[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

vsftpd - Virtual users and directory access

Posted on 2010-08-12
5
Medium Priority
?
726 Views
Last Modified: 2013-11-29
i have set up vsftpd with TLS/SSL access and virtual users from this site: http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html

Everything works great setting my local_root=/var/www/html , no problems logging in access directories, but i do not wish for everyone to be able to access all sub directories in that root directory.

I have also read over the guide on this site: http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/

How ever  i can  not seem to get it to work how i want.

Details:

I have users:

A
B
C

I have directories in my

/var/www/html/

------------------------www
------------------------reporting
------------------------admin

I want user A to have access to www
I want user B to have access to reporting
I want user C to have access to admin

each of those directories should be the root for each user, eventually user A will also get access to the /reporting/ folder, but not for currently.

The guide above only seem to show how to give each user their own user account directory to which you then need to mkdir for each user somewhere which i don't want to do, and don't think i need to do for what i want?

Can anyone help me with this and setting the directory access for each user, since they are not local users under CentOS i dont think i can use the symlinks method...not that i know how either though.
Here is my vsftpd.conf file


anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=NO
log_ftp_protocol=YES
connect_from_port_20=YES
xferlog_std_format=YES
banner_file=/etc/vsftpd/issue
listen=YES
pam_service_name=vsftpd.virtual
guest_enable=YES
userlist_enable=YES
tcp_wrappers=YES
user_sub_token=$USER
local_root=/var/www/html
chroot_local_user=YES
hide_ids=YES
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem
pasv_address=*.*.*.*
pasv_enable=Yes
pasv_max_port=*****
pasv_min_port=*****

Open in new window

0
Comment
Question by:Mathiau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
jhp333 earned 2000 total points
ID: 33425265
First, add the following line to the /etc/vsftpd.conf file
 user_config_dir=/var/www/users

Create a user config file for each user, /var/www/users/user_name with the single line
local_root=/var/www/html/user_dir

For your example,

file /var/www/users/A has:
local_root=/var/www/html/www

file /var/www/users/B has:
local_root=/var/www/html/reporting

file /var/www/users/C has:
local_root=/var/www/html/admin
0
 
LVL 2

Author Comment

by:Mathiau
ID: 33425274
So it is using the user_config_dir, i had read some on that but wasnt sure if it was exactly what i had needed.

Will try this out, much appreciated!
0
 
LVL 2

Author Comment

by:Mathiau
ID: 33425309
You my friend are awesome, i wonder why all the sites with guides don't provide such simple information like that.

One more question..

If i want someone to have access to more then 2 directories?
0
 
LVL 7

Assisted Solution

by:jhp333
jhp333 earned 2000 total points
ID: 33425533
I guess you can try it with symbolic links:

mkdir /var/www/html/forD
cd /var/www/html/forD
ln -s ../www
ln -s ../reporting
echo "local_root=/var/www/html/forD" > /var/www/users/D

Now user D has access to both www and reporting, I hope.
0
 
LVL 2

Author Comment

by:Mathiau
ID: 33425572
Will give it a shot, your 1 for 1 so far :D
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month13 days, 18 hours left to enroll

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question