sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

FTP server with users

Mon Apr 04, 2016 2:18 pm

Hello everyone, I'm riding an FTP server on a Raspberry Pi 2 Rasobian OS. I used the ProFTPD software but I have a doubt. I want to share a directory with multiple users. I have a user1 and user2, the question I have is how to modify the permissions of these users, for example user1 have all permissions in that directory and user2 only has write permissions.

Thanks everybody :D

User avatar
DougieLawson
Posts: 37703
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: FTP server with users

Mon Apr 04, 2016 5:30 pm

Add each user to a special group (in my example it's called newgroup) with addgroup newgroup; usermod -a -G newgroup user1; usermod -a -G newgroup user2;

Use chown user1.newgroup /home/user1/directory1; chown user2.newgroup /home/user2/directory2 then set the group permissions with chmod 770 /home/user1/directory1; chmod 770 /home/user2/directory2 and both users can write to both of those directories.

BTW, don't ever open FTP to the public internet, it is 100% completely & totally insecure.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 5:45 pm

Thanks for the repply, but i do not want two directories.
I want to share one only directory. In which user1 has all permission and user2 only has read permission.

Example:
Directory: /media/hard.drive/photos

So, in this directory user1 has all permission (He can add, delete, see, move photos) and user2 only has read permission (user2 only can see photos, but he cant do any more)

And i do not know how can i do that...

User avatar
DougieLawson
Posts: 37703
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: FTP server with users

Mon Apr 04, 2016 6:09 pm

Same thing, add user2 & user1 to a new group, chmod the directory so that the owner is user1 and the group is that new one, chmod it with 770 so that both the owner and the group can read & write files in there.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 6:18 pm

I do not understand fine...
If I add user1 and user2 to the same group, both of them have the same permissions...And i want that de user1 has every permission and user2 only read permissions...

Sorry...but i do not know what to want to mean :|

User avatar
DougieLawson
Posts: 37703
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: FTP server with users

Mon Apr 04, 2016 6:46 pm

I've added two new users

Code: Select all

[email protected] /home # ls -la user*
user1:
total 20
drwxr-xr-x  2 user1 user1   72 Apr  4 19:33 .
drwxr-xr-x 25 root  root  4096 Apr  4 19:33 ..
-rw-r--r--  1 user1 user1  220 Apr  4 19:33 .bash_logout
-rw-r--r--  1 user1 user1 3515 Apr  4 19:33 .bashrc
-rw-r--r--  1 user1 user1 3279 Apr  4 19:33 .bashrc.dgl
-rw-r--r--  1 user1 user1  675 Apr  4 19:33 .profile

user2:
total 20
drwxr-xr-x  2 user2 user2   72 Apr  4 19:33 .
drwxr-xr-x 25 root  root  4096 Apr  4 19:33 ..
-rw-r--r--  1 user2 user2  220 Apr  4 19:33 .bash_logout
-rw-r--r--  1 user2 user2 3515 Apr  4 19:33 .bashrc
-rw-r--r--  1 user2 user2 3279 Apr  4 19:33 .bashrc.dgl
-rw-r--r--  1 user2 user2  675 Apr  4 19:33 .profile
[email protected] /home #

Code: Select all

[email protected] /home # addgroup ftpusers
Adding group `ftpusers' (GID 1003) ...
Done.
[email protected] /home #
Add both users to the new group

Code: Select all

[email protected] /home # usermod -a -G ftpusers user1
[email protected] /home # usermod -a -G ftpusers user2
[email protected] /home #
Update user1's home directory to be accessible by user2

Code: Select all

[email protected] /home # chgrp ftpusers -R /home/user2/
[email protected] /home # ls -la /home/user2
total 20
drwxrwx---  2 user2 ftpusers   72 Apr  4 19:33 .
drwxr-xr-x 25 root  root     4096 Apr  4 19:33 ..
-rwxrwx---  1 user2 ftpusers  220 Apr  4 19:33 .bash_logout
-rwxrwx---  1 user2 ftpusers 3515 Apr  4 19:33 .bashrc
-rwxrwx---  1 user2 ftpusers 3279 Apr  4 19:33 .bashrc.dgl
-rwxrwx---  1 user2 ftpusers  675 Apr  4 19:33 .profile
[email protected] /home #
Then I can log on as user1 and create a file in /home/user2

