[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 730
  • Last Modified:

vsftpd - Virtual users and directory access

i have set up vsftpd with TLS/SSL access and virtual users from this site: http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html

Everything works great setting my local_root=/var/www/html , no problems logging in access directories, but i do not wish for everyone to be able to access all sub directories in that root directory.

I have also read over the guide on this site: http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/

How ever  i can  not seem to get it to work how i want.

Details:

I have users:

A
B
C

I have directories in my

/var/www/html/

------------------------www
------------------------reporting
------------------------admin

I want user A to have access to www
I want user B to have access to reporting
I want user C to have access to admin

each of those directories should be the root for each user, eventually user A will also get access to the /reporting/ folder, but not for currently.

The guide above only seem to show how to give each user their own user account directory to which you then need to mkdir for each user somewhere which i don't want to do, and don't think i need to do for what i want?

Can anyone help me with this and setting the directory access for each user, since they are not local users under CentOS i dont think i can use the symlinks method...not that i know how either though.
Here is my vsftpd.conf file


anonymous_enable=NO
local_enable=YES
virtual_use_local_privs=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=NO
log_ftp_protocol=YES
connect_from_port_20=YES
xferlog_std_format=YES
banner_file=/etc/vsftpd/issue
listen=YES
pam_service_name=vsftpd.virtual
guest_enable=YES
userlist_enable=YES
tcp_wrappers=YES
user_sub_token=$USER
local_root=/var/www/html
chroot_local_user=YES
hide_ids=YES
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem
pasv_address=*.*.*.*
pasv_enable=Yes
pasv_max_port=*****
pasv_min_port=*****

Open in new window

0
Mathiau
Asked:
Mathiau
  • 3
  • 2
2 Solutions
 
jhp333Commented:
First, add the following line to the /etc/vsftpd.conf file
 user_config_dir=/var/www/users

Create a user config file for each user, /var/www/users/user_name with the single line
local_root=/var/www/html/user_dir

For your example,

file /var/www/users/A has:
local_root=/var/www/html/www

file /var/www/users/B has:
local_root=/var/www/html/reporting

file /var/www/users/C has:
local_root=/var/www/html/admin
0
 
MathiauAuthor Commented:
So it is using the user_config_dir, i had read some on that but wasnt sure if it was exactly what i had needed.

Will try this out, much appreciated!
0
 
MathiauAuthor Commented:
You my friend are awesome, i wonder why all the sites with guides don't provide such simple information like that.

One more question..

If i want someone to have access to more then 2 directories?
0
 
jhp333Commented:
I guess you can try it with symbolic links:

mkdir /var/www/html/forD
cd /var/www/html/forD
ln -s ../www
ln -s ../reporting
echo "local_root=/var/www/html/forD" > /var/www/users/D

Now user D has access to both www and reporting, I hope.
0
 
MathiauAuthor Commented:
Will give it a shot, your 1 for 1 so far :D
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now