SFTP Bug ? - Sharing Folder via Group or User

[woebking]

   

I have a LinkStation Duo (LS-WX2.0TL/R1-EU), Firmware 1.24, with SFTP enabled, 12 users in 3 groups an 3 shared folder (one for each group).

 

If a user in a group has a share, he won't see them via SFTP, only the default folders .midbeans and .hierophant.

If the same user has his rights permited directly (not via a group), everything is fine, and he see his folders...

 

SMB works in both ways.

 

Bug or feature ?

[clfischer]

Bug I think. Same with the Terastation III. I'm using firmware version 1.20. There is a newer version 1.30 which I haven't tried yet because I'm not able to easily get on the same subnet as the NAS :(

[clfischer]

Still not fixed in firmware 1.32 on the Terastation.

[Dustrega]

Group rights definition takes precedent over individual user rights.  Basically, it might be a little backwards but if that user needs unique permissions I estimate that they would not belong to a generalized group in that case.

[clfischer]

Maybe I wasn't clear or perhaps I misunderstood the original post so let me explain again.

 

There are 20 users, 10 are in 'groupA', 10 are in 'groupB'. I create two folders 'folderA' and 'folderB' and I set the permissions so that 'groupA' is allowed access to 'folderA' and 'groupB' is allowed to access 'folderB'. Now all users can successfully access their respective folders via SMB but NOT via SFTP. SFTP appears to completely ignore the group permissions and the only way to allow users to access their group folders via SFTP is to explicitly allow access to each user individually.

 

In other words SMB uses groups as you would expect, but SFTP ignores them.

[Dustrega]

Thanks for the clarification.  I'll look into it.

[Dustrega]

One of our associates is looking into this issue further.  Might be a firmware bug.  We'll hopefully know the exact answer soon.

[CaptainBJones]

Just wondering if any progress has been made on this issue. I have a TeraStation (TS-X4.0TL/R5) that I just updated to the 1.41 firmware hoping it would fix the issue, but it does not. It still exhibits the same behavior described above (smb group access is okay, sftp requires explicitly assigning user to folders) Thanks

[eurospoofer]

Thanks guys, you've solved the problem of where my shared folder was. :smileyhappy:

 

I've just been setting up a new ls-wxl and have found a couple of strange behaviours with groups.

 

Until now, I only used groups for access and added members to groups to grant them access.

 

Initially I set up one share with two groups, one read only, the other read/write.  Placing a user in both groups, they took on the lowest

rights granted over both groups, read only.  Bit odd as, in my experience, most acl systems work the other way, granting the greatest privileges.  but not a bug really.

So, I removed the user from the read only group, dropped all connections and re connected, expecting write access,

but still read only!  I deleted the read only group and re-created it, and the user got write access.  sniffs of a bug.

 

This was over SMB access btw.

Thought these kind of things might be helpful in locating the problem.

 

Thanks

 

[eurospoofer]

sorry, forgot to mention, its firmware 1.24.

[JoshC]

What happens when you try to connect to it via FTP?  Same result?  This issue is still being looked into.

[CaptainBJones]

Just tested it with standard FTP and it does not work. SFTP/FTP both allow me to see / /mnt /mnt/array1 but none of my shared folders on array1. ( do see a .accesstest file)

[Dustrega]

Are the shared folders FTP enabled in the Shared Folder Support section of the individual folder settings?

[fmfc]

I have the same issue. It seems the bug is still there.

 

I am using LS-WVL, firmware upgraded to 1.41.

 

If a share folder is set permission to a local group, it will not appear if I connect using SFTP (with a user of that group). However, it will appear if using FTP.

 

If a share folder is set permission to a local user, it will appear no matter SFTP or FTP is used.

 

And I did check the FTP/SFTP Support settings in Folder Setup Tab of WebAdmin UI.

 

The SFTP client I use is WinSCP, version 4.29 running on Windows Vista.

 

 

 

[clfischer]

Updated my Terastation III firmware to 1.54. Still can't access shares over SFTP unless the user is explicitly granted permission. In other words, group permissions are still ignored for SFTP :-(