On Mar 20, 2008, at 3:20 PM, Lan Barnes wrote:
I've set up a ftp server at work and want to limit users to a
directory
and its subs. How to?
This doesn't appear to be very well documented.
The vsftpd config directives are a bit strangely named and
functionally overloaded. But it's pretty easy once you figure it
out... you need at least two config directives, and then an optional
third which basically reverses the functionality of the first two.
There are two possible scenarios, both assuming that the FTP accounts
are defined as local Linux users in /etc/passwd:
#1) Users get full access by default, specific accounts get chrooted
SET in vsftpd.conf
------------------
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
Then EDIT /etc/vsftpd.chroot_list and list the users that should get
jailed, one per line.
#2) Users get chrooted by default, specific accounts get full access
SET in vsftpd.conf
------------------
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
chroot_local_user=YES
Then EDIT /etc/vsftpd.chroot_list and list the users that should get
full access, one per line.
Also note that in both cases, it's probably important to verify that
"anonymous_enable=NO" is set in vsftpd.conf and *not* commented out,
as the default is to allow anonymous and that's almost never a good
idea.
Hope that helps.
--
Joshua Penix http://www.binarytribe.com
Binary Tribe Linux Integration Services & Network Consulting
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
