Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

vsftpd: chrooting user to other directory than home?

Posted on 2005-05-04
5
Medium Priority
?
1,176 Views
Last Modified: 2013-12-15
Does anyone know how to jail a user (NOT virtual) into another directory or subdirectory of home?

Regards,
Laureen
0
Comment
Question by:laureen
5 Comments
 
LVL 10

Expert Comment

by:kiranghag
ID: 13931659
0
 
LVL 4

Expert Comment

by:rajendraone
ID: 13967101
What do you mean? Do you want to keep the user in its chroot jail i.e. in its home directory or another directory that is not its home directory?

If you want to keep the user limited to its home directory only then. Just do add following line in your vsftpd.conf file.

chroot_list_enable=YES

This will place all the local users in the jail of their home directory. Their root directory is their home directory.
You can also place the selected users in the home directory jail and others not. For more details on doing this see the man pages of vsftpd.conf.

Regds,
Rajendra.





0
 
LVL 1

Author Comment

by:laureen
ID: 13967153
i have read the vsftpd.conf man pages very carefully but i didn't find any solution for my problem.
here a short example of what i want to do:

user "jack" has homedir "/home/jack" in /etc/passwd
and i want to jail him to "/home/jack/xxx"

is this possible with vsftpd without patching?

btw: i'm using fedora 3 with vsftpd 2.0.1

regards,
laureen
0
 
LVL 7

Accepted Solution

by:
surya_prabhakar earned 1000 total points
ID: 13980075
Bit tricky but can be done

for eg:
User jack needs to be locked in directory /home/jack/ftp_home

open /etc/vsftpd/vsftpd.conf

and add this line  

passwd_chroot_enable=YES

Once this is done open /etc/passwd
and edit the line

jack:x:501:501::/home/jack:/bin/bash

change it to

jack:x:501:501::/home/jack/ftp_home/./../:/bin/bash

restart vsftpd .

Note: This does not effect any other services. User normally gets his home directory .

passwd_chroot_enable
If enabled, along with chroot_local_user , then a chroot() jail location may be specified on a per-user basis. Each user's jail is derived from their home directory string in /etc/passwd. The occurrence of /./ in the home directory string denotes that the jail is at that particular location in the path.


-surya.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month10 days, 5 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question