Re: Symlinks chroot - Is it Possible?
On 4/3/2004 12:13 PM Mark wrote: Drew Tomlinson wrote: I have a few users that I wish to allow FTP access on my 4.9-RELEASE-p4 system. I've setup their accounts and added them to /etc/ftpchroot to lock them into their login directories. They are in the standard /home/user dirs. However, I want all of them to have access to another directory (/ftp/share) that is setup read-only. I tried adding a symlink to /ftp/share but I've found this doesn't work when the user is chrooted. True. A symlink cannot traverse 'up' the chroot; only a hardlink can (to a file). Personally, I would not use something as beta as mount_null. When the man pages say: (READ: IT DOESN'T WORK), I would stay clear of it. There are other ways, though. You say your chroot is at: /etc/ftpchroot Thank you for your reply. No, I created the file /etc/ftpchroot to chroot the user at /home/username. Sorry for the confusion. I'm not necessarily sure whether the root-partition is the best place for a chroot; Agreed. but working from that fact, you could reverse the condition. Instead of trying to link to /ftp/share, from within the chroot, you could do the opposite: first create the following directory: /etc/ftpchroot/ftp/share Then, in /ftp/, symlink to within the chrooted dir: share - /etc/ftpchroot/ftp/share Then /ftp/share is accessible from both the 'real' and the chrooted environment, pointing to the same directory. Short of another solution, I may move things around to implement your suggestion. Thanks, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Symlinks chroot - Is it Possible?
On 4/3/2004 11:21 AM den wrote: I use mount_null and have no problem with it. You need create dir in each user home and use mount_null for mount your chrooted dir with created directories as mount points . So you need add many lines in your /etc/fstab file . I understand. Thanks for your reply. I think that words in manual about beta concern writing in directory that uses mount_null. I don't use write and it seems that you don't need write too. So use this fs type ( set in fstab ro option for this mount point). And read man for mount_null. This seems reasonable. Can anyone else comment on their experience using mount_null read only? Thanks, Drew Drew Tomlinson wrote: I have a few users that I wish to allow FTP access on my 4.9-RELEASE-p4 system. I've setup their accounts and added them to /etc/ftpchroot to lock them into their login directories. They are in the standard /home/user dirs. However, I want all of them to have access to another directory (/ftp/share) that is setup read-only. I tried adding a symlink to /ftp/share but I've found this doesn't work when the user is chrooted. I've Googled on this issue. A FAQ for PureFTPd confirms this and suggests mount_null. But the man page for mount_null says that the code is beta and may wipe out a file system. What is the best way to achieve my objective? If mount_null is it, how do I use it? Do I include it in some sort of login script? I've set these users shells to nologin. How would that work? Thanks, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Symlinks chroot - Is it Possible?
I have a few users that I wish to allow FTP access on my 4.9-RELEASE-p4 system. I've setup their accounts and added them to /etc/ftpchroot to lock them into their login directories. They are in the standard /home/user dirs. However, I want all of them to have access to another directory (/ftp/share) that is setup read-only. I tried adding a symlink to /ftp/share but I've found this doesn't work when the user is chrooted. I've Googled on this issue. A FAQ for PureFTPd confirms this and suggests mount_null. But the man page for mount_null says that the code is beta and may wipe out a file system. What is the best way to achieve my objective? If mount_null is it, how do I use it? Do I include it in some sort of login script? I've set these users shells to nologin. How would that work? Thanks, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Symlinks chroot - Is it Possible?
I use mount_null and have no problem with it. You need create dir in each user home and use mount_null for mount your chrooted dir with created directories as mount points . So you need add many lines in your /etc/fstab file . I think that words in manual about beta concern writing in directory that uses mount_null. I don't use write and it seems that you don't need write too. So use this fs type ( set in fstab ro option for this mount point). And read man for mount_null. Drew Tomlinson wrote: I have a few users that I wish to allow FTP access on my 4.9-RELEASE-p4 system. I've setup their accounts and added them to /etc/ftpchroot to lock them into their login directories. They are in the standard /home/user dirs. However, I want all of them to have access to another directory (/ftp/share) that is setup read-only. I tried adding a symlink to /ftp/share but I've found this doesn't work when the user is chrooted. I've Googled on this issue. A FAQ for PureFTPd confirms this and suggests mount_null. But the man page for mount_null says that the code is beta and may wipe out a file system. What is the best way to achieve my objective? If mount_null is it, how do I use it? Do I include it in some sort of login script? I've set these users shells to nologin. How would that work? Thanks, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Symlinks chroot - Is it Possible?
Drew Tomlinson wrote: I have a few users that I wish to allow FTP access on my 4.9-RELEASE-p4 system. I've setup their accounts and added them to /etc/ftpchroot to lock them into their login directories. They are in the standard /home/user dirs. However, I want all of them to have access to another directory (/ftp/share) that is setup read-only. I tried adding a symlink to /ftp/share but I've found this doesn't work when the user is chrooted. True. A symlink cannot traverse 'up' the chroot; only a hardlink can (to a file). Personally, I would not use something as beta as mount_null. When the man pages say: (READ: IT DOESN'T WORK), I would stay clear of it. There are other ways, though. You say your chroot is at: /etc/ftpchroot I'm not necessarily sure whether the root-partition is the best place for a chroot; but working from that fact, you could reverse the condition. Instead of trying to link to /ftp/share, from within the chroot, you could do the opposite: first create the following directory: /etc/ftpchroot/ftp/share Then, in /ftp/, symlink to within the chrooted dir: share - /etc/ftpchroot/ftp/share Then /ftp/share is accessible from both the 'real' and the chrooted environment, pointing to the same directory. - Mark ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]