Why is umask ignored when uploading files over sftp?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
Have a wierd issue with permissions on files uploaded to a remote system.
Locally, the file index2.html is chmod 664:
acoder@acoder-local ~ $ ll index2.html
-rw-rw-r-- 1 acoder acoder 29 May 17 14:46 index2.html
After uploading this same file to the remote system, the permissions on the remote directory show:
-rw-r--r--. 1 acoder acoder 3657 May 17 14:43 index2.html
I first thought I had incorrect umask setting on the remote system, but...
[acoder@remote public_html]$ umask
0002
For comparison, if I touch a file on the remote system, the correct permissions (for the given umask) show:
-rw-rw-r--. 1 acoder acoder 0 May 17 14:44 index3.html
So, how are permissions set on files uploaded via sftp? Why is umask ignored when placing files over sftp?
sftp umask
asked May 17 at 18:57
a coder
91962346
add a comment |Â
up vote
1
down vote
favorite
Have a wierd issue with permissions on files uploaded to a remote system.
Locally, the file index2.html is chmod 664:
acoder@acoder-local ~ $ ll index2.html
-rw-rw-r-- 1 acoder acoder 29 May 17 14:46 index2.html
After uploading this same file to the remote system, the permissions on the remote directory show:
-rw-r--r--. 1 acoder acoder 3657 May 17 14:43 index2.html
I first thought I had incorrect umask setting on the remote system, but...
[acoder@remote public_html]$ umask
0002
For comparison, if I touch a file on the remote system, the correct permissions (for the given umask) show:
-rw-rw-r--. 1 acoder acoder 0 May 17 14:44 index3.html
So, how are permissions set on files uploaded via sftp? Why is umask ignored when placing files over sftp?
sftp umask
asked May 17 at 18:57
a coder
91962346
What umask are you specifying with the-uoption of the server? Does it support-u?
– ajeh
May 17 at 21:35
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
Where is yourumaskset? In the shell startup files? I can't remember ifsftpis started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes toumaskthere won't be visible to thesftpserver
– ilkkachu
May 18 at 6:09
2
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
Have a wierd issue with permissions on files uploaded to a remote system.
Locally, the file index2.html is chmod 664:
acoder@acoder-local ~ $ ll index2.html
-rw-rw-r-- 1 acoder acoder 29 May 17 14:46 index2.html
After uploading this same file to the remote system, the permissions on the remote directory show:
-rw-r--r--. 1 acoder acoder 3657 May 17 14:43 index2.html
I first thought I had incorrect umask setting on the remote system, but...
[acoder@remote public_html]$ umask
0002
For comparison, if I touch a file on the remote system, the correct permissions (for the given umask) show:
-rw-rw-r--. 1 acoder acoder 0 May 17 14:44 index3.html
So, how are permissions set on files uploaded via sftp? Why is umask ignored when placing files over sftp?
sftp umask
asked May 17 at 18:57
a coder
91962346
Have a wierd issue with permissions on files uploaded to a remote system.
Locally, the file index2.html is chmod 664:
acoder@acoder-local ~ $ ll index2.html
-rw-rw-r-- 1 acoder acoder 29 May 17 14:46 index2.html
After uploading this same file to the remote system, the permissions on the remote directory show:
-rw-r--r--. 1 acoder acoder 3657 May 17 14:43 index2.html
I first thought I had incorrect umask setting on the remote system, but...
[acoder@remote public_html]$ umask
0002
For comparison, if I touch a file on the remote system, the correct permissions (for the given umask) show:
-rw-rw-r--. 1 acoder acoder 0 May 17 14:44 index3.html
So, how are permissions set on files uploaded via sftp? Why is umask ignored when placing files over sftp?
sftp umask
asked May 17 at 18:57
a coder
91962346
asked May 17 at 18:57
a coder
91962346
asked May 17 at 18:57
a coder
91962346
asked May 17 at 18:57
a coder
91962346
91962346
What umask are you specifying with the-uoption of the server? Does it support-u?
– ajeh
May 17 at 21:35
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
Where is yourumaskset? In the shell startup files? I can't remember ifsftpis started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes toumaskthere won't be visible to thesftpserver
– ilkkachu
May 18 at 6:09
2
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41
add a comment |Â
What umask are you specifying with the-uoption of the server? Does it support-u?
– ajeh
May 17 at 21:35
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
Where is yourumaskset? In the shell startup files? I can't remember ifsftpis started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes toumaskthere won't be visible to thesftpserver
– ilkkachu
May 18 at 6:09
2
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41
What umask are you specifying with the
-u option of the server? Does it support -u?– ajeh
May 17 at 21:35
What umask are you specifying with the
-u option of the server? Does it support -u?– ajeh
May 17 at 21:35
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
Where is your
umask set? In the shell startup files? I can't remember if sftp is started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes to umask there won't be visible to the sftp server– ilkkachu
May 18 at 6:09
Where is your
umask set? In the shell startup files? I can't remember if sftp is started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes to umask there won't be visible to the sftp server– ilkkachu
May 18 at 6:09
2
2
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
SFTP does not go through a login shell at all. It's directly managed by the SSH server. If the umask you expect is set by /etc/profile, ~/.profile, ~/.bashrc or some other shell initialization file then it doesn't apply to SFTP.