Code: Select all

login as: user1
Server refused our key
[email protected]'s password:
[email protected]:~$ cd /home/user2
[email protected]:/home/user2$ touch file.owned.by.user1
[email protected]:/home/user2$ ls -la
total 20
drwxrwx---  2 user2 ftpusers   98 Apr  4 19:39 .
drwxr-xr-x 25 root  root     4096 Apr  4 19:33 ..
-rwxrwx---  1 user2 ftpusers  220 Apr  4 19:33 .bash_logout
-rwxrwx---  1 user2 ftpusers 3515 Apr  4 19:33 .bashrc
-rwxrwx---  1 user2 ftpusers 3279 Apr  4 19:33 .bashrc.dgl
-rw-r--r--  1 user1 user1       0 Apr  4 19:39 file.owned.by.user1
-rwxrwx---  1 user2 ftpusers  675 Apr  4 19:33 .profile
[email protected]:/home/user2$
Then I can make it usable by user2

Code: Select all

[email protected]:/home/user2$ chgrp ftpusers file.owned.by.user1
[email protected]:/home/user2$ ls -la
total 20
drwxrwx---  2 user2 ftpusers   98 Apr  4 19:39 .
drwxr-xr-x 25 root  root     4096 Apr  4 19:33 ..
-rwxrwx---  1 user2 ftpusers  220 Apr  4 19:33 .bash_logout
-rwxrwx---  1 user2 ftpusers 3515 Apr  4 19:33 .bashrc
-rwxrwx---  1 user2 ftpusers 3279 Apr  4 19:33 .bashrc.dgl
-rw-r--r--  1 user1 ftpusers    0 Apr  4 19:39 file.owned.by.user1
-rwxrwx---  1 user2 ftpusers  675 Apr  4 19:33 .profile
[email protected]:/home/user2$ chmod 770 file.owned.by.user1
[email protected]:/home/user2$
Now I can write to the file using user2

Code: Select all

login as: user2
Server refused our key
[email protected]'s password:
Last login: Mon Apr  4 19:43:47 2016 from dhcp-10-1-1-75.darkside-logic.bogus
[email protected]:~$ echo "This file was written by user2" >> file.owned.by.user1
[email protected]:~$
and read that back from user1

Code: Select all

[email protected]:/home/user2$ cat file.owned.by.user1
This file was written by user2
[email protected]:/home/user2$

The only thing you'll need to change in your FTP set-up is the umask values so that all files default to have 770 permission bits.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 7:32 pm

I am going to try this...
But I see so difficult...
And for example, if I create two gruops. group1 for user1 and group2 for user2.
How can I do permission to a group?
So, for example the directory /media/hard.drive/photos
In this directory can access the users of group1 and group2 but with a conditional:
The users of group1 have all permission in this directory and the users of group2 only has read permission.
How can I give differents permission to a differents groups?

Thank you so much. Now, I understand better.

Dutch_Master
Posts: 362
Joined: Sat Jul 27, 2013 11:36 am

Re: FTP server with users

Mon Apr 04, 2016 8:01 pm

Set the file permissions for stuff owned by user1 to 744. This allows the owner to see/change and execute files and programs in that directory, but others (even if member of the same group) can only see it. If access is restricted only to group members, use 740 for file permissions*.

Urgently consider SFTP if this server is publicly accessible!!! (i.e. via the internet) :o

*file permissions are set with the chmod command. Read the man page for further details. Basic usage;

Code: Select all

chmod 740 file1,file2,file3,.... etc

User avatar
DougieLawson
Posts: 37703
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: FTP server with users

Mon Apr 04, 2016 8:06 pm

Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 8:08 pm

SFTP? I am using proSFTd software.
I would like to share public the server in the future. To access the server from any network not only from my local network...

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 8:11 pm

I have readed what you said...But it is so difficult for me...I am newbie in networks....And I have to do this server for my class proyect, to learn more about networks.

