Solved

vsftpd: locking users to home directories using chroot_local_user

Posted on 2011-02-20
10
818 Views
Last Modified: 2013-12-16
I'm trying to lock one specific user to their home directory.
I've googled the issue and read all the other posts, (http://www.experts-exchange.com/OS/Linux/Administration/Q_24193390.htm).

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

And I've tried some other combinations.
My /home directory permissions are 2751.

What am I missing?

vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

Open in new window

0
Comment
Question by:indsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940291
did you follow the links

http://www.experts-exchange.com/OS/Linux/Q_23155804.html

and the example config file given?

See also

http://vsftpd.beasts.org/vsftpd_conf.html
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940318
did you try to restart vsftpd ?
0
 

Author Comment

by:indsupport
ID: 34943295
Yes, I've already seen both of those links, and I restarted vsftpd after every config change I made.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 40

Expert Comment

by:omarfarid
ID: 34944168
can you post your config file?
0
 

Author Comment

by:indsupport
ID: 34944462
My config file is posted in the first post on this question.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34944945
Are you sure that below lines are added to the config file? the posted config file doesn't contain them

chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
0
 

Author Comment

by:indsupport
ID: 34945291
In my original post, I stated that I tried different things:

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

The version of my config file above shows the first iteration of these tries (chroot_local_user=YES).

Again, I really appreciate your time with this.  It is really baffling me.
0
 
LVL 2

Expert Comment

by:maxalarie
ID: 35084766
Whats the value of this option in vsftpd.conf: local_enable
0
 

Accepted Solution

by:
indsupport earned 0 total points
ID: 35202254
Still looking
0
 

Author Closing Comment

by:indsupport
ID: 35775534
No answer found
0

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question