Re: [gentoo-user] vsftpd: how can I chroot both anon and auth users to the same dir?
On 10-Aug-11 20:36, Paul Hartman wrote: So I'd like to change it the way that both anonymous as well as local users are chrooted to base ftp directory /home/ftp but I do not know how to do it. Set user_config_dir to point to someplace such as /etc/vsftpd/users In that directory, create files for each username and within it put: local_root=/home/ftp Actually, instead of creating file for each username I included these options in main config file /etc/vsftpd/vsftpd.conf: chroot_local_user=YES local_root=/home/ftp Now it works as I expected: both anonymous & local users are chrooted to /home/ftp and can enter any sub-directory, but local users can upload files to /home/ftp/$USER (homedirs where they have write permission). On 10-Aug-11 20:19, Michael Orlitzky wrote: > > Are they local users? Change their home directories to /home/ftp. I did not test this, but it might work too. The only drawback is I'd have to edit /etc/passwd always when I add new user. Problem solved, thank you for help... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] vsftpd: how can I chroot both anon and auth users to the same dir?
On Wed, Aug 10, 2011 at 11:37 AM, Jarry wrote: > Hi, > I'm using vsftpd and I'm quite satisfied, except for one > problem which I can not solve: > > Anonymous users are chrooted to base ftp-server directory > /home/ftp but local users are chrooted to their own > directories /home/ftp/$USER and they can not move higher. > The only way for them to see directories of other local > users is to log-off and log-in as anonymous. This is not > very convenient. Why should authenticated user be allowed > less (in this particular aspect) than anonymous? > > So I'd like to change it the way that both anonymous > as well as local users are chrooted to base ftp directory > /home/ftp but I do not know how to do it. > > Whe I remove "chroot_local_users=YES" from vsftpd.conf, > local users are not chrooted at all, and can move > around the whole system up to /. And when I let that > "chroot_local_users=YES" activated, they are chrooted > to home-dirs. So how can I solve this problem? I haven't used vsftpd in a long time but I believe you can do something like this: Set user_config_dir to point to someplace such as /etc/vsftpd/users In that directory, create files for each username and within it put: local_root=/home/ftp I think that might set all of those users to login to that folder. I have not tried it. :) There was also an option to use alternative home directories rather than the one specified in /etc/passwd, but I can't remember exactly what that was and it may have still used the username as part of the path. "man vsftpd.conf" should explain it.
Re: [gentoo-user] vsftpd: how can I chroot both anon and auth users to the same dir?
On 08/10/11 13:52, Jarry wrote: > > If I wanted to have one more problem (anonymous users not > able to access local users' files) I would do it... :-) > > I'll try to explain it one more time. I have local users > "user1", "user2", "userX" and their home directories are: > /home/ftp/user1 > /home/ftp/user2 > /home/ftp/userX > > Anonymous users are chrooted to /home/ftp, so they can access > files stored in /home/ftp/user1 (user2, userX). That is OK, > that is what I want. But local user1 is chrooted to > /home/ftp/user1, so he can't access files in /home/ftp/user2 > (or /home/ftp/userX). Oh, ok. I didn't realize you wanted all users to be able to see the same hierarchy. I figured you were allowing anonymous users more access just to avoid the logical inconsistency =) > And *this* is what I want to solve: to give local users > the same possibility to access other users' files (if file > access permissions allow it, of course). So I want to chroot > local users to the very same /home/ftp directory where > anonymous users are chrooted, but I do not know how... Are they local users? Change their home directories to /home/ftp.
Re: [gentoo-user] vsftpd: how can I chroot both anon and auth users to the same dir?
On 10-Aug-11 19:35, Michael Orlitzky wrote: Anonymous users are chrooted to base ftp-server directory /home/ftp but local users are chrooted to their own directories /home/ftp/$USER and they can not move higher. The only way for them to see directories of other local users is to log-off and log-in as anonymous. This is not very convenient. Why should authenticated user be allowed less (in this particular aspect) than anonymous? So I'd like to change it the way that both anonymous as well as local users are chrooted to base ftp directory /home/ftp but I do not know how to do it. Why not just chroot anonymous users to /home/ftp/public? If I wanted to have one more problem (anonymous users not able to access local users' files) I would do it... :-) I'll try to explain it one more time. I have local users "user1", "user2", "userX" and their home directories are: /home/ftp/user1 /home/ftp/user2 /home/ftp/userX Anonymous users are chrooted to /home/ftp, so they can access files stored in /home/ftp/user1 (user2, userX). That is OK, that is what I want. But local user1 is chrooted to /home/ftp/user1, so he can't access files in /home/ftp/user2 (or /home/ftp/userX). And *this* is what I want to solve: to give local users the same possibility to access other users' files (if file access permissions allow it, of course). So I want to chroot local users to the very same /home/ftp directory where anonymous users are chrooted, but I do not know how... Jarry -- ___ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
Re: [gentoo-user] vsftpd: how can I chroot both anon and auth users to the same dir?
On 08/10/11 12:37, Jarry wrote: > Hi, > I'm using vsftpd and I'm quite satisfied, except for one > problem which I can not solve: > > Anonymous users are chrooted to base ftp-server directory > /home/ftp but local users are chrooted to their own > directories /home/ftp/$USER and they can not move higher. > The only way for them to see directories of other local > users is to log-off and log-in as anonymous. This is not > very convenient. Why should authenticated user be allowed > less (in this particular aspect) than anonymous? > > So I'd like to change it the way that both anonymous > as well as local users are chrooted to base ftp directory > /home/ftp but I do not know how to do it. > > Whe I remove "chroot_local_users=YES" from vsftpd.conf, > local users are not chrooted at all, and can move > around the whole system up to /. And when I let that > "chroot_local_users=YES" activated, they are chrooted > to home-dirs. So how can I solve this problem? Why not just chroot anonymous users to /home/ftp/public?
