YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1384 from YunoHost/enh-conserver-group-permission-in-sftp

Browse source 
[enh] Tweak umask for SFTP
This commit is contained in:
Alexandre Aubin 2024-08-16 00:45:35 +02:00 committed by GitHub
commit 31d10079c7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
conf/ssh/sshd_config
View file

@ -84,7 +84,7 @@ Subsystem sftp internal-sftp
# Apply following instructions to user with sftp perm only # Apply following instructions to user with sftp perm only
Match Group sftp.main,!ssh.main Match Group sftp.main,!ssh.main
ForceCommand internal-sftp ForceCommand internal-sftp -u 0002
# We can't restrict to /home/%u because the chroot base must be owned by root # We can't restrict to /home/%u because the chroot base must be owned by root
# So we chroot only on /home # So we chroot only on /home
# See https://serverfault.com/questions/584986/bad-ownership-or-modes-for-chroot-directory-component # See https://serverfault.com/questions/584986/bad-ownership-or-modes-for-chroot-directory-component
@ -97,7 +97,7 @@ Match Group sftp.main,!ssh.main
PermitUserRC no PermitUserRC no
Match Group sftp.app,!ssh.app Match Group sftp.app,!ssh.app
ForceCommand internal-sftp ForceCommand internal-sftp -u 0002
ChrootDirectory %h ChrootDirectory %h
AllowTcpForwarding no AllowTcpForwarding no
AllowStreamLocalForwarding no AllowStreamLocalForwarding no