1. sftp
2. scp
3. ssh hostname
4. ssh hostname program
The difference between 3. and 4. is that the former starts a shell which usually reads the/etc/profile information while the latter doesn't.
In addition by reading this post I've became aware of the -u option that is present in newer versions of
OpenSSH.
However this doesn't work.
I must also add that /etc/profile now includes umask 0027.
Going point by point:
sftp - Setting -u 0027 in sshd_config as mentioned here, is not enough
It's quite easy to force environments variables in an SSH session, since /etc/profile, /etc/bash.bashrc etc. are read. But when you launch commands with SSH without opening a session, these files are not parsed, so it gets harder to set the environment.
So it can be useful to know that /etc/environment is read by SSH as well as login.
The format is "VARIABLE=VALUE" for each line.
In my case, I needed to force TMPDIR to "/var/lib/gforge-dop/chroot/tmp" so I just put "TMPDIR=/var/lib/gforge-dop/chroot/tmp" in /etc/environment and it worked :)
The umask is not an environment variable; it is a property of the process and has to be set by a system call.
---------------------------------------------------------------------------------------------------------
Solaris 11
http://docs.oracle.com/cd/E26502_01/html/E29042/ssh-config-4.html#REFMAN4ssh-config-4
Solaris 10
http://docs.oracle.com/cd/E26505_01/html/816-5174/sshd-config-4.html#REFMAN4sshd-config-4
---------------------------------------------------------------------------------------------------------
Hello Pankaj,
As per our conversation, it is not possible to set umask per user in S10 with sftp .
This feature is only available in S11.
This feature is only available in S11.
Here is the RFE/bug filed:
6803109: Add option for sftp/scp server to set a default umask
It was addressed in S11 and not in S10.
Customer transfers files and changes umask on sftp server is the workaround or upgrade system to S11.
Regards,
Oracle
Solaris and Network Domain, Global Systems Support
Phone: +1 800-223-1711
Oracle Global Customer Services
No comments:
Post a Comment