Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Team,
Do we have any tool in Linux which works like FSRM in windows? We need to do file screening on Linux box and i don't know how to do it.
Please suggest.
A good suggestion is to try to do some research on your own first. Also, we aren't members of your 'team', but volunteers on this site. Also, we will suggest you read the "Question Guidelines" link in my posting signature.
You provide no details to let anyone help you; we need version/distro of Linux, what you're trying to accomplish, what you're using currently, etc. You say 'file screening', but don't say what you're using now to GET these files onto a system to be screened. The solutions for Samba are far different than if you're using FTP, RSYNC, SCP, or even a custom script.
Thanks for the guidelines and sorry for not giving proper information,Vetofile wont work because, we have users who access RHEL 6.6 box via sftp to upload files. sftp access provided to that user lands him to a specific folder (/tmp/sftpfolder) using chroot on sshd config, now when a user is trying to upload a file with an extension .exe or mp3, it should be blocked.
Is there any possibility in doing this on a RHEL 6.6 box ?
Thanks for the guidelines and sorry for not giving proper information,Vetofile wont work because, we have users who access RHEL 6.6 box via sftp to upload files. sftp access provided to that user lands him to a specific folder (/tmp/sftpfolder) using chroot on sshd config, now when a user is trying to upload a file with an extension .exe or mp3, it should be blocked.
Is there any possibility in doing this on a RHEL 6.6 box ?
Again, vetofile was suggested, because you didn't provide any details up front. Had you mentioned that you wanted to do this on a directory where users were putting files via sftp, the suggestion would be different.
You can't do what you're after using SFTP on ANY system, Windows or Linux, but you do have options. The first (and easiest), is to write a script to look at the upload directory, and simply delete any files matching the pattern. Very simple, and easy to implement.
The second is harder, but much more robust. OpenSSH lets you use an external process for an sftp server, via the Subsystem directive in sshd_config. You could implement your own sftp server, using whatever script/program you wish. The Net::SFTP:SftpServer perl module has a working example. It has a configurable callback function for file transfer events, which would allow you to inspect the file name. Enable this globally in sshd_config with Subsystem sftp <whatever your program/script is>.
And since you're using RHEL 6.6, have you contacted RHEL support for any advice/guidance they may have? You are PAYING for RHEL, right?
Thanks for replying, I have already taken this issue to REDHAT and they say, there is no option available with REDHAT, rather asking us to get some 3 rd party tool to have this issue addressed. ( 3rd party tool not mentioned by the support).
Hi,
Thanks for replying, I have already taken this issue to REDHAT and they say, there is no option available with REDHAT, rather asking us to get some 3 rd party tool to have this issue addressed. ( 3rd party tool not mentioned by the support).
Ok, so you're back to either writing a simple script to do this, or by using an external sftp process as mentioned. The CPAN/Perl route is fairly robust, and will let you do exactly what you're after.
In addition, check the filetype, not (just) the extension.
Changing or adding to the extension is the oldest trick in the book to get around this sort of restriction.
Look at the 'file' cmd https://linux.die.net/man/1/file as a starting point.
Thanks for the guidelines and sorry for not giving proper information,Vetofile wont work because, we have users who access RHEL 6.6 box via sftp to upload files. sftp access provided to that user lands him to a specific folder (/tmp/sftpfolder) using chroot on sshd config, now when a user is trying to upload a file with an extension .exe or mp3, it should be blocked.
Is there any possibility in doing this on a RHEL 6.6 box ?
This can be set depending on the FTP platform you are using, for example vsftpd can be set with the line below and it will blocked those extensions that are define within the curly braces.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.