LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Vsftpd - 500 OOPS: Cannot change directory (http://www.linuxquestions.org/questions/linux-networking-3/vsftpd-500-oops-cannot-change-directory-449910/)

amon 05-30-2006 09:02 AM

Vsftpd - 500 OOPS: Cannot change directory
 
I am trying to create a test web server/ftp server within a college for students to learn html, php etcÖ I figured to do this properly I should also teach them a little ftp and other things to give a full picture.
I have the apache set up and if I add a user on the workstation they get a public_html directories that works and their pages appear no problem.
I want the students to be able to log in with their AD 2003 usernames and passwords (I donít want to have to administer any more users/passwords). If I log in locally with the user not a problem, the students can make pages and they are hosted normally from the box.
The problem arises that the students donít have their home directories created by default until they look onto the computer so when they ftp they get:
For example:
Code:

500 OOPS: Cannot change directory:/home/fred
If the student is logged into the machine normally or I su to the student then I get:
Code:

rockhopper:/etc/pam.d# su test.student
Creating directory '/home/RIC/test.student'.
Creating directory '/home/RIC/test.student/public_html'.

And then the ftp works fine.

I have tried adding the pam_mkhomedir to my /etc/pam.d/vsftp file but with no luck. File shown below [/etc/pam.d/vsftp]:
Code:

# Standard behaviour for ftpd(8).
auth    required        pam_listfile.so item=user sense=deny file=/etc/ftpusers
onerr=succeed

# Note: vsftpd handles anonymous logins on its own.  Do not enable
# pam_ftp.so.

# Standard blurb.
@include common-account
@include common-session

@include common-auth
auth    required        pam_shells.so
#auth  required        pam_mkhomedir.so umask=022 skel=/etc/skel/
session required        pam_mkhomedir.so umask=022 skel=/etc/skel

File shown below [/etc/pam.d/common-session]:
Code:

session required        pam_mkhomedir.so umask=0022 skel=/etc/skel
File shown below [/etc/pam.d/su]:
Code:

#
# The PAM configuration file for the Shadow `su' service
#

# This allows root to su without passwords (normal operation)
auth      sufficient pam_rootok.so

# Uncomment this to force users to be a member of group root
# before they can use `su'. You can also add "group=foo"
# to the end of this line if you want to use a group other
# than the default "root" (but this may have side effect of
# denying "root" user, unless she's a member of "foo" or explicitly
# permitted earlier by e.g. "sufficient pam_rootok.so").
# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
# auth      required  pam_wheel.so

# Uncomment this if you want wheel members to be able to
# su without a password.
# auth      sufficient pam_wheel.so trust

# Uncomment this if you want members of a specific group to not
# be allowed to use su at all.
# auth      required  pam_wheel.so deny group=nosu

# Uncomment and edit /etc/security/time.conf if you need to set
# time restrainst on su usage.
# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
# as well as /etc/porttime)
# account    requisite  pam_time.so

# This module parses /etc/environment (the standard for setting
# environ vars) and also allows you to use an extended config
# file /etc/security/pam_env.conf.
#
# parsing /etc/environment needs "readenv=1"
session      required  pam_env.so readenv=1

# The standard Unix authentication modules, used with
# NIS (man nsswitch) as well as normal /etc/passwd and
# /etc/shadow entries.
@include common-auth
@include common-account
@include common-session


# Defines the MAIL environment variable
# However, userdel also needs MAIL_DIR and MAIL_FILE variables
# in /etc/login.defs to make sure that removing a user
# also removes the user's mail spool file.
# See comments in /etc/login.defs
#
# "nopen" stands to avoid reporting new mail when su'ing to another user
session    optional  pam_mail.so nopen

# Sets up user limits, please uncomment and read /etc/security/limits.conf
# to enable this functionality.
# (Replaces the use of /etc/limits in old login)
# session    required  pam_limits.so

Is there a way I can run a script when a user logs in to ftp that makes their home directories or do I have to manually (or get a script to) make all the home directories before the lesson? I've been googling this one for hours :scratch:

cux 05-31-2006 09:46 AM

You'll have to make each home directory for a user can log in.

However, when you create the account you can do this:

useradd -m newstudent

Use the -m parameter with useradd, that way the home directory of the user will be created. Don't forget to assign a password to.

You can use passwd or you can use a command called chpasswd.

With chpasswd you can store all the passwords in one file and run it as a script. It will save you some time. You can buil your passwords script like this ...

user1 : password
user2 : password
user3 : password
(with no blank spaces between the user and password).
...

save to a file and then ...

chpasswd < file-with-passwords

Any way, you can look at the man page for chpasswd.

Hope it helps.

amon 05-31-2006 10:16 AM

Quote:

Originally Posted by cux
You'll have to make each home directory for a user can log in.

However, when you create the account you can do this:

useradd -m newstudent

Use the -m parameter with useradd, that way the home directory of the user will be created. Don't forget to assign a password to.

You can use passwd or you can use a command called chpasswd.

With chpasswd you can store all the passwords in one file and run it as a script. It will save you some time. You can buil your passwords script like this ...

user1 : password
user2 : password
user3 : password
(with no blank spaces between the user and password).
...

save to a file and then ...

chpasswd < file-with-passwords

Any way, you can look at the man page for chpasswd.

Hope it helps.

My problem is all the users already exist, they are pulled in from and authenticated by the AD server. So it looks like my only option is to make a script that copies the /etc/skell over to the home drive for any users that don't have a home drive.

I'll post it here later if i get it working.

amon 05-31-2006 11:17 AM

A solution
 
This isn't the best of solutions however... This script took me a lot less time to write than the googling that I did previously without success. And had I done this in the first place I'd have had to run the script a lot of times for it to add up to hours.

For anyone who is interested here is my script:
Code:

#!/bin/sh
for user in $( wbinfo -u|grep -v [$]|grep [.] );
do
        su --command="exit" $user
done

Quick explanation of script
===== =========== == ======

I used wbinfo -u to pull in the user names.
Piping '|' the output through grep I was able to remove all names not '-v' containing a '$' (the machine names have a '$' on the end).
Piping '|' the output through grep again to give me only names containing a '.' (all student usernames are <surname>.<firstname>).

When root su's to another user if needed their home is created. issuing the '--command="exit"' argument to su gets su to run that command effectively as soon as su logs on as a user the user logs off (the directories is created as soon as the user logs on).


All times are GMT -5. The time now is 11:59 PM.