Find the answer to your Linux question:
Results 1 to 2 of 2
Well to start off, I've been a Windows guy pretty much all my life. Any job I have had to date always delt with Windows in some way, shape, or ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2005
    Posts
    1

    VSFTPd + User/Group Config


    Well to start off, I've been a Windows guy pretty much all my life. Any job I have had to date always delt with Windows in some way, shape, or form. I wasn't able to get any Linux experience through the process and now it's kicking me in the rear.

    I was recently hired by a certain organization to handle simple networking and general PC troubleshooting issues; simple enough. It's just a part time job of mine to get me through college a little easier. Now as some key members have left, I'm the last hope....literally. I'm in charge of the entire organization all of a sudden; including the network infrastructure, clients (windows / linux), and rolling out all sorts of projects that need to be done.

    Question: Could someone give me a detailed overview of how to create a structured FTP with specific privledges for certain users / groups?

    Ie.

    /var/ftp (Read only by group)
    /var/ftp/user (Full permissions by user)
    /var/ftp/pub (Full permissions by group)

    Home directories will be set to /var/ftp/user and a symbolic link Pub link will be placed in each one.

    How do I go about setting up users? Chmoding / Chowning it? How do I set up the groups correctly so the users join it?

    I know I use /sbin/nologin (Using Fedora Core 3) so they cannot login using SSH or anything; these accounts will be just for FTP right now. I need the ability to add on rights to a mail server in a few weeks though.

    Using VSFTPd, how do I make it so when the user logs in; they are forced to stay in their home directory? I don't want them able to view the entire darn Linux file system.

    I have tired and got some things to work and some didn't, I just want to know how to do it correctly before I open up port 21 on the firewall and the upper ranges for the passive transfers.

    Thanks!

  2. #2
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    Sure, we can do that. First, we need to setup the ftp root directory with the following line:

    local_root=/var/ftp

    Then, we'll enable chroot, cause you don't want those people browsing through your entire file system.

    chroot_local_user=YES

    If the useradd wasn't told to create the home directory, then you can do things manually with the following commands:

    mkdir /var/ftp/user
    chown user:group /var/ftp/user
    chmod 700 /var/ftp/user

    And, that should be it I guess.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •