Results 1 to 3 of 3
I need to install FTP server in my company for file sharing, backup, and archiving. I use CentOS 6.4 64bit and the latest version of vsftpd. I was able to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-29-2013 #1
- Join Date
- Nov 2013
VsFTPD need help, permissions, groups...
I use CentOS 6.4 64bit and the latest version of vsftpd.
I was able to install and do basic configuration of the vsftpd FTP server, that is:
- Set up a couple of virtual users who do not have the permission to access anything but their home folder and its content, using this guide howtoforge.com/vsftpd-local-and-virtual-users-with-bash-scripts-for-user-maintenance-centos-6.0]vsftpd: Local And Virtual Users With Bash Scripts For User Maintainance (CentOS 6.0) | HowtoForge - Linux Howtos and Tutorials
- I installed the certificate and enabled the use of SFTP .
I'd like to make vsftpd server do the following:
- There are three groups of users, so that each group has some number of users. Users have theirs own home folder, which are located in the home folder of the group, which are located in home folder of FTP server.
- User Nick (rookie) can't leave his home folder, and user Chris (senior staff) has permission to see the content of group's home folder /var/ftp/groupa2, but he doesn't have permission to change folder in any way.
- Other than administrator, there should be another user, director, who has permission to access, delete, or change files and folders in subfolders of all groups and users, but he shouldn't be able to leave the /var/ftp.
- This is how it should look:
/var/ftp/ - server
/var/ftp/group1 - home folder groups
/var/ftp/group1/nick - home folder users
/var/ftp/group2/chris - home folder users
My questions are:
- Where should be the location of director's home folder?
- How can I make groups of FTP users in vsftpd when using virtual users? And how can I join virtual users to the group?
- How can I make each group has its own users who can access a group folder and theirs home folder which is a sub folder of group folders?
- Is it possible for a user to be a member of several groups? If possible how can this be done?
- Is it possible to enable user to read, write and delete files in his home folder, and to have only read only permissions in his groups home folder? If yes how?
Any help will be much appreciated?
- 12-01-2013 #2
- Join Date
- Jul 2003
- Stockholm, Sweden
Apologies for not answering your question directly but here is how I have solved pretty much the same scenario at my workplace.
* Use the sFTP features of ssh, it is compatible with (all?) client software that I have found like FileZilla on windows
* You configure permissions at the end of /etc/ssh/sshd_config and use normal unix user/group permissions.
* Works with ldap
If you want to try going down that path I can help you with some more detailed configuration examples.
- 12-02-2013 #3
- Join Date
- Nov 2013
Hay and thanks for replay on my post. I have couple question about this scenario and way you did it?
Have you tried to solve your problem with vsFTPd or some other ftp software?
If you are, why you gave up from using vsFTPd, whether because of problems in configuration or because it is not possible to make it work as planned?
Hey and thanks for your replay on my post.
I have a couple questions about this scenario and way you did it?
Have you tried to solve your problem with vsFTPd or some other FTP software?
If you had, why did you give up from using vsFTPd?
Was it because of problems in configuration or because it is not possible to make it work as described in my first post?
Can you please post a list of software packages/programs you have used to solve your problem? (which FTP software packages if any, do you use LDAP and if you do, what do you use to manage LDAP)
I'm stuck on the method I am trying. I just can't find the way to set all permissions as described.
I am definitely interested to try implementing it a way you purpose. Detailed information about configuration and user permissions would much appreciated. Thanks