[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

vsftpd..user can descend..

Posted on 2003-11-05
5
Medium Priority
?
331 Views
Last Modified: 2013-12-16
I have a RedHat Linux 8 box running vsftpd. I'm experiencing an issue where users login and can descend out of their home directories. I've tried various different ways of creating the user.. different groups, uids, etc.. Any ideas?

Regards,
Bill
0
Comment
Question by:nturnet
  • 3
  • 2
5 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 9689094
By "descend out of their home directories." are you talking about a "joe-user accessing /home/joe-user/sub-dir or a joe-user accessing /home/other-user? you can't keep a user from accessing subdirectories of their FTP "home dir" but you can chroot them into their home dir and prevent them from seeing anything else on the system.
0
 

Author Comment

by:nturnet
ID: 9689237
That is exactly what I want to accomplish.

Mmm.. perhaps I'm doing something wrong here.. The only thing I'm getting is:
chroot: cannot execute /bin/bash: No such file or directory

when I try to excute the chroot command?!?!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9689463
Are you using "chroot_local_user=YES" in your vsftp config?
0
 

Author Comment

by:nturnet
ID: 9689517
Well, I am now and everything is working perfect.

Now I need to discover a way when adding a user explictly for FTP that it automatically writes that username to the vsftpd.chroot_list..

Thanks again!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9690011
The only way I know of to do that is to either use a wrapper around useradd/userdel or to set up a cron job that picks users out of /etc/passwd and adds them to the file.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Often times it's very very easy to extend a volume on a Linux instance in AWS, but impossible to shrink it. I wanted to contribute to the experts-exchange community a way of providing a procedure that works on an AWS instance. It can also be used on…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month19 days, 3 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question