The tutorial I used for the jail is this one....
http://www.tjw.org/chroot-login-HOWTO/
here's my proftpd.conf..
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "xxxxxxxxxxxxxxxx"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30
# Set the user and group under which the server will run.
User nobody
Group ftp
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
# Normally, we want files to be overwriteable.
<Directory />
AllowOverwrite on
</Directory>
# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
MaxClients 10
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
<Global>
RootLogin off
DefaultRoot ~
SyslogLevel info
</Global>
and as i said I have tried uncommenting #DefaultRoot ~ and it still won't work.
error_log has this...
Aug 28 15:51:01 xxxxxxxx proftpd[8887]: xxxxxxxxxxxx.net (c-xx-xx-xxx-xxx.xxxxx.xxxx.net[xx.xxx.xx.xxx]) - PAM(xxxxx): Authentication failure.
I can only think that maybe it has something to do with the priveleges.....can't put my finger on it.
Maybe what group or user its running under? dunno, just brainstorming.
Thanks for taking a look at this btw...I'll be here working on it all day if you need more info.
linux_terror
------------------------------------------------------------------------
In the game of life it takes a root prompt to really foul up.
