Hi,I have a scenario where a regular network file system is out of question (firewall and ISP restrictions).
Users have regular accounts on a Linux machine, where they store their files, and if they are security critical, also have a user mountable cryptoloop file system which is mounted via ssh script on demand, if access is required and unmounted when no longer needed. This cryptoloop file system is mounted on a mount point below each user's home.
What I need is a way to give users the ability to mount their regular home directories via SSL secured webDAV in such a way that a) their regular user names and passwords apply (no separate "web passwords") b) all files are accessed by the webDAV server with the privileges of the user logged in, i.e. regular Unix permissions apply and files are created with the proper ownerships and permissions if they are uploaded.
a) and b) are important because the users may use the files sometimes directly on the Linux computer, and sometimes via the WebDAV mount. In other words, something that requires syncing of "regular files" and "files in a WebDAV repository" isn't called for, and we can't require special permissions on the files or risk that WebDAV writes files with permissions that prevents the user from fully manipulating the files when logged in on the Linux machine proper.
Is there a recommended way of doing this? I can't really find much documentation on how to use either regular user passwords for (SSL secured) WebDAV login, or how to make sure that the WebDAV file operations are executed with the UID/GID of the user using the service.
Any pointers highly welcome! Greetings, Ronald
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|