HPE Community
Operating System - HP-UX
1847833 Members
5887 Online
104021 Solutions
New Discussion

ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

 
Steve Bonds
Trusted Contributor

‎04-25-2002 03:31 PM

‎04-25-2002 03:31 PM

ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

Strangely, this directive does not seem to apply to ftp logins-- i.e. if the home directory is missing it happily logs the user in to the root directory.

This is probably because ftp is not using login() for some reason. Anyone have any insight?

Is there a good way to keep FTP users out if the home directory goes away? (i.e. because of a ServiceGuard package failover.)

Thanks,

-- Steve
0 Kudos
Reply
4 REPLIES 4
someone_4
Honored Contributor

‎04-25-2002 03:51 PM

‎04-25-2002 03:51 PM

Re: ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

Hi,
Might depend on what kind of ftp you have set. Is this only an ftp user? Or a user that can ftp or anonymous ftp. I attached a doc on how to ristrict ftp to their own home dir. But I dont know what will happend if the home dir gets deleted. But maybe someone has a better way to do it.

- Richard
0 Kudos
Reply
Steve Bonds
Trusted Contributor

‎04-25-2002 04:01 PM

‎04-25-2002 04:01 PM

Re: ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

Thanks for the info!

Unfortunately, what happens when one of these restricted-to-the-home-directory users has their directory deleted, is they can now log in to "/".

Which is why I started exploring this neat new /etc/default/security directive...

-- Steve
0 Kudos
Reply
someone_4
Honored Contributor

‎04-25-2002 04:20 PM

‎04-25-2002 04:20 PM

Re: ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

hi steve,
I just tried it .. I added a user and deleted the home dir. And guess what? When I ftp I am in the home dir. =(
How about that??

- Richard
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎04-26-2002 06:37 AM

‎04-26-2002 06:37 AM

Re: ABORT_LOGIN_ON_MISSING_HOMEDIR and FTP

I just tried this on a AIX system: create a user, delete the home dir, and then tried to ftp as that user from another system. The ftp was refused. I could telnet in as that user, and did get the message that the home dir was missing and that I was logged-in at the root dir. So, I would call the HP support number and report this as a bug.

HTH
mark
the future will be a lot like now, only later
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.