Professional Web Applications Themes

Restricting user to a directory with vsftpd - Linux Setup, Configuration & Administration

Is it possible to restrict all users (I am not using anonymous) to their directory and those below? In reading the docs, I am not sure how this can be done. Todd...

  1. #1

    Default Restricting user to a directory with vsftpd

    Is it possible to restrict all users (I am not using anonymous) to their
    directory and those below? In reading the docs, I am not sure how this
    can be done.

    Todd

    Todd Cary Guest

  2. #2

    Default Re: Restricting user to a directory with vsftpd

    On Tue, 1 Jul 2003 Todd Cary wrote:
    >Is it possible to restrict all users (I am not using anonymous) to their
    >directory and those below? In reading the docs, I am not sure how this
    >can be done.
    Yes. You can use the chroot options.

    chroot_local_user=yes [for all local users]

    or

    chroot_list_enable=yes
    chroot_list_file=/etc/vsftpd.chroot_list

    Check 'man vsftpd.conf' for more info.

    Gl
    V.
    Vwakes Guest

  3. #3

    Default Re: Restricting user to a directory with vsftpd

    Vwakes wrote:
    > On Tue, 1 Jul 2003 Todd Cary wrote:
    >
    > >Is it possible to restrict all users (I am not using anonymous) to their
    > >directory and those below? In reading the docs, I am not sure how this
    > >can be done.
    >
    > Yes. You can use the chroot options.
    >
    > chroot_local_user=yes [for all local users]
    >
    > or
    >
    > chroot_list_enable=yes
    > chroot_list_file=/etc/vsftpd.chroot_list
    >
    > Check 'man vsftpd.conf' for more info.
    >
    > Gl
    > V.
    This is my conf file, yet I can see all of the directories:

    anonymous_enable=NO
    local_enable=YES
    write_enable=YES
    local_umask=022
    dirmessage_enable=YES
    xferlog_enable=YES
    connect_from_port_20=YES
    xferlog_std_format=YES
    chroot_local_user=YES
    pam_service_name=vsftpd
    userlist_enable=YES
    tcp_wrappers=YES

    Any suggestions?

    Todd

    Todd Cary Guest

  4. #4

    Default Re: Restricting user to a directory with vsftpd

    On Wed, 2 Jul 2003 Todd Cary wrote:
    >Vwakes wrote:
    >> On Tue, 1 Jul 2003 Todd Cary wrote:
    >>
    >> >Is it possible to restrict all users (I am not using anonymous) to
    >> >their directory and those below? In reading the docs, I am not
    >> >sure how this can be done.
    >>
    >> Yes. You can use the chroot options.
    >>
    >> chroot_local_user=yes [for all local users]
    >>
    >> or
    >>
    >> chroot_list_enable=yes
    >> chroot_list_file=/etc/vsftpd.chroot_list
    >>
    >> Check 'man vsftpd.conf' for more info.
    >
    >This is my conf file, yet I can see all of the directories:
    Are you sure? Coz, I tried with the exact same configuration and it
    works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
    and typing 'pwd' what do you see? You should see something like '/', if
    you see '/home/userx' then it's not chrooted. Are you using the RH rpm
    for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
    '/etc/vsftpd.conf'.
    >anonymous_enable=NO
    >local_enable=YES
    >write_enable=YES
    >local_umask=022
    >dirmessage_enable=YES
    >xferlog_enable=YES
    >connect_from_port_20=YES
    >xferlog_std_format=YES
    >chroot_local_user=YES
    >pam_service_name=vsftpd
    >userlist_enable=YES
    >tcp_wrappers=YES
    You don't need the above option if you are running from xinetd. Check
    the manpage.
    Vwakes Guest

  5. #5

    Default Re: Restricting user to a directory with vsftpd

    Vwakes wrote:
    > On Wed, 2 Jul 2003 Todd Cary wrote:
    >
    > >Vwakes wrote:
    > >> On Tue, 1 Jul 2003 Todd Cary wrote:
    > >>
    > >> >Is it possible to restrict all users (I am not using anonymous) to
    > >> >their directory and those below? In reading the docs, I am not
    > >> >sure how this can be done.
    > >>
    > >> Yes. You can use the chroot options.
    > >>
    > >> chroot_local_user=yes [for all local users]
    > >>
    > >> or
    > >>
    > >> chroot_list_enable=yes
    > >> chroot_list_file=/etc/vsftpd.chroot_list
    > >>
    > >> Check 'man vsftpd.conf' for more info.
    > >
    > >This is my conf file, yet I can see all of the directories:
    >
    > Are you sure? Coz, I tried with the exact same configuration and it
    > works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
    > and typing 'pwd' what do you see? You should see something like '/', if
    > you see '/home/userx' then it's not chrooted. Are you using the RH rpm
    > for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
    > '/etc/vsftpd.conf'.
    >
    > >anonymous_enable=NO
    > >local_enable=YES
    > >write_enable=YES
    > >local_umask=022
    > >dirmessage_enable=YES
    > >xferlog_enable=YES
    > >connect_from_port_20=YES
    > >xferlog_std_format=YES
    > >chroot_local_user=YES
    > >pam_service_name=vsftpd
    > >userlist_enable=YES
    >
    > >tcp_wrappers=YES
    >
    > You don't need the above option if you are running from xinetd. Check
    > the manpage.
    My mistake!! I used the incorrect vsftpd.conf!! My system is the RH 9
    with the installed vsftpd and I initially used /etc/vsftpd/vsftpd.conf.
    It needed to be /etc/vsftpd.conf.

