HPE Community
Operating System - HP-UX
1832547 Members
6927 Online
110043 Solutions
New Discussion

Re: question about ftpaccess

 
SOLVED
Go to solution
itai weisman
Super Advisor

‎04-20-2005 06:43 PM

‎04-20-2005 06:43 PM

question about ftpaccess

hi everyone,
i have enabled ftpaccess in my system in order to restrict some logins to my server.
since then, when allowed user connect to my server, he's able to put and get files from my server, but, when he issue "ls" command he sees nothing.
i couldn't find where i grant ls permission to users in ftpaccess.
when i cancel usage of ftpaccess (by removing 'a' flag from ftpd entry in inetd.conf) - it's working.
i'm using wuftpd-2.6.1 on HPUX 11.11 PA-Risc.
thanks ppl
0 Kudos
Reply
8 REPLIES 8
Stephen Keane
Honored Contributor

‎04-20-2005 08:12 PM

‎04-20-2005 08:12 PM

Re: question about ftpaccess

What is the contents of your /etc/ftpd/ftpaccess file ?
0 Kudos
Reply
Joseph Loo
Honored Contributor

‎04-20-2005 08:19 PM

‎04-20-2005 08:19 PM

Re: question about ftpaccess

hi,

may i know what you mean "sees nothing"? have u restricted directory access for that the user?

regards.
what you do not see does not mean you should not believe
0 Kudos
Reply
Joseph Loo
Honored Contributor

‎04-20-2005 08:27 PM

‎04-20-2005 08:27 PM

Re: question about ftpaccess

another question is whether u have provided ls command in the home directory of the user?

regards.
what you do not see does not mean you should not believe
0 Kudos
Reply
Sergejs Svitnevs
Honored Contributor

‎04-20-2005 08:40 PM

‎04-20-2005 08:40 PM

Re: question about ftpaccess

You need to make a bin dir in the home dir of the guest account and put ls in it. Because ftp chroot to the homedir, the user cant access the ls that is in /bin.

Regards,
Sergejs
Reply
itai weisman
Super Advisor

‎04-20-2005 11:18 PM

‎04-20-2005 11:18 PM

Re: question about ftpaccess

hi everyone and thanks
the user entry in the fstab is:
reuven:AxMYOlOJEDxpA:200:20:global user for reuven:/vendor_1/DEALERS/storage/DEA
L_SND/peldlr/./:/bin/ksh

attached ftpaccess file
ll /etc/ftpd/ftpaccess:
-rw-r----- 1 bin bin 2457 Apr 21 09:11 /etc/ftpd/ftpaccess

0 Kudos
Reply
itai weisman
Super Advisor

‎04-20-2005 11:22 PM

‎04-20-2005 11:22 PM

Re: question about ftpaccess

hi,
the user has ls command in his home directory (link points to /bin/ls)
furthermore, the client output:
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /usr/bin/ls.
226 Transfer complete.
indicates that he uses /usr/bin/ls, that exists and working.
also, after removing 'a' flag from ftpd (disable use of ftpaccess) - it works.
itai
0 Kudos
Reply
Ermin Borovac
Honored Contributor

‎04-21-2005 12:06 PM

‎04-21-2005 12:06 PM

Solution

Re: question about ftpaccess

ftpd tries to execute /usr/bin/ls, however, as other people indicated, it does chroot() to user's home directory so it would look for /usr/bin/ls relative to that.

If user's home directory is /home/user, ftpd looks for ls in /home/user/usr/bin/ls.

/home/user/usr/bin/ls cannot be symbolic link as ftpd cannot access anything below /home/user (due to chroot()).

You have to copy /sbin/ls (statically linked ls) to /home/user/usr/bin/ls for this to make it work.
Reply
itai weisman
Super Advisor

‎04-21-2005 10:07 PM

‎04-21-2005 10:07 PM

Re: question about ftpaccess

home user directory is on another phyisical disk, so i can't staticly link.
after copy '/bin/ls' (and some shared libaries as well) it's working.
thanks a lot!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.