Hi,

I am creating a ftp user and I can connect home folder of this user. But This user can change home folder and It can go other folder as read onyl.

I dont want to go and see other folders of this user. how can i prevent see other folders of this user?

Thanks.

chroot!

Hi,

How can i use chroot a home folder? Please can you write some examples?

Thanks.

Check out the following link:
http://www.cyberciti.biz/tips/vsftp-...directory.html

Hi,

I want to do your writes but I am getting this error message when I want to run vsftp.

What do you think?

[root@webserver init.d]# ./vsftpd start
Starting vsftpd for vsftpd: [ OK ]
[root@webserver init.d]# service vsftpd status
vsftpd dead but subsys locked
[root@webserver init.d]#

Hi,

vsftp running
[root@webserver root]# service vsftpd status
vsftpd (pid 3558) is running...

and I did change as per your send link.

# vi /etc/vsftpd/vsftpd.conf
chroot_local_user=YES
# /etc/init.d/vsftpd restart

Then I am trying with a ftp client software (example putty or ssh secure file transfer) but still I can change folder and I can see other folders.

Why can I see other files? Must i do any different settings?

Thanks.

Looks like you have another FTP service that is running.

Were you already using vsftpd or were you using a different ftp service?

You would need to disable the other ftp service and then start vsftpd.

--Sorry delayed typing, this was in response to post 5, however it appears you have moved beyond this point now.

Please post the results of:This will let me know what settings you are currently using.

Example vsftpd.conf file (without comments) which works for me:

Hi Disillusionist,

Please can you tell me, how can i know about other ftp service running?

I see a service name is proftpd Then I am doing,
[root@webserver root]# service proftpd status
Usage: /etc/init.d/proftpd { start | stop }
[root@webserver root]# service proftpd stop
[root@webserver root]# /etc/init.d/proftpd stop

Then I am trying connection with ftp client software but I can still other folders and I can change folders with ftp client software.

I need your help. Thank you for your great support.



[root@webserver root]# grep -v '^#' /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_list_enable=YES
chroot_local_user=YES
chroot_list_file=/etc/vsftpd.chroot_list

pam_service_name=vsftpd
userlist_enable=YES
listen=YES
tcp_wrappers=YES
You have new mail in /var/spool/mail/root
[root@webserver root]#

our config is here, not maby best in a world but works:



############################################################3
write_enable=YES
dirmessage_enable=YES
nopriv_user=ftpsecure
ftpd_banner="xxxxxxxxxxxxxxxxxxxxxxxxxxx"

local_enable=YES
local_umask=002
chroot_local_user=YES


anonymous_enable=NO
anon_world_readable_only=YES


syslog_enable=NO

log_ftp_protocol=YES
xferlog_enable=YES
vsftpd_log_file=/var/log/vsftpd.log
xferlog_std_format=YES
xferlog_file=/var/log/xferlog
dual_log_enable=YES

connect_from_port_20=YES
idle_session_timeout=600
data_connection_timeout=120
ascii_upload_enable=YES
ascii_download_enable=YES

pam_service_name=vsftpd


ssl_enable=NO

####################################################################

How to see running processes:
ps ax|grep -v grep |grep -i ftp
change ftp -> vsftpd if you want more narrow listing..


Marko

Check the results of:
If there are other ftp related services, you should stop them.

Additionally, check the contents of the /etc/xinetd.conf file
and /etc/xinetd.d directory, (some older ftp services use inetd)

Do you have any entries in the /etc/vsftpd.chroot_list file?

The users listed in this file will not be chrooted.

When chroot_local_user is not set or set to NO, the chroot_list_file is used to specify users that should be chrooted.

However, the purpose of the file is switched when chroot_local_user is set to YES.

Hi Disillusionist,

I am getting this error message when I run service --status-all|grep ftp

[root@webserver root]# service --status-all|grep ftp
Please run makehistory and/or makedbz before starting innd.
rndc: connect failed: connection refused
Usage: /etc/init.d/proftpd { start | stop }
squid: ERROR: No running copy
vsftpd (pid 3558) is running...


Aslo you can see xinetd.conf at below.

[root@webserver root]# cat /etc/xinetd.conf
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}

includedir /etc/xinetd.d


Then You can see vsftpd.chroot_list at below

[root@webserver root]# cat /etc/vsftpd.chroot_list
bublehead

Hi,

I changed my vsftpd.conf file as per your above write then I stop and start vsftpd service. Then I try with a ftp client software I can still other files and folders.

I need your help please.

Thanks.

OK, the --status-all argument to the service command passes 'status' through to each script in /etc/init.d

From the output you are seeing, there does not appear to be a status option for the proftpd service.

The fact that vsftpd is showing as running, means that proftpd is not currently running (otherwise there would have been problems starting vsftpd).

You may want to ensure that proftpd doesn't startup on server reboots.

You may need to ensure that vsftpd starts on server reboots.
Are you testing with user "bublehead" or with other users?

When chroot_local_user=YES entries in the chroot_list file are not locked down. I realise now that I had an error in my previous post.

Yes I did your all says Then I try with bublehead And I saw Bublehead have same problem. I am connecting with bublehead And I can see all folders and files Also I can chnage folders I can go all system folders.

What can i do for solve this problem?