From owner-freebsd-isp Tue Jul 22 17:42:58 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA11405 for isp-outgoing; Tue, 22 Jul 1997 17:42:58 -0700 (PDT) Received: from m20.morelr.com (morelr.com [206.240.28.121]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA11400 for ; Tue, 22 Jul 1997 17:42:52 -0700 (PDT) Received: from m3 (m3 [206.240.30.3]) by m20.morelr.com (8.8.5/8.8.5) with SMTP id TAA24841 for ; Tue, 22 Jul 1997 19:42:45 -0500 (CDT) Message-Id: <2.2.32.19970723004250.00908ac8@mail.morelr.com> X-Sender: rmorel@mail.morelr.com X-Mailer: Windows Eudora Pro Version 2.2 (32) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Tue, 22 Jul 1997 19:42:50 -0500 To: isp@FreeBSD.ORG From: Rick Morel Subject: FTP Problem Solved! Sender: owner-freebsd-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Thanks to everyone who replied. Here's what I found and did, kind of piecing together everything from several sources. Add to file "ftpaccess" (in /usr/local/etc/) guestgroup ftp Create a group "ftp" and add the users to that group. The entry in "group" (in /etc/) would look like: ftp:*:1001:user1,user2,user3,user4 (I'm just showing the user name(s) as "user1", "user2", etc.) Do a "chsh" on each user, changing the Home Directory entry like so: Home directory: /usr/home/user1/./ The entry in the passwd file now looks like: user1:*:1022:1000:Joe Blow:/usr/home/user1/./:/bin/sh The "/./" after the user name means wu-ftp will "chroot /usr/home/user1" And now, the final thing that made it all work...... Be _SURE_ to make a "bin" directory under the user's home, and put "ls" in it. This, thanks to Susie Ward . NOWHERE could I find this in the man pages or FAQ's, which I really, honestly did check before asking originally. Again, thanks to all. I hope this little "cookbook" email helps others. In answer to "Why would anyone want an FTP that only let regular users into their own home directory?" Surely if this list is for ISPs, everyone would know the answer! Or am I wrong in thinking ISP here stands for "Internet Service Provider"? Boy, will I feel like a dufus if I've misread ISP!!!!!!! Assuming I'm not a dufus, get into the ISP business for a year or so and I absolutely guarantee you'll know. You'll find things like your Majordomo config files, complete with passwords posted on some web page and/or someone else adminstering your lists. Anything that can be seen and read can be used by some folks. It's a shame, it's not the "old 'net", but it is a fact. Rick Morel