HPE Community
Operating System - HP-UX
1827809 Members
2126 Online
109969 Solutions
New Discussion

ftp list not working after chroot works

 
Stephane Fromholtz
Advisor

‎04-24-2002 04:21 AM

‎04-24-2002 04:21 AM

ftp list not working after chroot works

I just tested a chrooted user, and it works fine.

My user (ftptest) is part of the ftponly group, and has in the passwd :

ftptest:z4v2E/DviCN9A:100:102::/home/ftptest/./:/usr/bin/ftpshell

My users log on to our ftp server using a NT program. When using this new account (chrooted) there is no problem, but when other "normal" users try then to connect the cannot see the file in the window of the ftp client.

That is what the get in the Gui :

< 200 PORT command successful.
> TYPE A
< 200 Type set to A.
> LIST
< 150 Opening ASCII mode data connection for /usr/bin/ls.
< LISTERROR: drwxr-xr-x 2 root root 96 9 avr 13:02 building
< LISTERROR: drwxr-xr-x 4 root root 1024 10 avr 21:16 cmcluster
< LISTERROR: -rw-r--r-- 1 root root 122880 10 avr 21:13 cmcluster.tar
< LISTERROR: -rw-r--r-- 1 root root 6537 15 avr 12:55 debug.log

No problem with chrooted accounts but not other accounts cannot list correctly. My /etc/inetd.conf (ftp line):

ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -i -o -a -v

my /etc/ftpd/ftpaccess :

class local real,guest,anonymous *.domain 0.0.0.0
class remote real,guest,anonymous *

guestgroup ftponly


Has anybody an idea ? Thanks

0 Kudos
Reply
9 REPLIES 9
Rita C Workman
Honored Contributor

‎04-24-2002 04:45 AM

‎04-24-2002 04:45 AM

Re: ftp list not working after chroot works

Under your ftp account did you remember to create a directory called bin
/home/ftpuser/bin

Then under the /home/ftpuser/bin you want to copy the following:

cp /usr/bin/pwd /home/ftpuser/bin
cp /sbin/ls /home/ftpuser/bin

To clean up for permissions:
chmod 0111 /home/ftpuser/bin/ls
chmod 0111 /home/ftpuser/bin/pwd
chown root /home/ftpuser/bin
chmod 0555 /home/ftpuser/bin

Now when the ftpuser logs in they have their own copy of ls and pwd...note that ls command copies from /sbin/ls not from /usr/bin !!!

Hope this helps,
Rit
0 Kudos
Reply
Stephane Fromholtz
Advisor

‎04-24-2002 05:22 AM

‎04-24-2002 05:22 AM

Re: ftp list not working after chroot works

I have no problem with my chrooted ftp user (ftptest) but with my REAL users, that should have access to their home directory.

Problems with bart user for example, that should go in /home/bart without being chrooted. See screen capture of the first message. Thx
0 Kudos
Reply
Anthony deRito
Respected Contributor

‎04-24-2002 05:38 AM

‎04-24-2002 05:38 AM

Re: ftp list not working after chroot works

Stephane, are you sure your using the Berkeley version of ftp? The options look like you may be actually using wu-ftpd. Can you print the output of "#what /usr/lbin/ftpd" for us?

Do you know if you have an installation of wu-ftpd?

Tony
0 Kudos
Reply
Stephane Fromholtz
Advisor

‎04-24-2002 06:10 AM

‎04-24-2002 06:10 AM

Re: ftp list not working after chroot works

This is the output :

/usr/lbin/ftpd:
$Id: ftpd.c,v 1.22 1996/04/15 05:51:04 sob Exp sob $ based on ftpd.c 5.40 (Berkeley) 7/2/91
Copyright (c) 1985, 1988, 1990 Regents of the University of California.
$Id: ftpcmd.y,v 1.8 1996/03/15 06:26:20 sob Exp $ based on ftpcmd.y 5.24 (Berkeley) 2/25/91
Revision 1.1.214.8 Fri Apr 20 07:27:42 GMT 2001
$Id: glob.c,v 1.6 1996/03/16 04:00:06 sob Exp $ from glob.c 5.9 (Berkeley) 2/25/91
popen.c 5.9 (Berkeley) 2/25/91
$Id: logwtmp.c,v 1.7 1995/10/15 06:35:17 sob Exp $
logwtmp.c 5.7 (Berkeley) 2/25/91
$Id: access.c,v 1.8 1996/03/15 07:29:08 sob Exp $
$Id: extensions.c,v 1.16 1996/03/15 06:26:20 sob Exp $
$Id: realpath.c,v 1.7 1996/03/15 08:15:56 sob Exp $
$Id: private.c,v 1.6 1995/12/11 09:20:19 sob Exp $
0 Kudos
Reply
Stephane Fromholtz
Advisor

‎04-24-2002 06:44 AM

‎04-24-2002 06:44 AM

Re: ftp list not working after chroot works

Well, let me resume if I understood everything well, when users are in ftp group "ftponly" as configured in my ftpaccess file, the are chrooted. For these users, I have no problem, login works, user can list their files in the Gui (ftp client).

For other users (REAL users) that are allowed to connect and to browse from their home directory, I have a strange list problem, see the screen capture of the first message. This only happens for users NOT chrooted, which is quite annoying because I want to use this on a production server where some users are chrooted, and the others not..
0 Kudos
Reply
Kathleen
Regular Advisor

‎04-24-2002 11:12 AM

‎04-24-2002 11:12 AM

Re: ftp list not working after chroot works

Being a part of ftponly....hmm. What is the shell script you are using? I have an ftp user on my system set up to use /sbin/sh but she is not part of the ftp group and she can get to anything she needs to. Doesn't being an ftponly user and having the /./:/usr/bin/false in after the users home directory limit you to only being able to see your home directory or below?
0 Kudos
Reply
U.SivaKumar_2
Honored Contributor

‎04-24-2002 11:46 PM

‎04-24-2002 11:46 PM

Re: ftp list not working after chroot works

hi,

what are the permissions and ownership of ls binary under your bin directory of chroot directory ?.

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
Stephane Fromholtz
Advisor

‎04-25-2002 02:07 AM

‎04-25-2002 02:07 AM

Re: ftp list not working after chroot works

No one seems to understand that my chrooted ftp users run just fine, I have a problem now with real users, those who are allowed to browse directories and can see their /home/username, not /.

I've searched a long time how to set up chroot ftp, now it works fine, but problems with non-chrooted users appear.
0 Kudos
Reply
Stephane Fromholtz
Advisor

‎04-25-2002 02:40 AM

‎04-25-2002 02:40 AM

Re: ftp list not working after chroot works

Ok I found that my windows Ftp client was buggy, I tried with Reflexion Client Ftp and CuteFTP and I works without display problem for real users.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.