Linux FTP/SSH Permissions

Solution 1:

You definitely want a group for this. I would configure a group for FTP access. Put the users in a group that you want to use for FTP users, and then I suggest the following (assuming the FTP group is called FTP and the base data directory is /ftpdata - change these as needed):

chown -R nobody:ftp /ftpdata
find /ftpdata -type f -exec chmod 664 {} \;
find /ftpdata -type d -exec chmod 2775 {} \;

Here's what you're doing...

chown -R nobody:ftp /ftpdata

This sets the owner to nobody and the group to ftp for every file and directory below /ftpdata.

find /ftpdata -type f -exec chmod 664 {} \;

This command sets every file below /ftpdata to be mode 664, that is read-write for the owner and group, and read-only for everyone else.

find /ftpdata -type d -exec chmod 2775 {} \;

This command sets every directory below /ftpdata to 2775, that is read-write-and-execute for the owner and group, and read-execute for the world, plus any new files created in any of those directories will be owned by the ftp group.

The 2 in 2775 is "Set Group ID" - whenever a new file is created in a directory with that bit set, it makes the group of that file the same as the group that owns the directory. Without that, a user who's primary group is not the ftp group will create files that are owned by another group, and may not be accessible by other members of the group.

Solution 2:

Root SHOULDNT own everything.

Create a group, add your FTP users to the group.

Give the directories and files you want the proper permissions. This command will make the directories and files readable and writeable by the owner and the group, and readable by the world.

chmod -R 764 /the/path/to/files

Google 'Unix File Permissions' and/or 'chmod' for further explanation if this doesn't help.