Urivan Saaib <[EMAIL PROTECTED]> writes: > Hi, > > > chrtftp is a hack directly into the source tree of the FTP server. > > It cannot be implemented by PAM since it requires additional hueristics > > within the FTP server. > > Most of us understand that, but then, what is Tim saying about pam_vsd > while we're talking about something out of the limits of user > authentication ? Got my point ?
chrtftp is *not* authentication. Therefore it is outside the bounds of pam_vsd. > Where Tim says : > > > pam_vsd was introduced to remove the need for patching some of the add-on > > packages, ie proftp. > > What are we really talk about ? I suppose he is talking about user > authentication (ie. support for +ftp priv on a vs), but our argument goes > for the +chrtftp priv pam_vsd was written to remove the number of packages that needed patching, or at least make the remaining patches simpler. Your argument cannot hold for the chrtftp priv. I suggest you examine the patch to truly understand why. The chroot part of ftp happens after authentication has been established and therefore completed. > > I believe (though have not had time to check) that the > > proftp provided with packages from 1.4.9 is not actually patched in any > > way so does not respond to configuration within VSD specific files. > > Thats correct Tim, the proftpd package is not patched. > > Here's a ProFTPd-1.2.4 patched rpm version, and all the required > files/references for individual compilation : > > http://www.c-ber.net/software/freevsd/RH7.2/ > > Btw, i just installed a new RH 7.2 system to test the skel and the > modified scripts and i realize that the admin user cannot give +chrtftp > priv only if the admin user has the +chrtftp priv. > > 1.- Its totally nonsense to me that the admin needs to have +chrtftp priv > to set thatkind of right, and > > 2.- Why was this change ? Previous versions of freevsd admin didnt > required the chrtftp priv to grant it. Does this has anything to do > with the fact that the ProFTPd package provided by FreeVSD-1.4.9-2 does > not include chrtftp patch (support) ? No. It was previously (and still should be) hard-coded into VSD and its userland utilities. I haven't looked at the current source to verify this though. Nick. ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support -----------------------------------------------------------------------------
