New directory created via FTP didn't inherit although ACLs for inheritance were set?

Status
Not open for further replies.
scurrier

scurrier

Patron
Joined
Jan 2, 2014
Messages
297
Hello experts,

I have an issue where a new directory that was created via FTP didn't inherit permissions from the parent directory, even though I have inheritance set up in the ACLs of the parent.

Here are the parent's ACLs:
Code:
# owner: root
# group: parents
		owner@:rwxpDdaARWcCos:fd-----:allow
		group@:rwxpDdaARWc--s:fd-----:allow
	   everyone@:r-x---a-R-c---:fd-----:allow


Here are the ACLs of the new directory that was created via FTP:
Code:
# owner: Jenny
# group: parents
	   owner@:rwxp--aARWcCos:-------:allow
	   group@:r-x---a-R-c--s:-------:allow
	   everyone@:r-x---a-R-c--s:-------:allow


Can I get some guidance? I'd like to make it so that any new files or folders that are created will inherit permissions from the parent directory.

Thank you.

(Sorry the permissions strings in my code blocks above are not lined up at the @ sign. Apparently code blocks don't work as expected in this forum. I tried reformatting and previewing them a number of different ways, to no avail.)
 
scurrier

scurrier

Patron
Joined
Jan 2, 2014
Messages
297
Bump now that a holiday is over.

Can I do anything to make this question easier to answer?
 
C

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
We're working on the formatting thing. I had a complaint about it late last week myself and our forum admin has recognized this is a problem and has made it a high priority to figure out a solution.

I haven't tried to do exactly what you are doing in quite some time, but...


1. The FTP server (proftpd) doesn't do ACLs. At all. You're limited to unix permissions and such.
2. I don't believe this will work how you want because of #1.
3. There are ways that you can get ACLs and Unix permissions to work together in very limited combinations, so you may be able to make it work with enough effort, but you'd be on your own to figure out if you can do it for your scenario and if it can be maintained.
4. Even if you can get it to work via #3, I don't believe that inherited permissions will work, but you'd have to try it to see if it works.

I eventually gave up on doing FTP servers with ACLs (it wasn't supposed to work, and if/when it works, it's only because the unix permissions equivalent to your current ACLs happens to work). I now do FTP with unix permissions exclusively and I have only 1 user, so permissions are inconsequential to me. :/
 
scurrier

scurrier

Patron
Joined
Jan 2, 2014
Messages
297
cyberjock said:
We're working on the formatting thing. I had a complaint about it late last week myself and our forum admin has recognized this is a problem and has made it a high priority to figure out a solution.

I haven't tried to do exactly what you are doing in quite some time, but...


1. The FTP server (proftpd) doesn't do ACLs. At all. You're limited to unix permissions and such.
2. I don't believe this will work how you want because of #1.
3. There are ways that you can get ACLs and Unix permissions to work together in very limited combinations, so you may be able to make it work with enough effort, but you'd be on your own to figure out if you can do it for your scenario and if it can be maintained.
4. Even if you can get it to work via #3, I don't believe that inherited permissions will work, but you'd have to try it to see if it works.

I eventually gave up on doing FTP servers with ACLs (it wasn't supposed to work, and if/when it works, it's only because the unix permissions equivalent to your current ACLs happens to work). I now do FTP with unix permissions exclusively and I have only 1 user, so permissions are inconsequential to me. :/
Click to expand...

As always, thanks for your input cyberjock.

I was drawn to FTP because of its streaming nature and how it performs faster than SMB. But perhaps if I must have inheritance then I must use SMB? Seems there's no alternatives that combine the speed of FTP with the power of ACLs.

I'm in a home scenario where I need more complex permissions. I frequently connect via VPN over cellular or wired and FTP was excelling at these higher latency scenarios.
 
Status
Not open for further replies.

Similar threads

F
  • Locked
acl inheritance flags of setfacl
Replies
2
Views
5K
freenasbbs
F
M
  • Locked
SOLVED Windows share not correctly inheriting ACLs
Replies
2
Views
7K
MainUser
M
AaronLS
  • Locked
ACLs missing for created file/folder
Replies
1
Views
2K
dlavigne
D
H
SMB with ACLs: Files Not Visible By Owner... What am I missing?
Replies
10
Views
3K
Hibiki
H
panz
  • Locked
Permissions, extended ACLs and Plex Jail (getfacl)
Replies
2
Views
4K
panz
panz
Top