LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Help with permissiond for FTP (https://www.linuxquestions.org/questions/linux-software-2/help-with-permissiond-for-ftp-63942/)

r042wal 06-05-2003 09:33 PM
Help with permissiond for FTP
 
I set up a vsFTPd and I have it running in a chroot jail, /home/ftp. The permissions on this folder (ftp) are 777.

Inside the root folder are two other folders, 'downloads' and 'incoming'.

My user's home are /home/ftp and they are members of the group FTP.

Right now, they can log in to the root, but when they attempt to change to the download or incoming folder, they get the message '550 Failed to change directory'

How can I set up the permissions so they can download from the download folder, but they can't create or delete files or folders here?

In the upload folder, I would like them to be able to create files and folders, but not delete them (unless they are the owner).

In the root, they shouldn't be able to create files or folders, only traverse to the 'download' and 'incoming' folder.

Root would have full access.

Thanks

Korff 06-05-2003 10:37 PM
So let me get this straight: You have 1 user for the FTP server and its home is /home/ftp. You want that folder to have nothing in it but 2 subfolders, 'downloads' and 'incoming'

You want people to be able to enter and download files from the 'downloads' folder but not write or delete.

You want people to be able to write to the 'incoming' folder but not delete.

Am I correct? Please correct me if I misunderstood.

Personally, I would set the folders all up like this:
Owner: root
group: ftp

And I would go this:
/home/ftp: rwxr-xr-x ||||||| Root can do anything, others can enter the folder and read the contents but not write.
/home/ftp/downloads: rwxr-xr-x: |||||||| Same as above
/home/ftp/incoming: rwx-wx-wx |||||||| Root can do anything; Anyone else can enter and write, but can't delete anything because they can't even see what they're uploading!


An alternative would be to make your "regular" user the group of the incoming folder so you don't have to log on as root to get stuff out of it. So you could do, for /home/ftp/incoming:
Owner: Root
Group: Your username
Permissions: rwxrwx-wx

Let me know how it works out!

r042wal 06-05-2003 11:24 PM
You were correct on all counst above. Why have I made this so complicated for myself?

It's not much good if the user can't see the contents of the incoming folder. Many public FTP sites have an upload and download folder and you can't delete from either. You can't create anything in downloads, but you can in uploads.

Is what I want to do out of the ordinary?

I have created sevral users. More specifically, this is what it looks like:

I have vsFTPd running in a chroot jail. The ftp root is /home/ftp. There is also the folders /home/ftp/incoming and /home/ftp/download

I have created a few users and made them members of a group called ftpusers. The home directory for the users is /home/ftp and the login shell is /sbin/nologin

The problem I am running into is with the /incoming directory. I want the users to me able to make directories and upload files, but I don't want them to be able to delete anything. I gave group ownership to ftpusers and changed the permissions to 744.

Any user can delete any file or folder from the upload directory. How can I prevent this? This is a private FTP and all users have accounts created in RH.

TIA


All times are GMT -5. The time now is 11:18 PM.