diff --git a/source/orchestrationLogic/HEAT/fileserver.sh b/source/orchestrationLogic/HEAT/fileserver.sh index 1b94a39f68ad0f396cd906c9773ce6e074f8dda3..15951862634cd795e02d68ed9c20f48c42d2e18e 100644 --- a/source/orchestrationLogic/HEAT/fileserver.sh +++ b/source/orchestrationLogic/HEAT/fileserver.sh @@ -19,9 +19,8 @@ mkdir /opt/data/shared # this directory should be owned by root for security reasons # http://lists.mindrot.org/pipermail/openssh-unix-dev/2009-May/027651.html chown root:root /opt/data -chmod u=rwx,g=rx,o=rwx /opt/data +chmod 755 /opt/data -sudo service smbd restart # Everything below is based on the great top answer for this stack exchange question # https://unix.stackexchange.com/questions/503312/is-it-possible-to-grant-users-sftp-access-without-shell-access-if-yes-how-is-i @@ -30,6 +29,11 @@ sudo service smbd restart addgroup --system allowssh addgroup --system sftponly +chown <owern>:allowssh /opt/data/shared +chmod 775 /opt/data + +sudo service smbd restart + # creates a user with no no password # /sbin/nologin is not needed but is done just to be safe adduser --disabled-password --gecos "" --home /home/project_owner <owner>