SlackwareThis Forum is for the discussion of Slackware Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Been hacking at ProFTPd on my Slack 10.2 box for a while now and I'm horribly confused (as many of us are apparently). I'm trying to set it up to restrict all users to have Read Only access to /fs/ (I can still get to all the rest of my files using SFTP over SSH).
I've got ProFTPd up and running but I'm lost trying to figure out the config file. No matter what I do it seems to either give me all access to all the files, or no access to anything! Any help would be greatly appreciated.
If I'm not mistaken, I think you just need to set the DefaultRoot ~ line to DefaultRoot /fs. Make sure the directory permissions are set for users to read only. At least this works with a standard ftp server.
I'm not sure how the ssh connection works with sftp or if it circumvents the standard ftp settings since you've already logged on via ssh...
I have the issue if that command just not working either. The DefaultRoot being set anywhere I wish doesn't work. Users always default to their home directory and are able to see the entire file structure.
It is ProFTP according to the documentation, I have removed all of the comments and included just what remains. I have uncommented the user and group lines and created my own. The "DefaultRoot" normally is started as ~, whch is not what I want. I changed the default port to ftp into and the server name. When I ftp to my server, here is the version info:
ProFTPD 1.3.0rc5 Server (ProFTPD Default Installation)
I absolutely do not want anonymous access. Authenticated linux users only.
I have even tried modifying/creating my configuration using webmin, but am still seeing the same results. According to the documentation, the DefaultRoot line should set the root directoty. There originally was an additional line there which started with "Ch" like ChDefault or something which had no effect either.
It isn't a service and according to the documentation it is an "on the fly" type of change. In fact, when I make changes within webmin that are in error (not a recognized function or format) and apply the changes to the server (which restarts it) it will report failures. The only thing I have not done is reboot the entire system, which I prefer not to do as it serves a number of other functions. Rebooting the entire box for a config modification is certainly not desirable.
Nor should you need to reboot the computer. I just didn't remember if you had the option of starting the proftpd as a service not controled by inetd. It sounds like yours is being controlled by inetd so each connection uses the new config automagically.
I'm really sort of stumped as to what is going on here. Granted I'm no expert, but I've never had a problem just chaning the DefaultRoot line... Hmm. The only difference I see between our config files is that my Umask line has 022 022 (the second one is for directories). But I'm not sure why that would matter... Oh, and the port change of course...
Got it. Though it doesn't run as a service, it was running as a process and wasn't being reset. I brought up a process list and killed it. Then I simply ran proftpd to restart it and it worked. Thanks for the help, though. You got me thinking that it simply wasn't restarting as expected.
Here is how I ended up modifying my config file before killing the process. not sure if it made any real difference.
ServerName "FTP Site"
DefaultRoot /var/www/html ftp-users
DefaultChdir /var/www/html ftp-users