[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] multiple committers, again
|
From: |
Jan Hudec |
|
Subject: |
Re: [Gnu-arch-users] multiple committers, again |
|
Date: |
Wed, 25 Aug 2004 10:02:22 +0200 |
|
User-agent: |
Mutt/1.5.6+20040803i |
On Wed, Aug 25, 2004 at 19:14:33 +1200, Martin Langhoff wrote:
> On Wed, 25 Aug 2004 08:53:04 +0200, Jan Hudec <address@hidden> wrote:
> > On Tue, Aug 24, 2004 at 22:08:07 +0100, Stig Brautaset wrote:
> > > On Tue, Aug 24, 2004 at 03:57:32PM -0500, Robert Anderson wrote:
> > > > What else can be done?
> > >
> > > I'd move tla to /usr/local/lib/tla and put something like the below in
> > > /usr/local/bin/tla:
> > >
> > > #!/bin/sh
> > > TMP=`umask`
> > > umask 002
> > > /usr/local/lib/tla $*
> > > umask $TMP
> > >
> > > That should work, no?
> >
> > No. It wouldn't. This only sets umask on the client. But it's the server
> > where it has to be set. And umask doesn't propagate over sftp connection.
> >
>
> Now, scenarios:
>
> - developers working locally on the same machine where the Arch
> archive is can use the shell script wrapper that sets the umask, thus
> avoiding the need to set a loose umask in their .bashrc
>
> - developers working remotely:
> - a shared account, accessed with ssh keys over sftp. no
> permissiosn/umask issues. This account can be locked down to avoid
> any other use.
Except that not all admins will give you this.
> - separate accounts on the sftp server, umask set through one of:
> - an sftp-server module patched to enforce umask
> http://sftplogging.sourceforge.net/docs/installation.html
VERY nice. But not needed here.
>
> http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=ly8%259.1463%24WQ2.197%40nwrddc02.gnilink.net&rnum=4&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DISO-8859-1%26q%3Dsftp-server%2Bumask%2B%26btnG%3DSearch
IIRC command= in authorized_keys overrides sftp-server too....
So just set the command to set umask and call sftp-server...
>
> - umask set in each accounts .bashrc or other shell init,
> because when sshd initialized sftp-server, it execs the
> login shell
>
> http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=970log%24l3%241%40FreeBSD.csie.NCTU.edu.tw
>
> http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=m1lbsb66cds.fsf%40syrinx.oankali.net&rnum=10&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DISO-8859-1%26q%3Dsftp-server%2Bumask%2B%26btnG%3DSearch
No. They don't want to set umask globaly. Only for sftp and
preferably only for the one invoked through arch.
-------------------------------------------------------------------------------
Jan 'Bulb' Hudec
<address@hidden>
signature.asc
Description: Digital signature
Re: [Gnu-arch-users] multiple committers, again, Stig Brautaset, 2004/08/24
- Re: [Gnu-arch-users] multiple committers, again, Jan Hudec, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, Martin Langhoff, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again,
Jan Hudec <=
- Re: [Gnu-arch-users] multiple committers, again, Cameron Patrick, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, Jan Hudec, 2004/08/26
- Re: [Gnu-arch-users] multiple committers, again, Robert Collins, 2004/08/26
Re: [Gnu-arch-users] multiple committers, again, Martin Langhoff, 2004/08/24
- Re: [Gnu-arch-users] multiple committers, again, Jan Hudec, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, Martin Langhoff, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, Jan Hudec, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, conrad, 2004/08/25
- Re: [Gnu-arch-users] multiple committers, again, Jan Hudec, 2004/08/26
- Re: [Gnu-arch-users] multiple committers, again, Matthew Palmer, 2004/08/26