We have an application running on Win2K and this application ftp files to HP-UX using ftpdc as user id. The files are created in HP-UX with following permissions:

-rw-r----- 1 ftpdc users 968321 Apr 12 22:57 aaaa.txt

There is a job that runs on HP-UX trying to modify this file using the userid "marvin". Marvin and ftpdc belong to different groups. Marvin's job fails since marvin doesn't have permissions to modify the ftp'ed file.

I checked the umask in marvin's .profile. There is no umask defined in .profile.

Case 1: I added umask 000 in the .profile and still didn't work. man pages said that umask 000 is default.

Case 2: I changed the umask 002. Still it didn't work. The files are still coming with insufficient permissions.

Is there anyway I can get files created with rw-rw----Please I need some help.....

Why would changing marvins umask help when this user does not own the file, nor create the file? Why not change the umask of the user ftpdc that created the files to allow people assigned to the same group to read, write the file? Seems as though this would be the easiest approach.

Things aren't quite that simple. When you say "change someone's umask", what exactly do you mean? You probably mean changing a umask command in a start-up file like .profile. That is fine if you are running a shell that reads the script.

But an ftp session doesn't involve a shell. Changing .profile doesn't change anything there.

What to do depends on which ftp server you are running. The standard ftp server delivered with HP-UX has a umask option. See the man page. You can add that option to the ftpd line in /etc/inetd.conf. But it is a global change and will affect every ftp user on the box.

A second option would involve modifying the application. A user who connects via ftp gets the default umask. But the user can issue a umask command to change the umask. Also a user can issue a chmod command to change the permissions on a file. Scan down on that same man page to info about the umask and chmod commands. If you can get the application to do one or the other, that would solve the problem.

Hello Google,

I made an error while describing the problem. I actually changed the .profile of ftpdc and not Marvin in both the cases.

For security reasons ftpdc and the marvin cannot be belong to the same group.

Thanks

Hello Perderabo,
We tried option two. The user on Win2K is using an application developed by a vendor to ftp files at the end of a business process. The vendor's application performs the ftp and it does n't have any option to set the mask or permissions on the outgoing file.

I will try the option 1 and will let you know.

Thanks

I checked /etc/inetd.conf file on my Unix server. I see following entries for ftp:

ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l
tftp dgram udp wait root /usr/lbin/tftpd tftpd\
/opt/hpxt\
/home/tftpdir\
/tmp\
/opt/ignite\
/var/opt/ignite

There is no seperate line for ftpd service name. are these entries okay.
I am not sure what needs to be done in this inetd.conf file to fix my permissions problem.

Thanks

The first line that you posted is the line that needs a change. The first field is "ftp" and that tells you that the line controls the ftp service.

The second entry has "tftp" so it controls trivial ftp, a similiar but different service. This entry is multiline as you seem to recognize. You will leave this entry alone.

The default umask is 027. You need to decide what you want it to be. I will assume the you want 007. I always express umask as a 3 digit number.

So you want to edit the line so it reads:
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -u 007

Now you need to cause inetd to reread that configuration file. The official way to do that is to run:
inetd -c
Another way is send a HUP to inetd manually. This is all "inetd -c" does, it finds the real inetd process and send a HUP to it.

Whichever you do, wait about 15 seconds to be sure that the process is finished. Now new ftp connections should get the new umask.