Date: Sat, 26 Jun 2004 22:02:14 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Bill Moran <wmoran@potentialtech.com> Cc: doc@freebsd.org Subject: Re: ftp-chroot in login.conf ... doc error? Message-ID: <20040626190214.GC1016@gothmog.gr> In-Reply-To: <20040621213819.43df0591.wmoran@potentialtech.com> References: <20040621213819.43df0591.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2004-06-21 21:38, Bill Moran <wmoran@potentialtech.com> wrote:
> In the man page for ftpd, it states that the user is chrooted if the
> login class has ftp-chroot set ... however, man 5 login.conf doesn't
> seem to mention ftp-chroot anywhere ... I appears as if the login.conf
> man page is supposed to be a comprehensive list of options ...
>
> Is one of these wrong, or am I missing something, or is there a fold
> in the space-time continuum?
Hi Bill,
The option is ftpd(8)-specific and can be disabled at compile-time by deleting
-DLOGIN_CAP from the Makefile in `/usr/src/libexec/ftpd'. This is probably
the rationale behind the current location of the option's description.
You're right though that we should probably add a description of the ftpchroot
option to login.conf(5) too, but I'm not sure if this duplication will help so
much. IMHO, if a small description is added it should probably be something
like this:
ftp-chroot If your ftpd(8) has been compiled with login.conf(5)
support, then you can set this boolean option for a
user class to tell ftpd(8) that it should use
chroot(2) to restrict the specific class of users in
their HOME directory after they have successfully
authenticated.
Does this look ok as an addition to login.conf(5)?
> Heh ... while I'm on the topic, I'm looking for a way to set an
> option so the user is chrooted to his home dir whether he sshes,
> scps, or ftps ... doesn't look like that's in the docs either ;)
I'm not sure if there's a general way to do this for all programs that provide
access to the filesystem in some way :-(
- Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040626190214.GC1016>