create a public directory for chroot ftp users
im using vsftpd & by default, when i create a user they are jailed in their directory which is /home/user i have enabled chroot_local_user=YES
on the other hand, i also wanted to create a shared folder for all the ftp users. so in a nutshell, they have their own directory and they have a shared group folder / +/home +user1 +shared_folder been trying to search this on google and i cant find any solution. i have already tried mount --bind /home/share/ /home/test/shared/ |
The mount --bind enabled me to achieve what you describe.
I found that vsftpd would not allow the root of the chroot jail to be writable by the user. This is the error you get if the user's root directory is writable: Code:
500 OOPS: vsftpd: refusing to run with writable root inside chroot () I decided not to allow my ftp users access to their local /home/<username> directory at all. They can login via ssh if they need to access it. For their ftp needs, I created a /home/ftpuser/<username> directory for each user. For example, for user1, /home/ftpuser/user1. I granted user1 read and execute access, but not write access, to the user1 directory, because this is their chroot home, and vsftp fails if they have write permission. Under their chroot home I created an ftp directory and a share directory. When they login, they can change directory into either one. Both subdirectories are set up with 700 permission bits, but the share directory will have another group shared directory, /home/share, mounted on it using mount --bind. You could do the same with a public (world read/write/execute) directory if you prefer. So with that background, here is the configuration: Here are the relevant parts of vsftpd.conf: Code:
local_enable=YES Here is the relevant part of the directory structure under /home: Code:
|-- ftpuser /etc/vsftpd/vsftpd.user_list is a list of all the ftp users allowed to login. Code:
# cat /etc/vsftpd/vsftpd.user_list Code:
# ls -l vsftpd_user_conf Code:
# cat vsftpd_user_conf/user1 These commands mount the /home/share group shared directory on top of each users /home/ftpuser/userx/share subdirectory. Code:
mount --bind /home/share /home/ftpuser/user1/share |
thank you for this! its now working! and the explanation was awesome :)
another thing, I hope you can clarify this, im not sure if its just me but, when i restarted the server the binded folder i created vanished, i have to re-bind them again. is this normal? |
Do you mean when you restarted the vsftpd server? No, I can't think of any reason why that would occur. The mount is completely independent of vsftpd. Once mounted, they should stay mounted until you reboot or issue a umount command. Issue "mount -l" to list all your mounted filesystems, they should appear.
I don't run vsftpd as a standalone daemon. I run it as a service under inetd. inetd starts and stops vsftpd as required, and my mount bindings don't go away. |
One other thing you might try if your bind mounts are going away (although I don't see why they would) is to put them in /etc/fstab.
For example, to bind mount /home/share on /home/ftpuser/user1/share in fstab, you would add this line to /etc/fstab. Code:
/home/share /home/ftpuser/user1/share none defaults,bind 0 0 |
All times are GMT -5. The time now is 05:42 AM. |