to make that umask entry ?

Highlighted
Super Advisor

Re: permission issue after trusted system

Hi Dennis ,

I am using both ssh and remsh.

for remsh i found its /etc/default/security

for ssh i think should be sshd_config file right ??

 

Highlighted
Honored Contributor

Re: permission issue after trusted system

Hi:

 

man inetd

 

The Internet daemon and the servers it starts inherit the LANG and TZ environment variables and the umask of the process that started inetd. If inetd is started by the superuser, it inherits the superuser's
umask, and passes that umask to the servers it starts.

 

 

# umask 017

# inetd -k

# inietd

 

Verify 'umask' entry in /sbin/init.d/inetd file

 

rgs,

 

 

Highlighted
Acclaimed Contributor

Re: permission issue after trusted system

>for ssh I think should be sshd_config file right?

 

Yes, that's what I saw.

 

>Verify 'umask' entry in /sbin/init.d/inetd file

 

On a untrusted system, I saw it set to 000.

Highlighted
Super Advisor

Re: permission issue after trusted system

 Hi Rariasn,

I tried after editing that entry in /sbin/init.d/inetd but still the same permissions .

 

box A contains ssh passwordless script which logins to box B ( trusted ) and creates file of 600 permissions , i want it to be 644.

Highlighted
Super Advisor

Re: permission issue after trusted system

Hi Dennis ,

Then what entry to be edited in sshd_config related to umask.

Highlighted
Acclaimed Contributor

Re: permission issue after trusted system

>Then what entry to be edited in sshd_config related to umask.

 

Oops, wrong file.  There is SftpUmask in /opt/ssh/etc/sshd_config.

 

But my file was /etc/rc.config.d/sshd:

There should be a variable with UMASK in it:

SSHD_UMASK=000 # The acceptable values of ...

Highlighted
Super Advisor

Re: permission issue after trusted system

Hi Dennis ,

 

No entry with UMASK variable.