LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-14-2004, 04:30 PM   #1
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Rep: Reputation: 15
How to bind users to their home directories?


Greetings,

We have a server running samba, ftp, and a bunch of other things.
When create an ftp/samba user, I also have to create a linux user.

That user can log in and browse through the system, and sometimes we forget to change permissions of certain files, so they can actually be viewable.

Is there a way to create a group (samba/ftp), and set the users in that group to be bound to their home directories?

I remember seeing something like that when doing the initial linux setup, but I don't remember what it was.

Thanks
 
Old 09-15-2004, 10:26 AM   #2
r0b0
Member
 
Registered: Aug 2004
Location: Europe
Posts: 602

Rep: Reputation: 49
You could use some chroot settings, but I guess this will not be worth the effort. Just set the permissions in top level directories restrictively, and you won't have to worry about forgetting to set up permissions on individual files/directories.
 
Old 09-15-2004, 03:32 PM   #3
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,141

Rep: Reputation: 322Reputation: 322Reputation: 322Reputation: 322
When you create the account, you can set the user's shell to something that can't actually login, e.g. /sbin/nologin. Samba should still work, but the user won't be able to actually login to a shell on the Linux machine (they may be able to FTP in, depending on how stuff is set up).
 
Old 09-15-2004, 03:44 PM   #4
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Original Poster
Rep: Reputation: 15
I just tried it, and it's pretty much exactly what I was looking for, except that FTP login doesn't work (I'm using wu-ftpd).

Is there a limited shell that I can use in the similar way that can FTP?

Thanks
 
Old 09-15-2004, 08:27 PM   #5
flashingcurser
Member
 
Registered: Jan 2003
Distribution: many win/nix/mac
Posts: 259

Rep: Reputation: 31
If you look around you will find mysql backend authentication for various ftp deamons. I use proftp with mysql back end, it authenticates fine, keeping group id's, user id's, and change roots individual home directorys. No shell accounts.

Google for mysql proftp.


 
Old 09-15-2004, 11:34 PM   #6
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,141

Rep: Reputation: 322Reputation: 322Reputation: 322Reputation: 322
Wu-ftpd checks and makes sure a user's shell is in /etc/shells before it lets them login. If the login shell isn't in there, then no FTP access. What I sometimes do is add /bin/true to /etc/shells and then make it a user's shell. It won't let the user have shell access, but wu-ftpd will let them in.
 
Old 09-16-2004, 06:32 PM   #7
trees
Member
 
Registered: Dec 2003
Location: Earth... I think!?
Distribution: Debian
Posts: 32

Original Poster
Rep: Reputation: 15
Alas! It is exactly what I was looking for!

Many thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP virtual users with different home directories remi Linux - Software 14 07-27-2009 12:20 PM
vsftpd, web uploads, vsftpd virtual users, apache virtual hosts, home directories jerryasher Linux - Software 7 02-18-2007 07:29 AM
Apache Root/Home Directory and setting up FTP for home directories? Mankind75 Linux - Newbie 6 07-23-2006 03:37 PM
browseable home directories kenji1903 Linux - Networking 18 07-30-2004 05:10 AM
permissions home directories powadha Debian 6 06-11-2004 12:45 PM


All times are GMT -5. The time now is 06:56 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration