• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 481
  • Last Modified:

wu-ftpd access control

How do u set wu-ftpd to limit access to a certain directory only for all users and do not allow them to see and download files from /etc

I managed to set it to work for ftp and anonymous user but does not seem to work for other user... I can still cd to /etc to download whatever files I want

cheers
0
bluepet
Asked:
bluepet
  • 8
  • 3
  • 2
  • +2
1 Solution
 
jlevieCommented:
Take a look at ftp://ftp.fni.com/pub/wu-ftpd/guest-howto. I think you'll find that you can use the information in that document to restrict users to specific directories. There is also quite a bit of other useful information about wu-ftp in the FAQ at http://www.wu-ftpd.org.
0
 
bluepetAuthor Commented:
Adjusted points from 200 to 400
0
 
bluepetAuthor Commented:
I manage to do it.

unfortunately when I try to upload files I get this error

553 Could not determine pwdir: No such files or directory

anyone knows why that is so?

What did I do wrong?

thanks



0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
bluepetAuthor Commented:
I manage to do it.

unfortunately when I try to upload files I get this error

553 Could not determine pwdir: No such files or directory

anyone knows why that is so?

What did I do wrong?

thanks



0
 
bluepetAuthor Commented:
When I ftp and cd ~

it try to go to the directory of the user set as /home/usr/username

but since I put /etc/passwd
the home as
 /home/usr/username/./

/home/usr/username does not exist anymore when I log on in ftp

anyone know the way around this? or where did I go wrong?

0
 
jlevieCommented:
Is this "/home/usr/username/./" what's in /etc/passwd, or is this "/home/usr/username" (I'm assuming that "username" is actually some user's login name)?
0
 
jlevieCommented:
Is this "/home/usr/username/./" what's in /etc/passwd, or is this "/home/usr/username" (I'm assuming that "username" is actually some user's login name)?
0
 
bluepetAuthor Commented:
jlevie

it is in /etc/passwd

yes the username is the user loginame

I manage to do it already to get rid of the error message by adding

the directory structure to the user home dir

ie
/home/usr/username/home/usr/username

where username at the end is a symbolic link to /

so when the user connect using ftp and cd ~ it will go back to / which in this case the user's own home dir...

thanks anyway jvelie

0
 
bluepetAuthor Commented:
the /usr/home/username/./ is to chroot the user / as his own home dir

0
 
ishCommented:
This generally means the user cannot find their home directory. Check the
permissions on the directories and the system and local etc/passwd and
etc/group files

Is this a VIRTUAL server (WUFTP can do that) in which case it may be using an /etc/passwd that is in a seperate file system, or is the server it'self?  In which case it is using the ACTUAL /etc/passwd?

in the /etc/ftpaccess file have you given them access?

# specify the upload directory information                              
upload  /opt/ftp  *                 no      root staff  0600 nodirs
upload  /opt/ftp  /incoming         yes     root staff  0600 nodirs

??? It is definately a permissions issue, but there MANY places where it can be controlled.
0
 
eleen0912Commented:
What version are you using? Perhaps it's a bug.

Looks like there is some common set of features people would like
to have in FTP servers.

There is another feature, however. All users data is placed to
database (ex. MySQL ), though passwords from /etc/passwd
are valid as well.

And there also is a way to restrict user's access to his
home directory, merely blocking commands concerned files outside it.
0
 
gabsiCommented:
Using
upload  /opt/wu_ftpd/home  *             no   upload  /opt/wu_ftpd/home       /incoming     yes     root    daemon  0600 nodirs        
permit tu anonymous users to access to all the ftp home directory, but they are able to write files to the incoming directory only.
The "root dameon 0600" protection is there to avoid insecure exchanges between users.
This rules are applied to all users belonging to the "gestgroup" called as you want. ftpguest here.
guestgroup ftpguest
0
 
gabsiCommented:
sorry, I forgot a <CR>
upload  /opt/wu_ftpd/home  *             no  
upload  /opt/wu_ftpd/home       /incoming     yes     root    daemon  0600 nodirs        

upload  /opt/wu_ftpd/home       /upload    yes     root    daemon  0600   dirs
The third rule permit user to create subdirs in upload directory.
Also, a user belong to ftpguest group cant access to any other resources of the system, you have to manage an bin and an etc directory in his home directory.
The bin directory must contain at least a nol dynamically compiled version of "ls".
0
 
bluepetAuthor Commented:
I found out the problem already. The reason I can't get it  to work for other users and only anonymous ftp user is because I didn't put all the users in the guestgroup group

i.e set it in /etc/ftpaccess

guestgroup myftpgroup

anyway thanks for answering I guess I will give the points to ilevie as that is where I get the info from.

0
 
bluepetAuthor Commented:
It would be nice if the person would actually provide proper answer instead of providing a link that I already know of... but since my problem is solve.. I guess the points does not matter much...

cheers anyway

thanks for answering
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now