HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- restrict user to specific ftp directory
Operating System - HP-UX
1833323
Members
3091
Online
110051
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2003 04:25 PM
05-02-2003 04:25 PM
restrict user to specific ftp directory
I have a directory /caredev/data/EC.HCFA.IB that I would like a user to use as his home directory. I want him to read and write to this directory but must not be allowed to go up to data. In other words, lock him to that specific directory. Can anybody help me?
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2003 06:55 AM
05-03-2003 06:55 AM
Re: restrict user to specific ftp directory
Set up an ftpaccess file (man ftpaccess) with class and guestgroup entries:
class ALL real *
class GUEST guest *
guestgroup ftpjail
Create a group in /etc/group called ftpjail and make your user a member of it.
Set up the users home directory as you would for anonymous ftp (man ftpd). Mainly, have //sbin/ls copied to usr/bin in the home directory, and provide a limited passwd and group file in etc/ in the home directory.
Finally, add the -a option to ftpd in /etc/inetd.conf and restart inetd.
Once everything is configured correctly, your users should be chroot-ed to their home directory and not allowed to move above it. He will have normal permissions in that directory, but it willlook like the root (/) directory to him.
class ALL real *
class GUEST guest *
guestgroup ftpjail
Create a group in /etc/group called ftpjail and make your user a member of it.
Set up the users home directory as you would for anonymous ftp (man ftpd). Mainly, have //sbin/ls copied to usr/bin in the home directory, and provide a limited passwd and group file in etc/ in the home directory.
Finally, add the -a option to ftpd in /etc/inetd.conf and restart inetd.
Once everything is configured correctly, your users should be chroot-ed to their home directory and not allowed to move above it. He will have normal permissions in that directory, but it willlook like the root (/) directory to him.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2003 06:40 PM
05-03-2003 06:40 PM
Re: restrict user to specific ftp directory
For a user, change his/her shell in /etc/passwd to rsh(restricted shell)
The user when logged in to their home directory, it will appear to them that they are in the root. Access will be limited to the home directory.
Any applications you want them to run via telnet can still be run, its the cd command that will fail.
chroot() in the ftp profile of ftp users will limit them to the filesystem you have designated as the home for your ftp server. This is now aononymous ftp works, but regular ftp can work the same way.
SEP
The user when logged in to their home directory, it will appear to them that they are in the root. Access will be limited to the home directory.
Any applications you want them to run via telnet can still be run, its the cd command that will fail.
chroot() in the ftp profile of ftp users will limit them to the filesystem you have designated as the home for your ftp server. This is now aononymous ftp works, but regular ftp can work the same way.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-03-2003 07:16 PM
05-03-2003 07:16 PM
Re: restrict user to specific ftp directory
hi,
See my post at:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc736b941255cd71190080090279cd0f9,00.html
and the configuration steps at:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xa36c7d4cf554d611abdb0090277a778c,00.html
http://forums.itrc.hp.com/cm/components/FileAttachment/0,,0x13c94e49c5cdd5118ff40090279cd0f9,00.txt
hope this helps!
Yogeeraj
See my post at:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc736b941255cd71190080090279cd0f9,00.html
and the configuration steps at:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xa36c7d4cf554d611abdb0090277a778c,00.html
http://forums.itrc.hp.com/cm/components/FileAttachment/0,,0x13c94e49c5cdd5118ff40090279cd0f9,00.txt
hope this helps!
Yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP