Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sorry, this information is not what you want, but thought it might lead to something useful.
I think the login must be granted. But you can put a startup file to log them out (echo "exit" >> $HOME/.bashrc) , or try not granting /bin/bash as the startup shell (a startup shell is not needed except when the users is in a telnet, rsh, or local login, ftp doesn't need a shell prompt like bash)
I've found the opposite of what you wanted (a way to deny users ftp access). A list of users who may not login through the ftp command is contained in /etc/ftpusers (search documentation for ftpusers)
I found one idea on the internet, where the list of users in /etc/passwd (field 1 or username field whereever that is, assumed fields are seperated by colons)
# All users will be placed into /etc/ftpusers, except the user allowed to login via ftp.
# The effect is to have all users denied ftp login except the user you specify as
# GOODUSER
# the implementation was in a shell script running in a crontab every day, to
# automatically update the /etc/ftpusers, in case additions are made.
I got it all sorted anyway. So from one newb to another:
Create a file called '/bin/nologin' and chmod to 755. In it add:
#!/bin/bash
echo You don't have shell access here
echo This session will end in 15 seconds
echo Goodbye
sleep 15
Add it to /etc/shells
Change the user's shell to it. When they try and shell they will get that message before being disconnected but they will still be able to FTP.
I got it all sorted anyway. So from one newb to another:
Create a file called '/bin/nologin' and chmod to 755. In it add:
#!/bin/bash
echo You don't have shell access here
echo This session will end in 15 seconds
echo Goodbye
sleep 15
Add it to /etc/shells
Change the user's shell to it. When they try and shell they will get that message before being disconnected but they will still be able to FTP.
All good.
Hey! nice and elegant solution (you could also deny SSH and Telnet access altogether, but probably that's not what you wanted).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.