You can set an umask through the PAM module pam_umask. The setting for the SSH server will apply to both SSH shell sessions (unless overridden by a shell initialization file) and SFTP sessions.
You can also set the umask for SSH specifically by editing the Subsystem sftp line of /etc/sshd_config to pass the -u option to sftp-server.
answered May 18 at 11:50
Gilles
503k1189951522
I tried changing/etc/login.defsUMASK value to 002, but no luck - same permissions as before (detailed in question).
– a coder
May 18 at 14:00
Also tried editing/etc/ssh/sshd_configwith Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.
– a coder
May 18 at 14:06
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
SFTP does not go through a login shell at all. It's directly managed by the SSH server. If the umask you expect is set by /etc/profile, ~/.profile, ~/.bashrc or some other shell initialization file then it doesn't apply to SFTP.
You can set an umask through the PAM module pam_umask. The setting for the SSH server will apply to both SSH shell sessions (unless overridden by a shell initialization file) and SFTP sessions.
You can also set the umask for SSH specifically by editing the Subsystem sftp line of /etc/sshd_config to pass the -u option to sftp-server.
answered May 18 at 11:50
Gilles
503k1189951522
I tried changing/etc/login.defsUMASK value to 002, but no luck - same permissions as before (detailed in question).
– a coder
May 18 at 14:00
Also tried editing/etc/ssh/sshd_configwith Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.
– a coder
May 18 at 14:06
add a comment |Â
up vote
2
down vote
SFTP does not go through a login shell at all. It's directly managed by the SSH server. If the umask you expect is set by /etc/profile, ~/.profile, ~/.bashrc or some other shell initialization file then it doesn't apply to SFTP.
You can set an umask through the PAM module pam_umask. The setting for the SSH server will apply to both SSH shell sessions (unless overridden by a shell initialization file) and SFTP sessions.
You can also set the umask for SSH specifically by editing the Subsystem sftp line of /etc/sshd_config to pass the -u option to sftp-server.
answered May 18 at 11:50
Gilles
503k1189951522
I tried changing/etc/login.defsUMASK value to 002, but no luck - same permissions as before (detailed in question).
– a coder
May 18 at 14:00
Also tried editing/etc/ssh/sshd_configwith Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.
– a coder
May 18 at 14:06
add a comment |Â
up vote
2
down vote
up vote
2
down vote
SFTP does not go through a login shell at all. It's directly managed by the SSH server. If the umask you expect is set by /etc/profile, ~/.profile, ~/.bashrc or some other shell initialization file then it doesn't apply to SFTP.
You can set an umask through the PAM module pam_umask. The setting for the SSH server will apply to both SSH shell sessions (unless overridden by a shell initialization file) and SFTP sessions.
You can also set the umask for SSH specifically by editing the Subsystem sftp line of /etc/sshd_config to pass the -u option to sftp-server.
answered May 18 at 11:50
Gilles
503k1189951522
SFTP does not go through a login shell at all. It's directly managed by the SSH server. If the umask you expect is set by /etc/profile, ~/.profile, ~/.bashrc or some other shell initialization file then it doesn't apply to SFTP.
You can set an umask through the PAM module pam_umask. The setting for the SSH server will apply to both SSH shell sessions (unless overridden by a shell initialization file) and SFTP sessions.
You can also set the umask for SSH specifically by editing the Subsystem sftp line of /etc/sshd_config to pass the -u option to sftp-server.
answered May 18 at 11:50
Gilles
503k1189951522
answered May 18 at 11:50
Gilles
503k1189951522
answered May 18 at 11:50
Gilles
503k1189951522
answered May 18 at 11:50
Gilles
503k1189951522
503k1189951522
I tried changing/etc/login.defsUMASK value to 002, but no luck - same permissions as before (detailed in question).
– a coder
May 18 at 14:00
Also tried editing/etc/ssh/sshd_configwith Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.
– a coder
May 18 at 14:06
add a comment |Â
I tried changing/etc/login.defsUMASK value to 002, but no luck - same permissions as before (detailed in question).
– a coder
May 18 at 14:00
Also tried editing/etc/ssh/sshd_configwith Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.
– a coder
May 18 at 14:06
I tried changing
/etc/login.defs UMASK value to 002, but no luck - same permissions as before (detailed in question).– a coder
May 18 at 14:00
I tried changing
/etc/login.defs UMASK value to 002, but no luck - same permissions as before (detailed in question).– a coder
May 18 at 14:00
Also tried editing
/etc/ssh/sshd_config with Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.– a coder
May 18 at 14:06
Also tried editing
/etc/ssh/sshd_config with Subsystem sftp internal-sftp -u 0022, restarted sshd service, still same permissions issue.– a coder
May 18 at 14:06
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f444454%2fwhy-is-umask-ignored-when-uploading-files-over-sftp%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
What umask are you specifying with the
-uoption of the server? Does it support-u?– ajeh
May 17 at 21:35
I don't follow. Are you saying I should pass a separate umask with the sftp options?
– a coder
May 18 at 2:49
Where is your
umaskset? In the shell startup files? I can't remember ifsftpis started through the shell on the server, but even if it is, it's a non-interactive shell, and your shell probably doesn't read the usual startup files in that case. So any changes toumaskthere won't be visible to thesftpserver– ilkkachu
May 18 at 6:09
2
@ilkkachu SFTP does not go through the login shell at all (unlike anything else using SSH).
– Gilles
May 18 at 11:41