ftp access

Posted on 1999-01-27
Last Modified: 2010-03-18
I'm running Linux RedHat 5.2.
I'm trying to setup ftp access.
Actually, i've disable guest & anonymous access. I just
want to allow known users to log on.
This part works fine. But now, i want to restrict each user access to his own directory. I mean i don't want to allow a user to do "cd /etc" or something similar. I just want to allow him to put or get files from his own directory.

Any idea would be welcome.
Thanks, Jacoby.
Question by:jacoby

Expert Comment

ID: 1588243
Make sure you have lots of disk space.

Make your "new" root directory:
mkdir /export/ftp
cd /
cp -Rf usr /export/ftp/usr
cp -Rf bin /export/ftp/bin
cp -Rf sbin /export/ftp/sbin
cp -Rf lib /export/ftp/lib
cp -Rf etc /exports/ftp/etc
mkdir /exports/ftp/tmp
chmod 777 /exports/ftp/tmp

Delete all the unecessary files from /exports/ftp (use "chroot /etc/exports/ftp /bin/sh" to find out if you can delete stuff.  read the chroot manpage.  Add users while you're chrooted.)

Make all the home directories you want in /exports/ftp/home, and chmod them properly so users don't have access to each other's home directories.

In inetd.conf:
tp     stream  tcp     nowait  root    /usr/sbin/tcpd

Create "" in /usr/sbin, chmod it to 755:
env - chroot /export/ftp /usr/sbin/in.ftpd -a -l -i -o

Is that more than you were bargaining for?

It would be for me.

LVL 51

Expert Comment

ID: 1588244
change the login directory in /etc/passwd as follows:

/usr/home/user   --->   /usr/home/./user

Then create  /usr/home/{bin,lib}/ and copy all you want to have for your users.

Author Comment

ID: 1588245
mcdonc, thanks for your help, but your solution need more disk space than i can have.

ahoffmann, i tried what you said but i still can go out of my home directory. (humm by "create  /usr/home/{bin,lib}/ ", I assume you mean : create bin and lib directories in /usr/home/ and put in bin and lib what i need?  This is what i did, but i still have the same prob.

Thanks, Jacoby.
LVL 51

Expert Comment

ID: 1588246
my solutions is based on wu-ftp, hmm I thought linux uses this one.
Could you please check?
You also may check /etc/ftp{groups,users}

Anyway, I slightly remember that this question still was answerd at E-E ...

Expert Comment

ID: 1588247
1.Make "new" /bin and /lib directories, for example:
mkdir /usr/home/ftpbin
mkdir /usr/home/ftplib
2. Copy all necessary files there. You can find them in /usr/home/ftp/{bin,lib}. Or copy them from /bin and /lib. They are
a) compress,  cpio,  gzip, ls,  sh,   tar,  zcat
and b)      


3. For each user replace their HOME string in /etc/passwd :
/usr/home/USER   --->   /usr/home/./USER

4. Create a hard link for each user in his home directory :
ln /usr/home/ftpbin /usr/home/USER/bin
ln /usr/home/ftplib /usr/home/USER/lib

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

LVL 51

Expert Comment

ID: 1588248
still have this as comments, Toliann :-(

Author Comment

ID: 1588249
Ahoffmann, in fact now it work but with guest users. I didn't really knwo what was Guest user, but it was exactly what i needed. But I think your answer is also good, so please reply with an answer and i'll grade it.
Thanks,  Jacoby
LVL 51

Accepted Solution

ahoffmann earned 50 total points
ID: 1588250
change the login directory in /etc/passwd as follows:

     /usr/home/user   --->   /usr/home/./user

Author Comment

ID: 1588251
Sorry, about the delay.
Thanks for your help !!

Regards, Jacoby.

Author Comment

ID: 2268851
found a good tutorial for wu-ftpd with guest account.

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Layer 7 Transparent cookie checker 22 60
Cant reach dockers repository (pull command) 11 85
Cron jobs 12 118
Doing a DR (Disaster Recovery) Test on Red Hat Linux Servers. 2 98
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now