plugout.net

[Benaslan]

Hey guys,

I'm currently backing up via SSH into a share in /share/1000/name
However, those files can only be edited by Unix user\root. At least I can copy them over to my PC for example, but editing on the share with a user I set before would be nice.

Am I missing something? What do you suggest?

Regards from germany!

[fvdw]

if you back them up via ssh (why do that it is very slow because of encryption)
yes then owner will be root and only root will have r/w access other users will only have read access.
The samba server handling access rights for samba users cannot override that
To change that you need to change the privileges on the folder

Code: Select all

chmod -r 777 /share/1000/name/ *

or in case you do not wan to set executable flag

Code: Select all

chmod -r 555 /share/1000/name

This will set Linux privilges to r/w for all users but the samba server will control actual access to the files as set in user rights of the samba server

[Benaslan]

Backing up via sftp is safe from ransomware! Speed is at about 15MBit/s, I think thats more than enough. It used on home used computers only, so theres not much high capacities to be transfered.

Is there a way to set multiple ssh users? As now it's only root.

So editing (for example deleting a file) is only possible by a ssh terminal?

Is there a recommendation for my use case? As ransomware is able to spread over network shares since the account information is stored in windows for those shares, it's not safe to back up into a smb share. So I figured sftp is a nice solution for that

What does excecutable flag mean?

[fvdw]

So editing (for example deleting a file) is only possible by a ssh terminal?
Is there a recommendation for my use case? As ransomware is able to spread over network shares since the account information is stored in windows for those shares, it's not safe to back up into a smb share. So I figured sftp is a nice solution for that

if you have uploaded them via ssh yes, as they are stored by user root.
But you could use the ftp server in the firmware, it supports ftps and sftp protocols. By doing that all your problems are solved I guess

What does executable flag mean?

It means the file can be executed (run as program), iof course it must be have executable content, like shell scripts or c compiled programs

[Benaslan]

If I set a folder to

Code: Select all

chmod -r 777 /share/1000/name/ *

Will via ssh/sftp written files adopt that? Or do I have to do that every once in a while?

[fvdw]

Yes all new files you store via ssh will get the default privileges meaning rw for root and read only for others
Ps the command is

Code: Select all

chmod -r 777 /share/1000/name/*

The space in front of * should be removed, sorry my type fault

[Benaslan]

Perfect, thank you!