The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SFTP - Incorrect upload permissions

Discussion in 'EasyApache' started by verdon, Aug 23, 2016.

Tags:
  1. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    When uploading new files and directories to the server, via SFTP logged in as a normal cpanel user, on a brand-new server 'CENTOS 6.8 x86_64 standard WHM 58.0 (build 23)' it seems that default permissions are wrong. The original files/dirs are all 644/755. When I upload with my GUI client (Transmit on Mac) the directories are being made group writeable but the files are ok (644/775), causing problems with suphp of course. Anecdotally, I believe I have a client using WS-FTP Pro on Windows, where files and dirs are being made group writeable (664/775). I need to verify that again.

    I did some searching and had a look at /etc/bashrc and it looks correct. I sure haven't touched it.

    # By default, we want umask to get set. This sets it for non-login shell.
    # Current threshold for system reserved uid/gids is 200
    # You could check uidgid reservation validity in
    # /usr/share/doc/setup-*/uidgid file
    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
    else
    umask 022
    fi


    Any suggestion where else I might look?
     
  2. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Sorry, I was wrong about that... both clients are uploading files correctly but are both adding the g+w to directories.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you verify if you were able to determine if the issue is isolated to specific SFTP clients? If so, does the issue persist when using an alternate SFTP client such as FileZilla?

    Thank you.
     
  4. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    I can verify that it is happening with Transmit on MacOS (all up to date) and with up to date WS_FTP Pro on Win7, with using SFTP protocol. I'll try FileZilla on Mac shortly and see if I can get someone to try FileZilla on Win for me, and report back asap.

    Thanks
     
  5. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    It is happening with FileZilla on Mac also... I'm waiting for a Windows tester.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    It looks like this is a bug. Here's a quote from case EA-4868 regarding this issue:

    I'll update this thread with more information on the status of this case as it becomes available. In the meantime, you can workaround this issue by changing the umask values in the following section of /etc/profile from "002" to "022":

    Code:
    # By default, we want umask to get set. This sets it for login shell
    # Current threshold for system reserved uid/gids is 200
    # You could check uidgid reservation validity in
    # /usr/share/doc/setup-*/uidgid file
    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
        umask 022
    else
        umask 022
    fi
    Thank you.
     
  7. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Thanks for this information. I've updated these values in /etc/profile and /etc/bashrc, restarted service sshd and started a new session in my sftp client, but am still getting 644/775 on files/dirs. Note that the files are correct. It's just the dirs.

    Am I missing anything?
    Thanks.
     
  8. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Oops. I'm still getting inconsistent results on this. I am getting 644/775 when I test. My client is getting 664/775.
     
  9. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Just a quick update... with the patch above, and after waiting a couple hours, upload permissions are correct with both Mac clients I can test with. I'm waiting for someone else to report on their Window's clients test.
     
  10. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Tested and verified with a couple Window's clients now, that the work-around is doing the job.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I'm happy to see the workaround helped. I'll update this thread again when a resolution is published.

    Thanks!
     
  12. borayeris

    borayeris Member

    Joined:
    Jan 28, 2015
    Messages:
    13
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    It happens to me after I upgrade EasyApache4. It has been 3 months and still not fixed. Shame on you cPanel.
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    There's no new update to report at this time, however this forum thread is linked to the case. I'll update this thread once the case is updated. In the meantime, let us know if you have any trouble with the recommended workaround.

    Thank you.
     
  14. borayeris

    borayeris Member

    Joined:
    Jan 28, 2015
    Messages:
    13
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    This doesn't work. I did sshd restart. Also tried reboot.
     
  15. borayeris

    borayeris Member

    Joined:
    Jan 28, 2015
    Messages:
    13
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    I found the solution.

    In this file "/etc/ssh/sshd_config"

    I find this particular line :

    Subsystem sftp /usr/libexec/openssh/sftp-server

    Changed to

    Subsystem sftp /usr/libexec/openssh/sftp-server -u 022

    After sshd restart it worked perfect.
     
    cPanelMichael likes this.
  16. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...
Similar Threads - SFTP Incorrect upload
  1. mariusfv
    Replies:
    2
    Views:
    93

Share This Page