LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-15-2004, 02:18 PM   #1
Seventh
Member
 
Registered: Dec 2003
Location: Boston, MA
Distribution: Redhat / Debian
Posts: 269

Rep: Reputation: 30
FTP permissions question


This is probably super newbie, but I have to ask..

I have a user that I want to be able to FTP in, but have no permissions above his home directory.

I did an adduser "fred", and passwd "fred", and voila, Fred can FTP to my server, and he starts up in his home directory.

But, he can cd .. all the way back to root. Can't do anything there, but I'd like to restrict him to just his home directory and stuff under it.

If there's a tutorial on this I'd love a link - everything I google seems to be much more in depth than I need.

Redhat 9, command line only, btw.

TIA
 
Old 06-15-2004, 02:21 PM   #2
Donboy
Member
 
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736

Rep: Reputation: 31
You need to "chroot" him to his home directory. There are FTP programs that do this. ProFTPd is one. That's the one I use. Look for a tutorial on setting that up on your machine. It's a good idea because you don't want users being able to view all the stuff on your machine. Sooner or later, somebody will abuse this and try something malicious.
 
Old 06-15-2004, 04:12 PM   #3
tisource
Member
 
Registered: Feb 2002
Posts: 322

Rep: Reputation: 30
I agree, proftpd is the way to go. It will allow you to "chroot" them to their home directory, which will help keep them out of places they shouldn't be. ProFTPd is my favorite, and highly recommend it. Most major vendors include it in their distributions, so getting it installed should be relatively painless. We can help you with the syntax of the config file if that is a problem.
 
Old 06-16-2004, 01:17 PM   #4
Seventh
Member
 
Registered: Dec 2003
Location: Boston, MA
Distribution: Redhat / Debian
Posts: 269

Original Poster
Rep: Reputation: 30
Thanks guys, I am running proftpd.

The bold code is what I had to edit to set the home directory as "virtual root".

Quote:
# This is a basic ProFTPD configuration file (ren
# 'proftpd.conf' for actual use. It establishes
# and a single anonymous login. It assumes that
# "nobody" and "ftp" for normal operation and ano

ServerName "ProFTPD"
ServerType inetd
ServerType inetd
DefaultServer on
<Global>
DefaultRoot ~
AllowOverwrite on
</Global>
DefaultTransferMode binary
UseFtpUsers on
 
Old 06-16-2004, 03:27 PM   #5
tisource
Member
 
Registered: Feb 2002
Posts: 322

Rep: Reputation: 30
Okay, you need to change your "DefaultRoot" to

DefaultRoot ~ group1

Whoever is in the group1 group will be "chrooted" into their home directory.

You can add group names to the directive, like this:

DefaultRoot ~ group1,group2

Whoever is in group1 and group2 will be "chrooted" into their home directory.

Or, alternatively,

DefaultRoot ~ group1,!group2

Whoever is in group1 but not in group2 will be "chrooted" into their home directory.

Hope that helps.

Good luck!
 
Old 06-16-2004, 04:09 PM   #6
darklordzim
Member
 
Registered: Apr 2004
Location: Minnesota USA
Distribution: Ubuntu 9.10 desktop, and 9.4 server
Posts: 50

Rep: Reputation: 15
vsftpd

is there a way to do the same thing with vsftpd? thats what i'm running .. and i was wondering the same thing.. i know anon is auto chrooted to /var/ftp/ but any system user can view the whole tree?
 
Old 06-16-2004, 08:03 PM   #7
tisource
Member
 
Registered: Feb 2002
Posts: 322

Rep: Reputation: 30
I have no idea.... I've never used vsftpd. I had someone try to convince me to use vsftpd, but I stick with what I know (and ProFTPd has served me well!!). Sorry.

I'm sure there is an answer in the vsftpd documentation (you'd think, anyway).
 
Old 06-16-2004, 08:13 PM   #8
Seventh
Member
 
Registered: Dec 2003
Location: Boston, MA
Distribution: Redhat / Debian
Posts: 269

Original Poster
Rep: Reputation: 30
Aye I wish I could help also.

On the other hand, I'll fedex someone some cookies if they can help me figure this guy out:

http://www.linuxquestions.org/questi...hreadid=194229

 
Old 06-23-2004, 04:33 PM   #9
dotc
LQ Newbie
 
Registered: May 2004
Location: Dallas
Posts: 14

Rep: Reputation: 0
Thumbs up FTP super user

Hi:
I have created an FTP super user who should be able to access all the other files. I have done that using vsftpd config file. The only problem i m facing is when the user uploads the file into his account. The default permissions set for the file is rw------- while i want it to be set as rw-rw---- so that the group users will be access the files and the super user is one on the group. I want to know if there is any way to get this thing working.
Thanks in Advance
cheers
Chethan Channappa
Research Assistant
University of Texas at Dallas
 
Old 06-23-2004, 04:55 PM   #10
Donboy
Member
 
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736

Rep: Reputation: 31
You should probably post a brand new thread for this question so it can get noticed by people who know vsftp pretty well. I only know proftpd and this thread is all about proftpd, so people may not notice your question at all.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP Permissions varunbihani Linux - General 2 03-24-2005 10:34 AM
Apache FTP permissions question Seventh Linux - Newbie 1 05-20-2004 04:09 PM
ftp permissions race Linux - Networking 0 01-15-2004 02:33 PM
Permissions on FTP ntloser Linux - Security 1 12-28-2003 01:10 PM
FTP Permissions Wynd Linux - General 4 11-04-2003 09:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration