Access Privileges

Which files a user may see, and what they can do with those files, can be set on both a server-wide, and per-user basis.  The server can also inherit settings from the operating system.

Server-Wide Settings

These options may be set in a configuration file or on the command line.  They override any per-user settings.

NoOverwrite (-O)
Prevents incoming files from overwriting existing files.  Clients must delete an existing file prior to uploading one with the same name.

ReadOnly (-r)
Prohibits any actions which would change the filesystem.

RestrictClients
Only clients with a Site declaration will be allowed to perform transactions with this server.  All other clients will be denied, regardless of their credentials.

RestrictHome (-H)
No user may directly access files outside of their home directory.  However, symbolic links will be honored.  ExpeDat versions prior to 1.7 behaved as if RestrictHome were always on.

AuthFile Settings

When servedat is run as root on a unix system, you may specify system user and group ids in the AuthFile.  All actions taken on behalf of the user will be done using those system privileges. In addition, the ReadOnly and RestrictHome options may be turned on for individual users by including them in the AuthFile options field.

System Settings

When servedat is run as root on a unix system, you may use the SysAuth option to have servedat check the system user database for usernames, passwords, user and group ids, and home directories.  System users will also inherit their secondary group memberships.  However, you may not set ReadOnly or RestrictHome for individual users inherited from the system.

If you run servedat as root without specifying either SysAuth or AuthFile, it will automatically turn on SysAuth.

If servedat is run as a user other than root, then all accesses will be done using the system privileges that servedat started with.  This means that user and group ids will be ignored.  On most unix systems, only root can access the system user database.