Set permission to NO browse out of /home directoryForum: Other Help Topics Topic: Set permission to NO browse out of /home directory started by: icpeanuts Posted by icpeanuts on Jan. 22 2006,06:56
I am new to linux and DSL.I have a quick question. I want to set it so user can not browse out of the /home directory when the user access the server via FTP on the BetaFTP server. Can this be done? Thanks for your help. Posted by clacker on Jan. 22 2006,13:13
icpeanuts, I tried to do this but was unable to. I believe you could create what is called a chroot jail, but I'm still try to work out exactly what you need to place inside the jail to make the usr name/password recognition for betaftpd to work.
Posted by icpeanuts on Jan. 22 2006,19:35
I downloaded Pure-ftpd instead and following their instruction to add /./ to the passwd file of the user and it worksl. I tried various method with betaftp. No outcome.
Posted by clacker on Jan. 22 2006,20:00
Well, I looked around and found a bash script that can set up a nice chroot jail for dsl. It's called < make_chroot_jail.sh > and it worked really well, from what I could tell. It adds users and can update the needed libraries depending on what you need in the shell. With a little bit of tinkering in the passwd file in the jail it creates you can have everyone who ftps in looking at the same directory.I wish I understood the script better. I'm still trying to figure out what I did wrong when I did it by hand, but if the script does it right, that's all I need. EDIT: you can still see out of the home directory, but only as far as the extent of the chroot jail. Posted by icpeanuts on Jan. 24 2006,05:19
Anyone have any simpler ways to do this? This should not be a big problem. Thanks in advance.
Posted by AwPhuch on Jan. 24 2006,23:56
in frugal mode you could chmod -R 700 the /home directory, this will eliminate anyone from being able to view anyone elses directoriesBrian AwPhuch Posted by mikshaw on Jan. 25 2006,02:16
It does not, however, restrict the user to a single directory.In the DOCUMENTATION of betaftp, there is a bit about the rights file, which sounds to me what you need.
Posted by icpeanuts on Jan. 25 2006,05:39
I read the infomation. I still do not understand how you can use it. Can you explain how/where I can edit/put the file to limit user browsing out of home dir?Thanks. Posted by mikshaw on Jan. 25 2006,14:49
I'd have to test it out in order to say for sure, but perhaps an entry ".." might control users' access to higher directories. I'm pretty sure the .rights file goes into the directory to which it applies.
Posted by icpeanuts on Jan. 29 2006,10:28
If you find out how this can be done, please post an update with detail instruction on how to get this to work. Thanks. Posted by ReTeP on Dec. 09 2006,21:28
I've tried the jail-script but it shows errors on the MKNOD-command (command not found). Is it a package that's missing or somethin else, please help !
|