ftpaccess

John Carver · ‎02-18-2004

I can chroot a user and set upload parameters through ftpaccess, but not both at the same time. Once I get the upload conditions set and then setup chroot, the upload conditions don't work. The moment I insert the chroot delimiter in /etc/passwd or enable guestgroup in ftpaccess, the upload conditions I have set, no longer work. Maybe these 2 things can't be set up together or maybe I'm missing something.

James A. Donovan · ‎02-18-2004

I've found the following ftpaccess entries to work for me....

...snip...

guestgroup ftpguest
guest-root /opt/home/ftp/incoming/user1 user1
guest-root /opt/home/ftp/incoming/user2 user2
guest-root /opt/home/ftp/incoming/user user3
restricted-uid user1 user 2 user3

upload /opt/home/ftp * no
upload /opt/home/ftp /incoming yes ftp other 0440 nodirs
upload /opt/home/ftp /incoming/user1 no
upload /opt/home/ftp /incoming/user2 no
upload /opt/home/ftp /incoming/user3 no

upload /opt/home/ftp/incoming/user1 /usr no
upload /opt/home/ftp/incoming/user1 /etc no
upload /opt/home/ftp/incoming/user1 / yes somebody somegroup 0666 nodirs

noretrieve /etc/passwd .notar core
noretrieve /opt/home/ftp/incoming/

allow-retrieve /opt/home/ftp/incoming/user1 user1
allow-retrieve /opt/home/ftp/incoming/user2 user2
allow-retrieve /opt/home/ftp/incoming/user3 user3

chmod no anonymous,guest
chmod yes real

umask no anonymous,guest
umask yes real

delete yes real
rename yes real,guest
overwrite yes real,guest
delete no guest,anonymous
rename no anonymous
overwrite no anonymous
put no test

readme README* login
readme README* cwd=*

message /welcome.msg login
message .message cwd=*

compress yes all
tar yes all

log commands real
log transfers anonymous,guest,real inbound,outbound

shutdown /etc/shutmsg

...snip...

Remember, wherever you go, there you are...

Sridhar Bhaskarla · ‎02-18-2004

Hi,

The following works just fine for me

$grep test /etc/passwd

test:*:10101:20::/home/test/./incoming:/usr/bin/ksh

snippet from ftpaccess

guestgroup test
upload /home/test * no
upload /home/test /incoming yes sshd sshd 0440 nodirs

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

John Carver · ‎02-18-2004

Got things working. It appears that you can't chroot to a directory and have the upload directive work. After logging in, you must cd to a higher directory. In there the upload directive will apply. What configuration can be included that will prevent downloads from an entire directory?

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

ftpaccess

ftpaccess

Re: ftpaccess

Re: ftpaccess

Re: ftpaccess