    Thank you for reminding me to check that out.

    Todd

    Todd Cary Guest

  6. #6

    Default Re: Restricting user to a directory with vsftpd

    On Wed, 2 Jul 2003 Todd Cary wrote:
    >Vwakes wrote:
    >>
    >> Are you sure? Coz, I tried with the exact same configuration and it
    >> works for me. I am using version 1.1.3 tho. As soon as you ftp
    >> yourself and typing 'pwd' what do you see? You should see something
    >> like '/', if you see '/home/userx' then it's not chrooted. Are you
    >> using the RH rpm for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf'
    >> file instead of '/etc/vsftpd.conf'. [....]
    >
    >My mistake!! I used the incorrect vsftpd.conf!! My system is the RH 9
    >with the installed vsftpd and I initially used /etc/vsftpd/vsftpd.conf.
    > It needed to be /etc/vsftpd.conf.
    It's not your mistake, its RH's. I thought VsFtpd that came with RH 9
    used /etc/vsftpd/vsftpd.conf. If it's not then it's a bug.
    Vwakes Guest

  7. #7

    Default Re: Restricting user to a directory with vsftpd

    Vwakes wrote:
    > On Wed, 2 Jul 2003 Todd Cary wrote:
    >
    > >Vwakes wrote:
    > >> On Tue, 1 Jul 2003 Todd Cary wrote:
    > >>
    > >> >Is it possible to restrict all users (I am not using anonymous) to
    > >> >their directory and those below? In reading the docs, I am not
    > >> >sure how this can be done.
    > >>
    > >> Yes. You can use the chroot options.
    > >>
    > >> chroot_local_user=yes [for all local users]
    > >>
    > >> or
    > >>
    > >> chroot_list_enable=yes
    > >> chroot_list_file=/etc/vsftpd.chroot_list
    > >>
    > >> Check 'man vsftpd.conf' for more info.
    > >
    > >This is my conf file, yet I can see all of the directories:
    >
    > Are you sure? Coz, I tried with the exact same configuration and it
    > works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
    > and typing 'pwd' what do you see? You should see something like '/', if
    > you see '/home/userx' then it's not chrooted. Are you using the RH rpm
    > for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
    > '/etc/vsftpd.conf'.
    >
    > >anonymous_enable=NO
    > >local_enable=YES
    > >write_enable=YES
    > >local_umask=022
    > >dirmessage_enable=YES
    > >xferlog_enable=YES
    > >connect_from_port_20=YES
    > >xferlog_std_format=YES
    > >chroot_local_user=YES
    > >pam_service_name=vsftpd
    > >userlist_enable=YES
    >
    > >tcp_wrappers=YES
    >
    > You don't need the above option if you are running from xinetd. Check
    > the manpage.
    Many thanks! It is hard enough getting use to the Linux
    environment...alsomt like I have never used a computer before :-) !!

    I need to recompile PHP with the Interbase extensions (and then
    recompile Apache). Conceptually I understand what needs to be done
    *BUT* the nitty-gritty is quite foreign.

    The installed version of PHP has all of the extensions I need except
    Interbase ([url]http://209.204.172.137:8080/testphp.php[/url] ). Is it possible to
    just *add* Interbase.

    If so, is there docs on how to do that and then recompile Apache?

    Todd

    Todd Cary Guest

Similar Threads

  1. User Directory Problems
    By arfore in forum Macromedia Contribute Connection Administrtion
    Replies: 3
    Last Post: November 8th, 06:08 PM
  2. Enable User Directory...
    By yzf600r in forum Macromedia Contribute General Discussion
    Replies: 1
    Last Post: February 14th, 08:14 PM
  3. Restricting access to a directory of pdf's
    By jgladnick in forum Macromedia ColdFusion
    Replies: 4
    Last Post: August 12th, 08:28 PM
  4. User directory security
    By JK in forum Linux / Unix Administration
    Replies: 9
    Last Post: June 21st, 09:59 AM
  5. Restricting telnet access to user's home directory
    By robert@wolfmedia.homelinux.org in forum Linux Setup, Configuration & Administration
    Replies: 0
    Last Post: July 22nd, 02:13 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139