And, where I should do the changes of permission? In the the directory or in the group?

Where can I see the differents kinds of permission?

Dutch_Master
Posts: 362
Joined: Sat Jul 27, 2013 11:36 am

Re: FTP server with users

Mon Apr 04, 2016 8:23 pm

Given your level of inexperience, DO NOT attempt to put that FTP server on the internet! You'll be hacked in hours :roll:

First step: learn about Linux, networks and how to secure them. Google will find you suitable tutorials to study.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Mon Apr 04, 2016 8:27 pm

Dutch_Master wrote:Given your level of inexperience, DO NOT attempt to put that FTP server on the internet! You'll be hacked in hours :roll:

First step: learn about Linux, networks and how to secure them. Google will find you suitable tutorials to study.
Yes, I Know...First of all i want to configure the server fine. With users and differents permissions. After that, and when de server is run, I will do more secure the server...But the first step is cofigure it for local network

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Tue Apr 05, 2016 10:03 am

I have founded the differents kind of permissions:
GNU / Linux.
So we have execute permissions, reading and writing, establishing three types of users:

Owner: It is usually the person who created or uploaded the file to the server FTP.
Group: Refers to a group of users who probably belongs propietario.
Others: Are all other anonymous users or who do not belong to the group indicated .To set permissions there is an algorithm, which assigns values ​​to the type of access you want to give each user type.

4 = read
2 = wite
1 = run
The permissions are assigned according to the sum of the types described above. For example:

6 (4 + 2) = read and write
5 (4 + 1) = read and run
3 (2 + 1) = write and run
7 (4 + 2 + 1) = read, write and run
The combinations are given in the following order: owner group and users.

For example: 755, provides read, write and execute the owner, and group and other grants execute permissions and reading.
Now...I understand the permission. So, with the comand chgrp I can change the permission of each group and give the permission that i want?

Thank you so much!!

Slackware
Posts: 131
Joined: Mon Jan 18, 2016 3:45 pm

Re: FTP server with users

Tue Apr 05, 2016 11:54 am

another trick I did years ago was to make the anonymous directory sticky to a special group. That way the user could upload a file via ftp, but it would immediately disappear. I of course access the uploads under the special group.
The only drawback was they couldn't see it to delete once uploaded. but that was back when ftp was still used. like they say SFTP.


but 640 is what you are after. unless you want to execute files which shouldn't be the case. user = rw group=r all=

You can use ONE group ftpaccess, make directory owner of one user account. then user can write, and group can read.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Tue Apr 05, 2016 3:48 pm

I cant!!! I am desperate...
Because I have shared a folder, and this folder have two groups.
But I want that the users of group2 only has read permission and they cant delete files, only see it.
But the users of group1 have all permission to read, write and execute...

java
Posts: 226
Joined: Mon Jul 21, 2014 9:41 am

Re: FTP server with users

Tue Apr 05, 2016 5:51 pm

I ran an anonymous ftp server for years on the internet, upload directory was a USB memory stick, with a 32 megabyte partion, write but no read permissions, other directories had only read permissions - only had odd problem of someone trying to upload large files to my "little" upload directory, and have them run out of space fast, which was a minor inconvenience.

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Tue Apr 05, 2016 5:55 pm

java wrote:I ran an anonymous ftp server for years on the internet, upload directory was a USB memory stick, with a 32 megabyte partion, write but no read permissions, other directories had only read permissions - only had odd problem of someone trying to upload large files to my "little" upload directory, and have them run out of space fast, which was a minor inconvenience.
What I want is share a one only directory which various users and each users have different permissions in this directory...
And I dont know howwww....
I am crazy jejeje

sergio279
Posts: 20
Joined: Mon Jan 18, 2016 8:45 pm

Re: FTP server with users

Thu Apr 07, 2016 10:00 pm

Please...I need help.
I want to give permissiom user by user...
I only want to share one directory to all of users, but the most difficult thing is that some users have to have all permission and others users only have read permission...Please I need to do that...
If it necessary i can change de software of the server, i am using proSftp but i can test with vsftpd or anyone which you recommend me...

Thank so much everybody!

Return to “Networking and servers”