Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've posted this on countless messageboards and, in fact, have seen similar posts (all of which either go unanswered or refer the writer to the Proftpd docs - which my wife tells me I now recite in my sleep...). I'm a linux newbie (by about 8 months) but I compile Proftpd and it works like a champ in the anonymous department, right off the bat. However, all normal users are able to log in and surf the entire computer. For instance, even though I have a group called "ftpusers" and the GUI in RedHat 7.3 confirms that various people are members of that group - and I have an account configured for "group ftpusers" with the "Default Root ~" directive, it matters not that their home diretory is /usr/local/ftp - they can go completley thru the directory structure once they've logged in. In other words, I cannot chroot them to their home directory. Even though I want the flexibilty of Proftpd I finally gave up and installed vsftpd - not nearly as many features but, by and large, brain-dead. I copied the included "ftp" file for the "pam.d" directory and vsftpd worked immediately - anonymous and ftpusers chrooted. Still - I like the possibilities of Proftpd. Can anyone, possibly, venture a guess as to what in the hell I am doing wrong with proftpd?
I do not have a specific answer for you.
What I do have is a recomendation for Webmin.
Go to www.webmin.com and download the rpm for the latest version.
After installing use your browser to go to http://127.0.0.1:10000
Login and go to the server tab, there is a ProFTP module builtin Webmin.
After you finish with ProFTP go to the System tab in Webmin and choose "startup"
and set the "Webmin" service to not start at bootup.
If you need Webmin again, open a terminal, su to root, run this command:
I sincerely appreciate the reply - that's more than I have gotten from their mailing list - lol. I wrote an interative shell script about a month ago that succesfully installs mysql, php, qmail plus a bunch of add-ons, apache with ssl, webmin, and webalizer with the input of a couple of commands - webmin is already installed and running on two boxes. It's set up to start at boot time. I do not, on the other hand, have Proftpd installed BUT when I did the only thing Webmin did was offer a graphical window which neatly displayed the configuration file. It offers no help, at least that I could find, on what you're supposed to do with that file. Maybe I missed something. One of the things that drives me crazy is that I've really learned a lot and I've never been really stumped, to this extent. I have 7 VirtualHosts running from Apache - as I indicated - qmail, webmin, webalizer, etc. Everything runs great, I've had to troubleshoot a few problems and eventually succeeded................but this.....this defies any sort of answer. I think my LAN needs an exorcism or something. Guy doesn't know.
We have a proftpd installation that works as you want it to.
I didn't install the server myself, but I went through teh proftpd.conf file and i think the line responsible for the "chroot home jail" is:
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line
DefaultRoot ~
By the way, this is a Suse distribution
You're correct, the command to chroot a user is "DefaultRoot ~". And, for anonymous FTP, it works perfectly. But when I create another account (I had been using "guest" for "user" - maybe that's where I'm going wrong) that command seems to have no effect, whatsoever. Anyone with a valid shell account (any user with a username and password) logs into their group/home directory and can then proceed to go through the entire computer. I must be missing someting very fundamental in the way the config file is supposed to be laid out - although I've read their docs at length. I did see a series of post on Devshed in which somone was having the exact same problem and had tried all sorts of things to no avail. I haven't got the config file I was using handy or I'd post the thing. As I said, I finally gave up and installed vsftpd. I've got 4 people in my server right now or I'd just start messing around and try Proftpd again. Thanks very much for the input, though.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.