Situation:
Group A
requires access to /path/to/dir/foo
to upload files through ssh or ftp, but the directory in question: /path/to/dir/foo
is owned by group B
(if you'd like: /path
is recursively owned by B
), which should stay this way, for security reasons.
My attempt for a solution:
I create a symbolic link to /home/A
, which A
owns. Next, I grant permissions so A
can access the symlink:
sudo ln -s /path/to/dir/foo /home/A/foo
sudo chown -h A:A /home/A/foo
I figured that /path/to/dir/foo
should at least be owned by a group that A
is part of:
sudo addgroup C
sudo useradd -G C A
sudo chown -R B:C /path/to/dir/foo
sudo chmod -R 774 /path/to/dir/foo
After doing all that, I connected through an FTPS client as user A
and changed directory to: /home/A
. To my surprise the symlink is not visible, which is odd, because the proFTPd is set up to show symlinks.
I also tried connecting through SFTP to the same directory. This time the symlink was visible, but when I tried to access it, I got the following prompt:
Cannot open remote file '/path/to/dir/foo'.
Permission denied.
Error code: 3
Error message from server: Permission denied
That leaves me with little to no alternatives, since this was the easiest solution I could think of.
Desperate attempt:
I granted global permissions to /path/to/dir/foo
, but I still couldn't access the symlink foo
in /home/A
as user A
. Meaning: ls -l /path/to/dir/foo
would print -rwxrwxrwx
.
Question:
How do I create a symlink /home/A/foo
which points to /path/to/dir/foo
. Which A
can access, despite /path/to/dir/foo
being mostly owned by user:group B
(/path
is owned by B
) ?