Quote:
Originally Posted by thunk
really ZR? I had tested it and it didn't work.
And I don't want people to be able to overwrite ANY .nfo (as in *.nfo), but rather only files named something like foo.nfo that are findable in some specific subdirs of my choice, hence the setup: Overwrite = /*/foo.nfo *.
And Yil, I would still make that unlimited .nfo read access an option, look style accounts are lame anyway.
|
The thing is that it DOES work. But you have to keep in mind that ioFTPD works on the rule that "the first matching permission goes". So you have to have ie. Upload = *.nfo !* above the default rule Upload = * * that allows all kinds of files in any dir (that is chmodded to 777 and otherwise not restricted in any way in the VFS). Also, you of course need to do a site config rehash.
There are alot of useful vfs rules that you can implement to really make ioFTPD do what you want. It's a bit tricky sometimes so a bit of trial and error often leads to the right solution. For example, you can set permissions so that users only can upload files in a subdir of any section (in this case one dir deep), they can still create a dir inside but not upload any files in the root of the parent dir.
Code:
Upload = /incoming/*/*/* *
Upload = /incoming/*/* !*
Don't ask me why is has to be /incoming/*/* !* to deny upload in ie. /incoming/somedir, but that is just how it is. Or maybe it is easy to understand ie. /incoming followed by /*/ another dir and the trailing * to indicate files inside that dir BUT the path in the first rule in my example is /incoming/*/*/*, here it gets tricky. This rule says that uploading inside ie. /incoming/somedir is allowed. So trial and error helps.
Other useful rules could be something like
Code:
MakeDir = */CD[1-9]/*/* !*
MakeDir = */Sample/*/* !*
Now you prevent situations like races that end up with /dir/CD1/CD1 or /dir/CD1/CD2 when some users are in a hurry. Also making dirs inside the Sample dir is prohibited here.
I have 70+ lines of vfs rules, for both dirs and files, and it has been working for years and it still works
Just remember to put any restricting rule above the default Upload = * * or MakeDir = * * etc.
/ZR