1748021 Members
5071 Online
108757 Solutions
New Discussion юеВ

Re: Read-Only FTP Access

 
Kevin Lai KF
Occasional Contributor

Read-Only FTP Access

I had been struggling to configure the ftpaccess file to allow a captive non-shell ftp account access to partial subdirectories in directory. We are on HPUX 11.23 (IA64).

The user account to have only read-only recursive access and denied access to other directories.

Can someone had a template which I could use?

Thanks in advance.
Sharing is Caring...
4 REPLIES 4
Steven E. Protter
Exalted Contributor

Re: Read-Only FTP Access

Shalom,

What is happening right now? Are your users being denied access or given too much access.

How are files placed on the ftp server? You may need to adjust the umask of the users placing files.

http://docs.hp.com/en/5971-2286/5971-2286.pdf

That is a read me on the server.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Steven Schweda
Honored Contributor

Re: Read-Only FTP Access

> [...] access to partial subdirectories
> [...]

What are "partial subdirectories"?

> The user account to have only read-only
> recursive access and denied access to other
> directories.

Does "recursive access [...]" mean only
directories under the user's home directory?
If so, then a "guest" ("chroot") account
should do the job. "man ftpd" explains how
to arrange a "guest" account.
Kevin Lai KF
Occasional Contributor

Re: Read-Only FTP Access

I created this ftp account had its home directory pointed to a data directory, which contain source codes, logs, and raw data files and reports.

passwd:
guestftp:*:600:90:Guest FTP Account,IT Dept,,:/data/./:/usr/bin/nologin

ftpaccess:
class guest1 guest* 10.21.*
guestgroup ftponly
autogroup csms guest1
upload class=guest1 /data/interface /interface yes guestftp csms 0440 nodirs
upload class=guest1 /data/src /src yes guestftp csms 0440 nodirs
csms 0440 nodirs

These directory is owned by group "csms".
But currently I was denied access when I login. I can't figure out how to get "autogroup" to work.



When I login:
230 User guestftp logged in. Access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.

I did not see any directory listing.





Sharing is Caring...
Steven Schweda
Honored Contributor

Re: Read-Only FTP Access

> I did not see any directory listing.

For a recent similar complaint, see:

http://forums.itrc.hp.com/service/forums/questionanswer.do?threadId=1367463

Skip down to near the end. (Look for
"guest".)

Or, "man ftpd", look for "guest", and follow
the instructions carefully.