Home / server / Questions / 145812
In Process
Bram Schoenmakers
Asked: 2010-05-28 03:13:04 +0800 CST

pure-ftpd: one readonly/non-deletable file in home directory

  • 772

Is there a way to have a file in the user's FTP home directory without the ability to modify/remove it from that directory over FTP?

So the user has write permissions on his own home folder, thus the ability to remove files. An exception should be made for a single file, which has the same filename and contents for each account.

The solution I'm thinking of right now to run a periodic script to check the presence of that file, and if not, put it back. But I wonder whether there's a better solution than this.

ftp

3 Answers

  1. What filesystem do you have? You can try setting immutable attribute on that file

    chattr +i filename
    • 1

  2. As stated, a file can be removed if you have write permission on the directory where it resides. However, you cannot remove a directory if it isn't empty, even if you have write permission on the parent directory. Thus, this hack should work:

    mkdir protected
touch protected/test
sudo chown -R root:root protected
sudo chmod -R 755 protected

    Now if you try to remove file:

    $ rm protected/test 
rm: remove write-protected regular empty file `protected/test'? y
rm: cannot remove `protected/test': Permission denied

    And if you try to remove the directory:

    $ rm -R protected
rm: descend into write-protected directory `protected'? y
rm: remove write-protected regular empty file `protected/test'? y
rm: cannot remove `protected/test': Permission denied
    • 1

  3. Set the owner and group of the file to root and make it world readable:

    chown root:root filename
chmod 664 filename
    • -1