Solved

Ws_Ftp ans Sco Openserver 5.0.4

Posted on 1999-01-20
10
316 Views
Last Modified: 2013-12-23
I am trying to access one of my clients directories through ws_ftp and after I enter the user name and password it says: "User patricia (example) access denied"

I checked in Netscape fastTrack to see that the ftp service is Enables for the System-wide and also for my domain service.

Does anyone know why can't any of my users access their home directory on unix (which is in usr/Username)?
0
Comment
Question by:AnitaP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 

Author Comment

by:AnitaP
ID: 1583258
Ok. It is fixed. Now I can access into the client's home directories. I can even upload files into their directories but the weird thing is that I can not see any files (through ws_ftp right window) after I upload them into the directories.

What am I missing ? Is there a file missing or do I have to change something ? I would appreciate any help. Thank you in advance.
0
 
LVL 4

Accepted Solution

by:
davidmwilliams earned 50 total points
ID: 1583259
 If access was denied, perhaps you didn't have the user's shell listed in /etc/shells, or maybe their name was in /etc/ftpusers
  In any case - if you can't see any files, then the 'r' permission may not be set on the user's directory -- check that the directory is owned by them, and the group is their group, and that the directory has at least mode 700.
0
 

Author Comment

by:AnitaP
ID: 1583260
I checked in:
etc/shells -> and the user's shell are included in there.
etc/ftpusers -> the user name is not in there
the permission of usr/patricia -> rwxr-xr-x (user,group,other)
the owner of the directory usr/patricia -> is patricia
the group ->   group

I did some tests and I found out that :
1. I created a new group AccFTP and changed the login groupe of the user patricia (usr/patricia) from "group" to "AccFTP".
2. when I logged in with patricia's account, I listed all the files that were in / (root) /usr/test1/public_html and the worst part is that I could access all of them ! (when the login group is "group", it enters directly into /usr/patricia but does not show the files)
It seems as if it did not do a chroot and a chdir

I do not know how this works. Can you please help me more?
0
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1583261
 It's probably ok that you can access all the files in the public_html area - so long as you don't mean you could freely edit or delete them.  That is, the Web server runs as a generic non-privileged user, so Web pages need to be globally accessible - that is, be able to be read by anyone - in order to be served.
  When you ftp in as a specific user, the starting directory should be their home directory - there won't be any chroot's -- that's only if you logged in using anonymous ftp.
0
 

Author Comment

by:AnitaP
ID: 1583262
oh ok. I understand.
Why then when I changed the group from "group" (this is the group to which all the users belong to) to "AccFTP" it shows all the files that are in / (root) ? I mean:
/usr, /bin, /etc, ....and all the subdirectories too. I can even go into each and every one of them.

what I want for it to do is when patricia logs in with her account and password it goes directely into /usr/patricia and she will NOT be able to surpass her own directory (i mean she won't be able to see /usr/james)

P.S...I checked the file in etc/ftpaccess and found out that the guestgroup is set to "group" (the group which all the clients belong to)

Please help me fix this problem. Thank you once again in advance.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1583263
 Hmm, ok - so, at the moment when Patricia connects with ftp, she goes to the / directory, and not her login directory?
  What directory does she go to when she uses telnet to connect?  Is her home directory set correctly?  Does using telnet to login give any indication of the problem (e.g. /usr/patricia unreadable) ?
  You should be able to cd into /usr, /bin etc. -- because the permissions on those directories are set for world access.  Do an ls -ld /bin for example, and you will see any user has access to that directory -- otherwise, they couldn't run the programs in there.
  As to moving out of one's home directory -- you'd have to modify the ftp daemon to do that, or perhaps it is possible to find a restricted ftpd - just like the rsh doesn't let you use cd.  However, the orthodox expectation of ftp is that you can move about the file system just like you can when connected using telnet or rlogin.
0
 

Author Comment

by:AnitaP
ID: 1583264
Please see my other question. I will explain everything there. No sense going back and forth...I will gladly give you the points for this one eventually...thank you.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1583265
I'll move this discussion to the other thread :)
0
 

Author Comment

by:AnitaP
ID: 1583266
Please try to help me a bit more. I need your help. Thank you.
0
 
LVL 4

Expert Comment

by:davidmwilliams
ID: 1583267
I don't suppose it's possible to log into your Unix system and 'take a look' myself?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Application timeout 4 41
check the file dates in unix 14 24
Problems with VPN 4 22
Router speed limit 7 61
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question