Swizzling.org

Feed Rss

Linux – Multiple FTP users, same directory, different permissions.

04.01.2009, Linux, by .

Recently somebody asked me how to have a few users able to access the same directory over FTP. But only allow some of them to have read-write access, and let the rest be read-only.

I use vsftp which needs to be modified a little bit for this to work.

edit /etc/vsftp/vsftpd.conf   (on CentOS, your distro may store the .conf somewhere else)

You’ll need to change “local_umask” from 022 to 0007. Save and restart the service

/etc/init.d/vsftpd restart

# Add 2 new groups, one for read only users and the other will be for the read-write guys

groupadd ftp-readonly
groupadd ftp-readwrite

# Create a document store where all FTP users will access once they are logged in. always a good idea to put it in /home

mkdir /home/ftp-docs
chmod 775 /home/ftp-docs/
chown root:ftp-readwrite /home/ftp-docs

# Add the new users

useradd -g ftp-readwrite -d /home/ftp-docs user1
useradd -g ftp-readwrite -d /home/ftp-docs user2
useradd -g ftp-readonly -d /home/ftp-docs user3

# Set the users password

passwd user1
passwd user2

And your done.

The reason you need to change the umask is when a new directory is created by a read-write user the permissions by default don’t give full write-write access, I believe it’s read-only (for other users in the group).

So user1 can create a directory but only user1 can remove it.

One Response to Linux – Multiple FTP users, same directory, different permissions.

  1. thanks :) , I just searched google and landed here :D
    perfect guide..
    whats the significance of changing local_umask to 0007

    thanks :)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>