HPE Community
Operating System - HP-UX
1752571 Members
4577 Online
108788 Solutions
New Discussion

permission strange Issue

 
itrc55
Regular Advisor

‎08-15-2011 03:10 AM

‎08-15-2011 03:10 AM

permission strange Issue

 Hi,

 

i enabled the trusted mode on all HP servers (11.31) without problem, but when i copy file or directory from server to other by using sftp command the permission on destination server it's different of source server. ??!

and when i disable the trusted mode on destination server the permission will be the same on source.

 

How can i resolve this issue with trusted mode enabled ?

 

Thanks

0 Kudos
Reply
14 REPLIES 14
James R. Ferguson
Acclaimed Contributor

‎08-15-2011 04:43 AM

‎08-15-2011 04:43 AM

Re: permission strange Issue

Hi:

 

By default, Trusted mode provides a more secure 'umask'.  You can "loosen" the security by choosing a different 'umask' in '/etc/default/security' (globally or system-wide) and/or in '/var/adm/userdb' for changing on a per-user basis.  See the 'security(4) and the 'userdb(4)' manpages for more information.

 

Regards!

 

...JRF...

0 Kudos
Reply
itrc55
Regular Advisor

‎08-15-2011 05:18 AM - edited ‎08-15-2011 05:30 AM

‎08-15-2011 05:18 AM - edited ‎08-15-2011 05:30 AM

Re: permission strange Issue

Hi,

 

what is the best value of umask to avoid permission changed when copy file from system to other.

please i need answer because it's very urgent case.

 

where the current value is 0 and range is 0 - 511

and i try to change it to 331 for example and this the result r-- --- ---

 

please your support

 

Thanks

0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎08-15-2011 05:31 AM

‎08-15-2011 05:31 AM

Re: permission strange Issue

@itrc55 wrote:

what is the best value of umask to avoid permission changed when copy file from system to other.


Keeping the 'umask' the same on your systems is one way.  Using 'scp -p' is another.

 

Regards!

 

...JRF...

0 Kudos
Reply
itrc55
Regular Advisor

‎08-15-2011 05:59 AM

‎08-15-2011 05:59 AM

Re: permission strange Issue

Hi,

Thanks for your support the -p option its working with acp command. but in my case other system push more files to HP-UX system by using sftp command how to resolve this issue. and all system has same umask 0

Thanks again
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎08-15-2011 06:27 AM

‎08-15-2011 06:27 AM

Re: permission strange Issue

@itrc55 wrote:

Thanks for your support the -p option its working with acp command. but in my case other system push more files to HP-UX system by using sftp command how to resolve this issue. and all system has same umask 0

You should also be able to do this more directly by specifying 'chmod' in the SFTP sesion dialog you specifiy.

 

Regards!

 

...JRF...

0 Kudos
Reply
itrc55
Regular Advisor

‎08-15-2011 11:49 AM

‎08-15-2011 11:49 AM

Re: permission strange Issue

Hi,

 

"You should also be able to do this more directly by specifying 'chmod' in the SFTP sesion dialog you specifiy."

 

but i said before the source system push it files by sftp command with 755 permission (Example) but the permission on the destination system is 700 always when trusted mode enabled.

 

is there any solution for that ?

 

Thanks

0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎08-15-2011 12:42 PM

‎08-15-2011 12:42 PM

Re: permission strange Issue

@itrc55 wrote:

but i said before the source system push it files by sftp command with 755 permission (Example) but the permission on the destination system is 700 always when trusted mode enabled.

is there any solution for that ?

Do (by example):

 

# sftp ...

> put /path/to/file

> chmod 555 /path/to/file

 

Like all good software you can always ask 'sftp' for help by typing "help" after establishing a connection.

 

Regards!

 

...JRF...

0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎08-15-2011 12:46 PM

‎08-15-2011 12:46 PM

Re: permission strange Issue

> chmod 555 /path/to/file

 

I assume you are now implying that "scp -p" won't help?

0 Kudos
Reply
Earl_Crowder
Trusted Contributor

‎08-15-2011 01:04 PM

‎08-15-2011 01:04 PM

Re: permission strange Issue

If you cannot change the scripts that are sftp-ing to your host, you can touch the file "/etc/default/BYPASS_TRUSTED_SYSTEM_UMASK_RESTRICTIONS" .  You need patch PHCO_39232 for 11.31 (or later) to enable this functionality.

 

Beware the security implications of doing this.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.