Can a umask be set on a user without Shell Access

Glen Turner glen.turner at aarnet.edu.au
Wed Dec 11 15:01:58 CST 2002


Michael Selge wrote:
> I'm hoping there is a way to set a umask for a user that has no Shell
> access.
> The user is a member of the "intranet" publishing group but has no a
> /bin/true shell.
> 
> They access the Intranet Files and folders by a SAMBA share. I've used
> setgid on the root intranet folder, so that all files created there are
> owned by the group "intranet", but I want the files that these non-shell
> users create, to have Write permissions for other members of the intranet
> publishing group.
> 
> Is there is a better way this can be achieved.

[intranet]
  force user=apache
  force group=intranet
  force create mode=0662
  force directory mode=0775

Note the need for "apache" to have read/write access to
the files if you want Apache's mod_dav to work as well as
Samba.  mod_dav runs as the not-at-all special "apache" user

I'd suggest using DAV rather than Samba to maintain a web site,
as you get locking (more like a RCS lock than a file lock, a
way of indicating that you are going to update the file).

There's getting to be some very nice tools.

DAV can create symlinks and write CGI files, Samba can't.

If you enable "index.asis" files either can do a Redirect.

Both can create .htaccess files.  You might want to supply
a library of access control files rather than rely on
users getting the syntax right.  They can them symlink
to the appropiate file in the library.

If you're going to use DAV then only allow DAV over SHTTP,
otherwise you'll get plain text passwords.  DreamWeaver
won't do DAV over SHTTP, although the documentation
says it does.

DAV used to be a user interface nightmare.  But Windows'
web folders seem to have addressed most of that.

-- 
  Glen Turner                (08) 8303 3936 or +61 8 8303 3936
  Australian Academic and Research Network   www.aarnet.edu.au

-- 
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject



More information about the linuxsa mailing list