Re: [Proftpd-user] Limiting account commands

On Tue, Mar 01, 2005 at 06:23:33PM -0500, A. Khattri wrote:
> 
> I have a need to setup the following FTP site:
> 
> The main FTP folder has two subfolders, A and B, and there are two
> "sub-accounts" that login to A and B. Let's call these users, user A and
> user B. So user A can login to folder A and user B can login to folder B.
> 
> Now I need to have user A have only read-only rights to whatever is in
> folder A. User B can upload and download anything inside folder B.
> 
> In addition, I neither can delete files or folders but user B should be
> able to create folders.
> 
> (Are you confused yet?)

If I am following you right, this should work:

Put A and B into group foo.

$ chown -R root.foo A
$ chown -R B.foo B
$ chmod 2640 A B

Now, let Linux protections work for you.  A doesn't have write access to
B's directory but has read access through the group permissions.  Ditto
for B.  They can each create subdirectories and the group read
permissions will be propogated via the gid bit.  A does not have write
access to A since he doesn't own the directory nor does the group
permission give him write access.

You didn't say if user B should be able to write to directory A so I'm
assuming that he's not allowed to.  If he is, make B the owner of A
instead of root.

--

-- 
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts <at> ewilts.org
Member #1, Red Hat Community Ambassador Program

-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html