From owner-freebsd-questions@FreeBSD.ORG Fri Jun 3 21:01:29 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B3DA016A41C for ; Fri, 3 Jun 2005 21:01:29 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) Received: from out3.smtp.messagingengine.com (out3.smtp.messagingengine.com [66.111.4.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D75443D1D for ; Fri, 3 Jun 2005 21:01:24 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) Received: from frontend2.messagingengine.com (frontend2.internal [10.202.2.151]) by frontend1.messagingengine.com (Postfix) with ESMTP id A0713C98A38; Fri, 3 Jun 2005 17:01:23 -0400 (EDT) X-Sasl-enc: DknZa4fWxRxeEE2HTQcB09aeYdHrp8L+RJh/Q1jwe+bs 1117832480 Received: from gentoo-npk.bmp.ub (unknown [206.27.244.136]) by www.fastmail.fm (Postfix) with ESMTP id 771B157034F; Fri, 3 Jun 2005 17:01:20 -0400 (EDT) Received: from nkinkade by gentoo-npk.bmp.ub with local (Exim 4.21) id 1DeJI8-0003LS-40; Fri, 03 Jun 2005 15:01:20 -0600 Date: Fri, 3 Jun 2005 15:01:20 -0600 From: Nathan Kinkade To: Denny Jodeit Message-ID: <20050603210120.GD21127@gentoo-npk.bmp.ub> Mail-Followup-To: Denny Jodeit , freebsd-questions@freebsd.org References: <20050603200203.GB21127@gentoo-npk.bmp.ub> <003401c5687a$743730c0$59830acf@dennylaptop2> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="r5UKZFo5ar5Icv+k" Content-Disposition: inline In-Reply-To: <003401c5687a$743730c0$59830acf@dennylaptop2> X-PGP-Fingerprint: 3FDF A406 B149 3959 A8CB C5A9 3B46 4812 D852 7E49 User-Agent: Mutt/1.5.6i Sender: Cc: freebsd-questions@freebsd.org Subject: Re: ftpchroot X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nathan Kinkade List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2005 21:01:29 -0000 --r5UKZFo5ar5Icv+k Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 03, 2005 at 04:25:59PM -0400, Denny Jodeit wrote: >=20 > On Fri, Jun 03, 2005 at 03:40:46PM -0400, Denny Jodeit wrote: > > Hello, > >=20 > > I'm trying to restrict an ftp user to a particular directory. I've=20 > > written an ftpchroot file, as follows: > >=20 > > Username /var/spool/ftp/ ./Username/photos > >=20 > >=20 > > After I write the file and restart inetd, I am not able to login to=20 > > ftp with this user account at all. I have RTFM and evidently don't get >=20 > > it... > >=20 > > Thanks in advance for any and all suggestions. > >=20 > > Denny >=20 > Is that a space character in the path above? If so, I don't think it > should be there. Have you tried just using the line: >=20 > username /var/spool/ftp >=20 > ... to see if the chroot works at all? If so, then try adding user > specific subdirs of the chroot (without the space before the ``.'') >=20 > Nathan >=20 > Yes.... > I've eliminated the space and restarted inetd and could not login to ftp > with this particular username at all. > I've changed the file to reflect your suggestion, same results...which > as you indicate, would mean chroot is not working at all. >=20 > If I remove the ftpchroot file altogether, I can login to ftp, but > obviously not in the directory I wish the account to go to. >=20 > Denny What are the permissions of the directory /var/spool/ftp? Make sure that the user with which you are attempting to login has at lease execture permissions for the directory in questions. Also, what specific error are you getting from your ftp client? Nathan --r5UKZFo5ar5Icv+k Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCoMUgO0ZIEthSfkkRAumhAJ46+4p6nvdR5VgBatZ+FCTAAj+VJwCeKquS K+yOcSG47113eaH7JT6WTrw= =sVap -----END PGP SIGNATURE----- --r5UKZFo5ar5Icv+k--