From 7c075db73196fe2a91b721c91a2195bb1bbba0d7 Mon Sep 17 00:00:00 2001
From: Marius Raes <mariusraes@Mariuss-MacBook-Air.local>
Date: Thu, 19 May 2022 18:56:11 +0200
Subject: [PATCH] ownership shared

---
 source/orchestrationLogic/HEAT/fileserver.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/source/orchestrationLogic/HEAT/fileserver.sh b/source/orchestrationLogic/HEAT/fileserver.sh
index 1b94a39f..15951862 100644
--- a/source/orchestrationLogic/HEAT/fileserver.sh
+++ b/source/orchestrationLogic/HEAT/fileserver.sh
@@ -19,9 +19,8 @@ mkdir /opt/data/shared
 # this directory should be owned by root for security reasons
 # http://lists.mindrot.org/pipermail/openssh-unix-dev/2009-May/027651.html
 chown root:root /opt/data
-chmod u=rwx,g=rx,o=rwx /opt/data
+chmod 755 /opt/data
 
-sudo service smbd restart
 
 # Everything below is based on the great top answer for this stack exchange question
 # https://unix.stackexchange.com/questions/503312/is-it-possible-to-grant-users-sftp-access-without-shell-access-if-yes-how-is-i
@@ -30,6 +29,11 @@ sudo service smbd restart
 addgroup --system allowssh
 addgroup --system sftponly
 
+chown <owern>:allowssh /opt/data/shared
+chmod 775 /opt/data
+
+sudo service smbd restart
+
 # creates a user with no no password
 # /sbin/nologin is not needed but is done just to be safe
 adduser --disabled-password --gecos "" --home /home/project_owner <owner>
-- 
GitLab