limiting vsftpd user to subdirectory of home directory
How do I limit a user to a sub-directory of their home directory? I tried editing /etc/vsftpd/vsftpd.conf, and added this:
Code:
chroot_local_user=YES |
You're just setting their login directory in the vsftp conf file, their entry point into the system. I think if they have rights to other directories then they can exercise those rights. Are the users logging into /home/$USER/files when they log in and CWD'ing to /home/$USER (for example)?
Perhaps a better approach is to create the users without home directories and make them part of the "vsftp_users" group, instead. Create a directory in /usr/local/share/vsftp/$USER (for example) as an entry point to which they have rw(x ?) rights and don't give them rights anywhere else on the file system. |
I read about changing the home directory in /etc/passwd to the folder you want them to land in but that doesn't work.
I have a general VSFTPD directory for any user to access. I set it up like you said in /usr/local/... I changed the way it was set up. I am able to access it after traveling out of my / dir in filezilla, and i can write to the vsftpd directory. i just don't land directly in it. |
Quote:
Just point them to the only directory that they have rights to on the Server and they will be effectively bottled up. |
The user does not have a home directory. I just don't know how to re-direct them to a directory where they are locked there.
|
Quote:
|
That just changes the login prompt default directory. I had to change the home directory in /etc/passwd for it to work, but not sure if thats the right way of doing it.
|
All times are GMT -5. The time now is 08:44 PM. |