Operating System - HP-UX
1833752 Members
2692 Online
110063 Solutions
New Discussion

directories under /home/ftp

 
mooi-kuan
Advisor

directories under /home/ftp

I found that a symbolic linked directory under the ftp root directory (/home/ftp) can not be browsed from the internet browser. So I use a stupid way to solve it, ie export my local directory (let's say /tmp) using NFS and then mounted it back to ftp root ( become /home/ftp/tmp) on the same system. I believed there must be some better ways for this ? Any suggestions ? Thank you.

mk
12 REPLIES 12
rajsri
Frequent Advisor

Re: directories under /home/ftp

If you are using tftp or anonymous ftp , check the permissions on the directory which is linked from /home/ftp , it should be at least rx-rx-rx to view . , not the link file permission , its the original directory permissions.
mooi-kuan
Advisor

Re: directories under /home/ftp

Hi Rajsri, permission for the original directory is correct. I aware of this. The problem is that the symbolic linked was not treated as a directory that we can cd into it while we are in the ftp session, here it is:

ftp> pwd
257 "/" is current directory.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
total 14
dr-xr-xr-x 2 root root 2 Jan 5 12:59 PROBE_DATA
drwxr-xr-x 71 icmsuser users 2048 Dec 20 00:00 PROBE_DATA.2000
drwxr-xr-x 74 icmsuser users 2048 Dec 30 09:33 WAFER_PROBE_SUMM
dr-xr-xr-x 2 icmsuser users 24 Aug 30 1999 dist
dr-xr-xr-x 2 icmsuser users 1024 Aug 30 1999 etc
lrwxr-xr-x 1 root sys 10 Jan 5 11:05 mklim -> /tmp/mklim
drwxrwxrwx 3 icmsuser users 1024 Oct 1 1999 pub
dr-xr-xr-x 4 icmsuser users 1024 Aug 30 1999 usr
226 Transfer complete.
ftp> cd mklim
550 mklim: No such file or directory.

mk
Ovidiu D. Raita
Valued Contributor

Re: directories under /home/ftp

In my opinion it's normal not to have access to /tmp/mklim since you've already done a chroot. The system tries to find /home/ftp/tmp/mklim dir not /tmp/mklim since it goes by name not by inodes and the root dir in /home/ftp and not /.

As a test try to create the dir /home/ftp/tmp/mklim and then try to cd to mklim. You should arrive in /home/ftp/tmp/mklim.

Ovidiu
Simple solutions to complex problems
mooi-kuan
Advisor

Re: directories under /home/ftp

If this is the case, how can I make the /tmp or /users/a_user_dir etc viewable from the ftp session ?
mk
Dan Hetzel
Honored Contributor

Re: directories under /home/ftp

Hi,

As 'ftpd' does a chroot, all reference to '/' will be translated to /home/ftp
That's why /tmp becomes /home/ftp/tmp...

There is no way to access anything outside the /home/ftp tree, unless you're using a different ftpuser. This restriction only applies to anonymous access.

If you want your users to access their home directory on the system, they should use their own login name and password.

Best regards,

Dan
Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
Dan Hetzel
Honored Contributor

Re: directories under /home/ftp

Hi again,

If you want to give anonymous users access to files residing elsewhere on the SAME filesystem as ftp HOME, you may use a physical link (ln) to that file. Don't use symbolic link (ln -s) because of the chroot() done by ftpd.

The limitations are the following:
Original file must reside on SAME filesystem to create a physical link.
You won't be able to use physical links on directories because it's limited to files; if you have many files to share you'll have to create multiple physical links.

Best regards,

Dan

Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
mooi-kuan
Advisor

Re: directories under /home/ftp

Hi Dan, thank you for your reply.
Because it is an anonymous ftp site, the users use internet broswer from PC to get the file. I should have put all the files/directories under /home/ftp, this is straight forward but somehow my requirement is little bit different. There are couple of directories that I want them to be linked to /home/ftp so that anonymonus users still can reach them. These directories were initially put at some where else outside /home/ftp (it is actually the /home/tester/tested_data.)

So, my present method is to use nfs mount on the same system (sound stupid ?). I am looking forward some other methods. I tried ln with no success. I ever think about moving all the directories to /home/ftp and ln them back to /home/tester ... but this is not what I am looking for.

Thank you.
mk
Steven Sim Kok Leong
Honored Contributor

Re: directories under /home/ftp

Hi,

In your /etc/passwd file, rename /home/ftp to /home/tester/test_data. Subsequently cp -ipR /home/ftp/* /home/tester/test_data/

Thus, instead of an anonymous user chroot to /home/ftp, the anonymous user will chroot to /home/tester/test_data instead.

If you want all readable user files under /home to be accessed via anonymous ftp, modify /etc/passwd, rename to /home/ftp to /home instead and follow the same steps. Note however that you are risking a security compromise for the access of readable files from /home onwards.

The bin, etc and lib directories need to be copied for chroot to work because commands like ls needs to be accessible after the chroot.

Hope this helps. Regards.

Steven Sim
Brainbench MVP for Unix Admin
http://www.brainbench.com
Dan Hetzel
Honored Contributor

Re: directories under /home/ftp

Hi,

Because of the chroot(), there's not much you can do, apart from either copying the files to /home/ftp or mounting them with nfs as you already tried.
I know that this doesn't sound very effective, but having a system widely open to anonymous users would be a major security issue.

If /home/ftp and /home/tester are on the same filesystem, you may still use the physical link to individual files as I told you in my previous post.

This should work for you.

Good luck,

Dan
Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com
Steven Sim Kok Leong
Honored Contributor

Re: directories under /home/ftp

Hi,

If you only intend to share out the /home/tester2/test_data directory over anonymous ftp, then a chroot to /home/tester2/test_data would have minimal security implications since only /home/tester2/test_data and beyond is accessible by any anonymous ftp user.

Hope this helps. Regards.

Steven Sim
Brainbench MVP for Unix Admin
http://www.brainbench.com
Ovidiu D. Raita
Valued Contributor

Re: directories under /home/ftp

The best solution would be to have to create all the files you want to make public under /home/ftp

/home/ftp/ftpdir1
/home/ftp/ftpdir2
/home/ftp/ftpdir3

then if you want them to have different names you have to make links from that dir to /home/ftp/ftpdir1

I wouldn't recommend to do this for /tmp or /var or any other system dir, but you can create subdirs and link them there. NFS is an option too.

Ovidiu

Ovidiu
Simple solutions to complex problems
Paul Frederiksen
Frequent Advisor

Re: directories under /home/ftp

The problem is that many browsers do not support sym links in FTP. You MUST use a decent ftp program such as Cuteftp on the client side with symbolic links. Internet Explorer doesn't like them (who would have thought)

Paul