HPE Community
Operating System - HP-UX
1833772 Members
2248 Online
110063 Solutions
New Discussion

Re: FTP user home directory problem

 
prasadb
Super Advisor

‎09-02-2008 05:10 AM

‎09-02-2008 05:10 AM

FTP user home directory problem

Hello experts,

i have some strange problem in one my HP B.11.11 server, i created one user for FTP access only, means he should only make FTP (put and get )the files, but should not telnet to the server, for that i have used /usr/bin/false shell for the user. but the problem is that when he FTP from some other machine, he can login to FTP prompt but doesnot redirect to his home directory as defined by me.

Also, i saw these shells that have been assigned to the various users, like...

/usr/bin/sh
/usr/bin/false
/sbin/sh
/bin/false

so i wonder to know how can i view all the possible shells that can be alloted to the users ? and are there different properties for the shells.

any help is highly appreciated..

thank you





0 Kudos
7 REPLIES 7
Fabio Ettore
Honored Contributor

‎09-02-2008 05:16 AM

‎09-02-2008 05:16 AM

Re: FTP user home directory problem

Hi,

have you changed HOME directory into /etc/passwd?
Please post the line for your user from /etc/passwd.

Best regards,
Fabio
WISH? IMPROVEMENT!
0 Kudos
Dennis Handly
Acclaimed Contributor

‎09-02-2008 05:25 AM

‎09-02-2008 05:25 AM

Re: FTP user home directory problem

>how can I view all the possible shells that can be alloted to the users? and are there different properties for the shells.

All valid shells should be listed in /etc/shells. See shells(4).

Of course you can put anything in /etc/passwd and you may have to update /etc/shells. You can use this to print out the shells:
awk -F: '{print $7}' /etc/passwd | sort -u

>are there different properties for the shells.

No, they are just executables.
0 Kudos
prasadb
Super Advisor

‎09-02-2008 05:43 AM

‎09-02-2008 05:43 AM

Re: FTP user home directory problem

>> line in /etc/passwd

misrpts:KykrJhPqGmHw6,5.VT:167:101:/luc04/misreports:/usr/bin/false

Dear Dennis,

>> if all the shells are same, then the users alloted /usr/bin/sh and /sbin/sh can telnet to the servers, whereas who has /usr/bin/false can't telnet , why such difference is there ?

kindly help me clear the air...
0 Kudos
Deepak Kr
Respected Contributor

‎09-02-2008 06:12 AM

‎09-02-2008 06:12 AM

Re: FTP user home directory problem

Provide ftpd line from /etc/inetd.conf

grep -i ftpd /etc/inetd.conf

Are you trying to use chroot here..

if yes modify user line in /etc/passwd with following:

misrpts:KykrJhPqGmHw6,5.VT:167:101:/luc04/misreports/./:/usr/bin/false

appended /./ in home dir of user.
this needs to modify /etc/ftpaccess file also.

"There is always some scope for improvement"
0 Kudos
TTr
Honored Contributor

‎09-02-2008 10:48 AM

‎09-02-2008 10:48 AM

Re: FTP user home directory problem

> are there different properties for the shells
You can not restrict where the users can navigate in the server using the shell properties (I think that's what you are asking)
> he can login to FTP prompt but doesnot redirect to his home directory as defined by me
Where does he end up? If there is a problem with the home directory, usually a message is displayed right after the password is typed. Do you get such a message? Are there any other messages/errors in /var/admsyslog/syslog.log regarding the ftp session?
0 Kudos
Dennis Handly
Acclaimed Contributor

‎09-02-2008 07:56 PM

‎09-02-2008 07:56 PM

Re: FTP user home directory problem

>if all the shells are same, then the users alloted /usr/bin/sh and /sbin/sh can telnet to the servers, whereas who has /usr/bin/false can't telnet, why such difference is there?

Well, after you execute the shell, it depends what it does. Obviously false(1) doesn't do anything and then returns an error. Whether or not you can detect the fact that it entered the "shell" and exited or never got there, I don't know.

If your shell isn't in /etc/shells, you can't ftp.
0 Kudos
prasadb
Super Advisor

‎09-04-2008 11:41 PM

‎09-04-2008 11:41 PM

Re: FTP user home directory problem

hello all,

i was trying "pwd" at the FTP prompt, it was showing / , but in fact when i created one file, and checked it on the serverm, the file was created, so the problem is solved now.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.