Solved

ftp access

Posted on 1999-01-27
10
197 Views
Last Modified: 2010-03-18
I'm running Linux RedHat 5.2.
I'm trying to setup ftp access.
Actually, i've disable guest & anonymous access. I just
want to allow known users to log on.
This part works fine. But now, i want to restrict each user access to his own directory. I mean i don't want to allow a user to do "cd /etc" or something similar. I just want to allow him to put or get files from his own directory.

Any idea would be welcome.
Thanks, Jacoby.
0
Comment
Question by:jacoby
10 Comments
 
LVL 4

Expert Comment

by:mcdonc
ID: 1588243
Make sure you have lots of disk space.

Make your "new" root directory:
mkdir /export/ftp
cd /
cp -Rf usr /export/ftp/usr
cp -Rf bin /export/ftp/bin
cp -Rf sbin /export/ftp/sbin
cp -Rf lib /export/ftp/lib
cp -Rf etc /exports/ftp/etc
mkdir /exports/ftp/tmp
chmod 777 /exports/ftp/tmp

Delete all the unecessary files from /exports/ftp (use "chroot /etc/exports/ftp /bin/sh" to find out if you can delete stuff.  read the chroot manpage.  Add users while you're chrooted.)

Make all the home directories you want in /exports/ftp/home, and chmod them properly so users don't have access to each other's home directories.


In inetd.conf:
tp     stream  tcp     nowait  root    /usr/sbin/tcpd  in.new.ftpd

Create "in.new.ftpd" in /usr/sbin, chmod it to 755:
#!/bin/sh
#in.new.ftpd
env - chroot /export/ftp /usr/sbin/in.ftpd -a -l -i -o

Is that more than you were bargaining for?

It would be for me.


0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1588244
change the login directory in /etc/passwd as follows:

/usr/home/user   --->   /usr/home/./user

Then create  /usr/home/{bin,lib}/ and copy all you want to have for your users.
0
 
LVL 1

Author Comment

by:jacoby
ID: 1588245
mcdonc, thanks for your help, but your solution need more disk space than i can have.

ahoffmann, i tried what you said but i still can go out of my home directory. (humm by "create  /usr/home/{bin,lib}/ ", I assume you mean : create bin and lib directories in /usr/home/ and put in bin and lib what i need?  This is what i did, but i still have the same prob.

Thanks, Jacoby.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 1588246
my solutions is based on wu-ftp, hmm I thought linux uses this one.
Could you please check?
You also may check /etc/ftp{groups,users}

Anyway, I slightly remember that this question still was answerd at E-E ...
0
 

Expert Comment

by:Toliann
ID: 1588247
1.Make "new" /bin and /lib directories, for example:
mkdir /usr/home/ftpbin
mkdir /usr/home/ftplib
2. Copy all necessary files there. You can find them in /usr/home/ftp/{bin,lib}. Or copy them from /bin and /lib. They are
a) compress,  cpio,  gzip, ls,  sh,   tar,  zcat
and b)
ld-2.0.7.so            libc.so.6              libnss_files-2.0.7.so
ld-linux.so.2          libnsl-2.0.7.so        libnss_files.so.1
libc-2.0.7.so          libnsl.so.1

respectively.

3. For each user replace their HOME string in /etc/passwd :
/usr/home/USER   --->   /usr/home/./USER

4. Create a hard link for each user in his home directory :
ln /usr/home/ftpbin /usr/home/USER/bin
ln /usr/home/ftplib /usr/home/USER/lib

Regards.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1588248
still have this as comments, Toliann :-(
0
 
LVL 1

Author Comment

by:jacoby
ID: 1588249
Ahoffmann, in fact now it work but with guest users. I didn't really knwo what was Guest user, but it was exactly what i needed. But I think your answer is also good, so please reply with an answer and i'll grade it.
Thanks,  Jacoby
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 50 total points
ID: 1588250
change the login directory in /etc/passwd as follows:

     /usr/home/user   --->   /usr/home/./user
0
 
LVL 1

Author Comment

by:jacoby
ID: 1588251
Sorry, about the delay.
Thanks for your help !!

Regards, Jacoby.
0
 
LVL 1

Author Comment

by:jacoby
ID: 2268851
found a good tutorial for wu-ftpd with guest account.


http://www.landfield.com/wu-ftpd/guest-howto.html
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question