Re: Somewhat advanced question about server management

2013-11-18 Thread Travis Siegel 
Standard functionality of ftp servers is to not allow users to go  
beyond the root file system that is configured when they log in.
If you set the root of the ftp hiearchy to /users/ftp, then nobody  
logged in as an ftp user will be able to go to your /users folder.   
This is common practice.
If you want users to have access to multiple folders, but not  
everything, you'll need to setup groups, and set group permissions to  
allow reading only by users in those groups.
If you need assistance figuring out the permissions system, drop a  
line off list, and I'll help out.


<--- Mac Access At Mac Access Dot Net --->

To reply to this post, please address your message to mac-access@mac-access.net

You can find an archive of all messages postedto the Mac-Access forum at 
either the list's own dedicated web archive:

or at the public Mail Archive:
.
Subscribe to the list's RSS feed from:


As the Mac Access Dot Net administrators, we do our very best to ensure that 
the Mac-Access E-Mal list remains malware, spyware, Trojan, virus and 
worm-free.  However, this should in no way replace your own security strategy.  
We assume neither liability nor responsibility should something unpredictable 
happen.

Please remember to update your membership preferences periodically by visiting 
the list website at:

Somewhat advanced question about server management

2013-11-16 Thread Christopher Gilland 
First off, my apologies to both Gordon and Lynn for all the rejected e-mails 
sent to the list from an unauthorized address.  You can reject them.  I found 
out why this was happenning, and the issue has been corrected.

OK, so here’s the deal.  I have a copy of OSX server, although I’ve not really 
messed with it much yet.  The little bit I have looked somewhat overwhelming.  
Basically, all I wanna do is set up on the basic standard port 21, an FTP 
server where people can download files/folders from my drive.  I want to 
disable anonymous access, so that users have to have a valid account to log in. 
 I further want them to be Crooted (or, jailed, as some call it,) into this 
directory of my choosing.  I however do want them to be able to recurse sub 
folders.  So, in other words, I want them Crooted into X folder, but I want 
them inside X folder to be able to also have read access to folders A, B, and 
C, located underneath folder X, and to inherit all permissions down the 
hierarchy from folder X.  I do not however want them to be able to go any 
higher up than folder X.  I hope that makes sense.  I do not want to grant 
write access or delete access or anything of the like.  This is only going to 
be used for downloading files, and absolutely no more.  Yes, I know about file 
sharing over the network.  That’s not why I’m doing this.  I need it set this 
way so that someone half way across the country from me, for example, could log 
in via ftp and get whatever they need, when they need it.  I already do have a 
top level domain name which is pointing to my IP address, so that’s not even an 
issue.  I have resolvers in place, don’t worry.  That being said, I’ve not set 
up any sort of resolvers through my OSX server software.  This is all being 
done through an A Record through the dns settings at my local domain registrar. 
Trust me, it works.  I can ping the domain and see it resolving to my correct 
IP address with no packet loss, so that’s fine.  I just need the actual ftp 
side of it set up.  I also do know about openning port 21 on my Linksys WRT 54S 
router, and forwarding it to the private IP address associated with my Mac 
running OSX server.  That’s already been done.  Like I say, I’m pretty much 
good to go.  I just need to know how to actually set up the server itself in 
the way I described.  I know there are a few other software sollutions out 
there for doing ftp servers, and I know that OSX even has one built in that 
will work to some extent, but most of them only allow for free, 3 or 4 users.  
I may wind up needing more than that.  Plus, if down the road I ever want to 
enable other servers like Mail, or apache web http or such, I’d rather do it 
this way to start with so that I can get a handle on things.  I figure once I 
know how to set one of these up, it’ll make things easier going forward, as 
I’ll betcha there’s probably somewhat of a pattern to doing it.

Anyway, if Gorgon, Lynn, or anyone else at all on here thinks they can help, 
I’ll be willing to hear you out, and see if we all can work together here to 
get me up and running.

Thank you.

Chris.
<--- Mac Access At Mac Access Dot Net --->

To reply to this post, please address your message to mac-access@mac-access.net

You can find an archive of all messages postedto the Mac-Access forum at 
either the list's own dedicated web archive:

or at the public Mail Archive:
.
Subscribe to the list's RSS feed from:


As the Mac Access Dot Net administrators, we do our very best to ensure that 
the Mac-Access E-Mal list remains malware, spyware, Trojan, virus and 
worm-free.  However, this should in no way replace your own security strategy.  
We assume neither liability nor responsibility should something unpredictable 
happen.

Please remember to update your membership preferences periodically by visiting 
the list website at: