Solved

vsftpd: locking users to home directories using chroot_local_user

Posted on 2011-02-20
10
824 Views
Last Modified: 2013-12-16
I'm trying to lock one specific user to their home directory.
I've googled the issue and read all the other posts, (http://www.experts-exchange.com/OS/Linux/Administration/Q_24193390.htm).

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

And I've tried some other combinations.
My /home directory permissions are 2751.

What am I missing?

vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

Open in new window

0
Comment
Question by:indsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940291
did you follow the links

http://www.experts-exchange.com/OS/Linux/Q_23155804.html

and the example config file given?

See also

http://vsftpd.beasts.org/vsftpd_conf.html
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940318
did you try to restart vsftpd ?
0
 

Author Comment

by:indsupport
ID: 34943295
Yes, I've already seen both of those links, and I restarted vsftpd after every config change I made.
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 40

Expert Comment

by:omarfarid
ID: 34944168
can you post your config file?
0
 

Author Comment

by:indsupport
ID: 34944462
My config file is posted in the first post on this question.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34944945
Are you sure that below lines are added to the config file? the posted config file doesn't contain them

chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
0
 

Author Comment

by:indsupport
ID: 34945291
In my original post, I stated that I tried different things:

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

The version of my config file above shows the first iteration of these tries (chroot_local_user=YES).

Again, I really appreciate your time with this.  It is really baffling me.
0
 
LVL 2

Expert Comment

by:maxalarie
ID: 35084766
Whats the value of this option in vsftpd.conf: local_enable
0
 

Accepted Solution

by:
indsupport earned 0 total points
ID: 35202254
Still looking
0
 

Author Closing Comment

by:indsupport
ID: 35775534
No answer found
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question