Multiple users with single persistency

Question

Multiple users with single persistency

ilkinmammadzada opened this issue 4 years ago · 4 comments

We would like create multiple users, multiple directory and single persistency. Users should share direcotories ans inside files. But the result was different. Directories was created in every users' folder separately. Could you please help?

Our helm command:
helm install sftp
--namespace=sftp
--set image.tag=latest
--set configuration.Global.Directories="{foldera,folderb,folderc}"
--set configuration.Users[0].Username=userx
--set configuration.Users[0].Password=abkft
--set configuration.Users[0].Chroot=%h
--set configuration.Users[1].Username=usery
--set configuration.Users[1].Password=iij3j
--set configuration.Users[1].Chroot=%h
--set storage.volumes[0].name=sftp-data
--set storage.volumes[0].persistentVolumeClaim.claimName=pvc-sftp
--set storage.volumeMounts[0].name=sftp-data
--set storage.volumeMounts[0].mountPath=/home/userx
Emberstack/sftp

Answer 1 · 2020-12-17T12:03:55.000Z

@ilkinmammadzada - You cannot do this directly due to how sftpd with chroot work.
In order to achieve the above you need to do the following:

Create a volume that contains all the "other" user data
Mount the volume in the "admin" user's "sftp" directory as a subdirectory (ex: /home/admin/sftp/users/)
Create hook script that sets the permissions for the /users/ directory to allow admin to read/write when the admin logs in or when sftp starts (see hooks) part of configuration. (example: create a onStartup.sh and use setfacl -m u:parent:rw /home/admin/sftp/users/user1 so the parent can r/w in the child directory)

All the above are required because sftpd with chroot has very strict permission rules in order to ensure security, but also because the files created by the normal users have to have the right permissions in order for them to access them later on.
You can also create multiple groups and assign users to the "users" group and "admin" to the admin group and set the file/directory permissions on groups.

Answer 2 · 2020-12-24T17:53:26.000Z

Hello,
i have the same issue
cloud you share an exemple of hook script to set the permission for the parent or the values.yaml file.

Answer 3 · 2020-12-31T19:08:31.000Z

Automatically marked as stale due to no recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 4 · 2021-01-09T15:07:30.000Z

Automatically closed stale item.