LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-25-2014, 10:18 AM   #1
sniper8752
Member
 
Registered: Oct 2012
Posts: 354

Rep: Reputation: Disabled
limiting vsftpd user to subdirectory of home directory


How do I limit a user to a sub-directory of their home directory? I tried editing /etc/vsftpd/vsftpd.conf, and added this:
Code:
chroot_local_user=YES
user_sub_token=$USER
local_root=/home/$USER/files
But it still doesn't work. It still loads the user directory. I did restart the service.
 
Old 07-27-2014, 06:09 PM   #2
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
You're just setting their login directory in the vsftp conf file, their entry point into the system. I think if they have rights to other directories then they can exercise those rights. Are the users logging into /home/$USER/files when they log in and CWD'ing to /home/$USER (for example)?
Perhaps a better approach is to create the users without home directories and make them part of the "vsftp_users" group, instead. Create a directory in /usr/local/share/vsftp/$USER (for example) as an entry point to which they have rw(x ?) rights and don't give them rights anywhere else on the file system.
 
Old 07-27-2014, 10:14 PM   #3
sniper8752
Member
 
Registered: Oct 2012
Posts: 354

Original Poster
Rep: Reputation: Disabled
I read about changing the home directory in /etc/passwd to the folder you want them to land in but that doesn't work.
I have a general VSFTPD directory for any user to access. I set it up like you said in /usr/local/... I changed the way it was set up. I am able to access it after traveling out of my / dir in filezilla, and i can write to the vsftpd directory. i just don't land directly in it.
 
Old 07-27-2014, 10:39 PM   #4
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
Quote:
I read about changing the home directory in /etc/passwd to the folder you want them to land in but that doesn't work.
You would probably have better luck creating the users without a home directory at all. No matter where you put it, the users will have rights to their home directories and all sub directories (unless you change the ACLs).
Just point them to the only directory that they have rights to on the Server and they will be effectively bottled up.
 
Old 07-28-2014, 09:41 AM   #5
sniper8752
Member
 
Registered: Oct 2012
Posts: 354

Original Poster
Rep: Reputation: Disabled
The user does not have a home directory. I just don't know how to re-direct them to a directory where they are locked there.
 
Old 07-28-2014, 07:04 PM   #6
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
Quote:
local_root=/usr/local/share/$USER/files
Is how I've done it in the past.
 
Old 07-29-2014, 08:30 AM   #7
sniper8752
Member
 
Registered: Oct 2012
Posts: 354

Original Poster
Rep: Reputation: Disabled
That just changes the login prompt default directory. I had to change the home directory in /etc/passwd for it to work, but not sure if thats the right way of doing it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Limiting ldap user on its own home directory sarajevo Linux - Server 1 08-11-2008 12:36 PM
vsftpd: Can a local user be restricted to a subdirectory in HOME granduke Linux - Server 1 05-01-2008 09:14 AM
vsftpd - limit user to his/her home directory kaon Linux - Software 0 01-15-2005 01:32 AM
VSFTPD - lock user to home directory ohleary Linux - Software 3 11-20-2003 03:04 PM
vsFTPd: howto keep a user in his home directory jonnyz Linux - Networking 1 06-20-2003 03:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration