ftp access

Posted on 1999-01-27
Last Modified: 2010-03-18
I'm running Linux RedHat 5.2.
I'm trying to setup ftp access.
Actually, i've disable guest & anonymous access. I just
want to allow known users to log on.
This part works fine. But now, i want to restrict each user access to his own directory. I mean i don't want to allow a user to do "cd /etc" or something similar. I just want to allow him to put or get files from his own directory.

Any idea would be welcome.
Thanks, Jacoby.
Question by:jacoby
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 1588243
Make sure you have lots of disk space.

Make your "new" root directory:
mkdir /export/ftp
cd /
cp -Rf usr /export/ftp/usr
cp -Rf bin /export/ftp/bin
cp -Rf sbin /export/ftp/sbin
cp -Rf lib /export/ftp/lib
cp -Rf etc /exports/ftp/etc
mkdir /exports/ftp/tmp
chmod 777 /exports/ftp/tmp

Delete all the unecessary files from /exports/ftp (use "chroot /etc/exports/ftp /bin/sh" to find out if you can delete stuff.  read the chroot manpage.  Add users while you're chrooted.)

Make all the home directories you want in /exports/ftp/home, and chmod them properly so users don't have access to each other's home directories.

In inetd.conf:
tp     stream  tcp     nowait  root    /usr/sbin/tcpd

Create "" in /usr/sbin, chmod it to 755:
env - chroot /export/ftp /usr/sbin/in.ftpd -a -l -i -o

Is that more than you were bargaining for?

It would be for me.

LVL 51

Expert Comment

ID: 1588244
change the login directory in /etc/passwd as follows:

/usr/home/user   --->   /usr/home/./user

Then create  /usr/home/{bin,lib}/ and copy all you want to have for your users.

Author Comment

ID: 1588245
mcdonc, thanks for your help, but your solution need more disk space than i can have.

ahoffmann, i tried what you said but i still can go out of my home directory. (humm by "create  /usr/home/{bin,lib}/ ", I assume you mean : create bin and lib directories in /usr/home/ and put in bin and lib what i need?  This is what i did, but i still have the same prob.

Thanks, Jacoby.
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

LVL 51

Expert Comment

ID: 1588246
my solutions is based on wu-ftp, hmm I thought linux uses this one.
Could you please check?
You also may check /etc/ftp{groups,users}

Anyway, I slightly remember that this question still was answerd at E-E ...

Expert Comment

ID: 1588247
1.Make "new" /bin and /lib directories, for example:
mkdir /usr/home/ftpbin
mkdir /usr/home/ftplib
2. Copy all necessary files there. You can find them in /usr/home/ftp/{bin,lib}. Or copy them from /bin and /lib. They are
a) compress,  cpio,  gzip, ls,  sh,   tar,  zcat
and b)      


3. For each user replace their HOME string in /etc/passwd :
/usr/home/USER   --->   /usr/home/./USER

4. Create a hard link for each user in his home directory :
ln /usr/home/ftpbin /usr/home/USER/bin
ln /usr/home/ftplib /usr/home/USER/lib

LVL 51

Expert Comment

ID: 1588248
still have this as comments, Toliann :-(

Author Comment

ID: 1588249
Ahoffmann, in fact now it work but with guest users. I didn't really knwo what was Guest user, but it was exactly what i needed. But I think your answer is also good, so please reply with an answer and i'll grade it.
Thanks,  Jacoby
LVL 51

Accepted Solution

ahoffmann earned 50 total points
ID: 1588250
change the login directory in /etc/passwd as follows:

     /usr/home/user   --->   /usr/home/./user

Author Comment

ID: 1588251
Sorry, about the delay.
Thanks for your help !!

Regards, Jacoby.

Author Comment

ID: 2268851
found a good tutorial for wu-ftpd with guest account.

Featured Post

Create CentOS 7 Newton Packstack Running Keystone

A bug was filed against RDO for the installation of Keystone v3. This guide is designed to walk you through the configuration for using Keystone v3 with Packstack. You will accomplish this using various repos and the Answers file.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question