Results 1 to 2 of 2
Well to start off, I've been a Windows guy pretty much all my life. Any job I have had to date always delt with Windows in some way, shape, or ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 04-04-2005 #1
- Join Date
- Apr 2005
VSFTPd + User/Group Config
I was recently hired by a certain organization to handle simple networking and general PC troubleshooting issues; simple enough. It's just a part time job of mine to get me through college a little easier. Now as some key members have left, I'm the last hope....literally. I'm in charge of the entire organization all of a sudden; including the network infrastructure, clients (windows / linux), and rolling out all sorts of projects that need to be done.
Question: Could someone give me a detailed overview of how to create a structured FTP with specific privledges for certain users / groups?
/var/ftp (Read only by group)
/var/ftp/user (Full permissions by user)
/var/ftp/pub (Full permissions by group)
Home directories will be set to /var/ftp/user and a symbolic link Pub link will be placed in each one.
How do I go about setting up users? Chmoding / Chowning it? How do I set up the groups correctly so the users join it?
I know I use /sbin/nologin (Using Fedora Core 3) so they cannot login using SSH or anything; these accounts will be just for FTP right now. I need the ability to add on rights to a mail server in a few weeks though.
Using VSFTPd, how do I make it so when the user logs in; they are forced to stay in their home directory? I don't want them able to view the entire darn Linux file system.
I have tired and got some things to work and some didn't, I just want to know how to do it correctly before I open up port 21 on the firewall and the upper ranges for the passive transfers.
- 04-04-2005 #2
- Join Date
- Mar 2005
Sure, we can do that. First, we need to setup the ftp root directory with the following line:
Then, we'll enable chroot, cause you don't want those people browsing through your entire file system.
If the useradd wasn't told to create the home directory, then you can do things manually with the following commands:
chown user:group /var/ftp/user
chmod 700 /var/ftp/user
And, that should be it I guess.