Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

vsftpd: locking users to home directories using chroot_local_user

Posted on 2011-02-20
10
Medium Priority
?
833 Views
Last Modified: 2013-12-16
I'm trying to lock one specific user to their home directory.
I've googled the issue and read all the other posts, (http://www.experts-exchange.com/OS/Linux/Administration/Q_24193390.htm).

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

And I've tried some other combinations.
My /home directory permissions are 2751.

What am I missing?

vsftpd.conf:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

Open in new window

0
Comment
Question by:indsupport
  • 5
  • 4
10 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940291
did you follow the links

http://www.experts-exchange.com/OS/Linux/Q_23155804.html

and the example config file given?

See also

http://vsftpd.beasts.org/vsftpd_conf.html
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34940318
did you try to restart vsftpd ?
0
 

Author Comment

by:indsupport
ID: 34943295
Yes, I've already seen both of those links, and I restarted vsftpd after every config change I made.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 40

Expert Comment

by:omarfarid
ID: 34944168
can you post your config file?
0
 

Author Comment

by:indsupport
ID: 34944462
My config file is posted in the first post on this question.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 34944945
Are you sure that below lines are added to the config file? the posted config file doesn't contain them

chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
0
 

Author Comment

by:indsupport
ID: 34945291
In my original post, I stated that I tried different things:

I've tried:
chroot_local_user=YES
# chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

I've tried:
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
(with chroot_list having the name of the user I want to restrict)

The version of my config file above shows the first iteration of these tries (chroot_local_user=YES).

Again, I really appreciate your time with this.  It is really baffling me.
0
 
LVL 2

Expert Comment

by:maxalarie
ID: 35084766
Whats the value of this option in vsftpd.conf: local_enable
0
 

Accepted Solution

by:
indsupport earned 0 total points
ID: 35202254
Still looking
0
 

Author Closing Comment

by:indsupport
ID: 35775534
No answer found
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses
Course of the Month11 days, 8 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question