Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-06-2006, 01:45 PM
|
#1
|
Member
Registered: Jan 2004
Distribution: Slackware, Ubuntu
Posts: 97
Rep:
|
ProFTPd restrict all users to /fs ?
Been hacking at ProFTPd on my Slack 10.2 box for a while now and I'm horribly confused (as many of us are apparently). I'm trying to set it up to restrict all users to have Read Only access to /fs/ (I can still get to all the rest of my files using SFTP over SSH).
I've got ProFTPd up and running but I'm lost trying to figure out the config file. No matter what I do it seems to either give me all access to all the files, or no access to anything! Any help would be greatly appreciated.
thanks in advance,
dbc
|
|
|
07-06-2006, 03:09 PM
|
#2
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
If I'm not mistaken, I think you just need to set the DefaultRoot ~ line to DefaultRoot /fs. Make sure the directory permissions are set for users to read only. At least this works with a standard ftp server.
I'm not sure how the ssh connection works with sftp or if it circumvents the standard ftp settings since you've already logged on via ssh...
|
|
|
07-27-2006, 04:07 PM
|
#3
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
Issue on RHEL3
I have the issue if that command just not working either. The DefaultRoot being set anywhere I wish doesn't work. Users always default to their home directory and are able to see the entire file structure.
|
|
|
07-27-2006, 04:20 PM
|
#4
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
Can you post your config file?
|
|
|
07-28-2006, 08:12 AM
|
#5
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
Here is all I have:
Quote:
ServerType standalone
ServerName "FTP Site"
Port 2121
DefaultServer on
DefaultRoot /var/www/html
User ftp-run
Group ftp-run
Umask 022
AllowOverwrite on
|
|
|
|
07-28-2006, 12:11 PM
|
#6
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
What ftp server are you using? That doens't look like a ProFTP config file to me (which is what was started in this thread).
|
|
|
07-28-2006, 01:45 PM
|
#7
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
It is ProFTP according to the documentation, I have removed all of the comments and included just what remains. I have uncommented the user and group lines and created my own. The "DefaultRoot" normally is started as ~, whch is not what I want. I changed the default port to ftp into and the server name. When I ftp to my server, here is the version info:
ProFTPD 1.3.0rc5 Server (ProFTPD Default Installation)
I absolutely do not want anonymous access. Authenticated linux users only.
I have even tried modifying/creating my configuration using webmin, but am still seeing the same results. According to the documentation, the DefaultRoot line should set the root directoty. There originally was an additional line there which started with "Ch" like ChDefault or something which had no effect either.
|
|
|
07-28-2006, 01:49 PM
|
#8
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
Do your users have read/write access to /var/www/html? Also is the "x" bit enabled for the directory?
|
|
|
07-28-2006, 02:56 PM
|
#9
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
Owner is root, group is a set of my ftp users and the rights are set as 775
|
|
|
07-28-2006, 03:14 PM
|
#10
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
Just out of curiosity, do you have to restart proftpd for the changes to take effect?
|
|
|
07-28-2006, 04:03 PM
|
#11
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
It isn't a service and according to the documentation it is an "on the fly" type of change. In fact, when I make changes within webmin that are in error (not a recognized function or format) and apply the changes to the server (which restarts it) it will report failures. The only thing I have not done is reboot the entire system, which I prefer not to do as it serves a number of other functions. Rebooting the entire box for a config modification is certainly not desirable.
|
|
|
07-28-2006, 04:11 PM
|
#12
|
LQ Guru
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094
|
Nor should you need to reboot the computer. I just didn't remember if you had the option of starting the proftpd as a service not controled by inetd. It sounds like yours is being controlled by inetd so each connection uses the new config automagically.
I'm really sort of stumped as to what is going on here. Granted I'm no expert, but I've never had a problem just chaning the DefaultRoot line... Hmm. The only difference I see between our config files is that my Umask line has 022 022 (the second one is for directories). But I'm not sure why that would matter... Oh, and the port change of course...
|
|
|
07-28-2006, 04:49 PM
|
#13
|
Member
Registered: Jan 2006
Distribution: RHEL3
Posts: 97
Rep:
|
Got it. Though it doesn't run as a service, it was running as a process and wasn't being reset. I brought up a process list and killed it. Then I simply ran proftpd to restart it and it worked. Thanks for the help, though. You got me thinking that it simply wasn't restarting as expected.
Here is how I ended up modifying my config file before killing the process. not sure if it made any real difference.
Quote:
ServerType standalone
ServerName "FTP Site"
Port 2121
DefaultServer on
<Global>
DefaultRoot /var/www/html ftp-users
DefaultChdir /var/www/html ftp-users
User ftp-run
Group ftp-run
Umask 022
AllowOverwrite on
</Global>
|
Last edited by Skip-DMP; 07-28-2006 at 04:50 PM.
|
|
|
All times are GMT -5. The time now is 04:22 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|