[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-sun
Subject:    Re: Restricting FTP home directory (chroot?)
From:       "Moran, Tony" <tony () AYAHUASCA ! NET>
Date:       2000-07-07 18:41:27
[Download RAW message or body]

You said:

> .............................. After logging in, they were apparently
> chrooted to their home directory, because it looked like "/" to them (like
> anonymous ftp). The site I've set up has the "default" behavior, i.e. their
> home directory looks like
> "/export/home/ftp/...blah...blah.../their_directory", instead of "/".
>
> ..... so here I am asking: what do I need to do, so that our user's
> FTP sessions are contained to their home directory?


I dont follow too well.  If you simply set up normal user accounts on
the machine, ensure they can login in normally, then ensure that ftpd can
be run from inetd, there shouldnt be any problems.

Perhaps it permissions.  Try doing a 'su -' to one of those users and
doing a pwd.  Then try a 'cd' on its own, then maybe an ls to ensure
that that user can access his homedir under normal circumstances.
If there is a permissions problem then cd to /, ls, cd to next directory
leading to the homedir, ls, cd to next dir etc.

Sometimes creating or playing around with the /etc/shells file can upset
things too.  Not sure if this is very security related either..

Tony.






=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
     "He who will not reason is a bigot; he who cannot is a fool;
      and he who dares not is a slave."    - Sir William Drummond

We don't inherit the Earth from our ancestors, we borrow it from our kids
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

[prev in list] [next in list] [prev in thread] [next in thread]