User with dba privileges = test
drwxrwxrwx test dba 4.0K Jul 16 09:38 test
Files and folders permission of the base directory (test) for application is 777
chmod –R 777 test
Someone has deleted a folder with test user. Luckily I had a backup copy of the same so the issue was resolved.
I need to know is it possible to create a new user for FTP purpose so that a user can only read and can place reports but will not be able to delete or change locations of any file.
You create the unix user with "ftp" any other name and group "ftp" or another name.
Give 775 permission to test
chmod –R 775 test
chmode 777 inbound
Ask user to keep inputfile in "inbound" folder. We already given 775 for all files uder test so user can read all files.
Also set "umask 022" in test user .pfile. So ,newly created file also have same permissions 775 under user test.
If they want to move reports from 'new ftp user' to Report folder of 'test user' is it possible?
Also do the application will able to execute the report even though it has been placed by different ftp user.
They can copy the report to 'new ftp users" folder but they can not copy to Report folder for that you need to give 777 permission to Report folder
or using test user you need to copy to Report folder.
Report will execute no issues for that.
Commands used earlier were
useradd -g dba test
chmod –R 777 hyper
chown -R test:dba hyper
Now I need to create a new user for FTP purpose only so that a user can only read and can place files/reports but will not be able to delete or change locations of any file.
Please help me with commands as I feel that i have to change the earlier 777 permission also.
Unix, unlike some other operating systems, does not have a specific delete privilege in the standard file permission repertoire. It might be enough to set a SUID sticky bit on the directory, so that it works similar to /tmp, where users have the permission to delete or write their own files, but not those of others, for instance:
chmod 1777 /ftp/upload
If you need more control, you will have to configure and enable ACL on the filesystem.
Some of the access restriction options are typically governed by your ftp server configuration, for instance /etc/vsftpd/vsftpd.conf. You may also check the ftpd_selinux man page, in case you are using ftpd. Since you don't tell us what you are using, no further help can be provided.
Hello all Oracle Gurus,
While creating a clone I gave 777 permission to every folder (chmod -R 777 TEST) as I was facing permission errors during cloning.
Our Application main folder is TEST which have all tops and tier in it (apps, inst).
For FTP we are using oracle user which has 777 permission on each file (chown -R appl:dba TEST).
We are using this user for ftp and accidently deleted one folder.
I am looking if it is possible to create additional ftp user who can drop files in required folders e.g. AU_TOP but can not delete or modify anything from any location.
Thanks in advance.
Perhaps you can use the following permission:
mkdir -m 2733 /home/ftp/upload
It's a typical dropbox, which allows anyone to write files, but not to modify or download. It sets the group ownership on all files to "nogroup." However, it will also not allow users to get a directory listing.
Your configuration options and possibilities will depend on your FTP server software, which is typically not limited to setting filesystem permissions only and provides its own security mechanism to the client. Unless you tell us what you are using...