From owner-freebsd-questions@FreeBSD.ORG Thu Oct 2 12:46:21 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CF5116A4B3 for ; Thu, 2 Oct 2003 12:46:21 -0700 (PDT) Received: from remt25.cluster1.charter.net (remt25.cluster1.charter.net [209.225.8.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7FE9943F93 for ; Thu, 2 Oct 2003 12:46:18 -0700 (PDT) (envelope-from chowse@charter.net) Received: from [66.168.145.25] (HELO moe) by remt25.cluster1.charter.net (CommuniGate Pro SMTP 4.0.6) with ESMTP id 11926204; Thu, 02 Oct 2003 15:46:15 -0400 From: "Charles Howse" To: Date: Thu, 2 Oct 2003 14:46:03 -0500 Message-ID: <000001c3891d$d3a6b280$04fea8c0@moe> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: chris@scary.beasts.org Subject: Vsftpd not chown'ing uploads X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Oct 2003 19:46:21 -0000 Hi, I've Googled half the day for a soultion to this, no joy. I'm CC'ing the author in case no one in the list knows the answer. I don't want the user 'virtual' to be able to delete the files they upload. When 'virtual' uploads a file, it winds up belonging to: virtual wheel, and he can delete the file. He cannot delete files in any other directory. Virtual is *not* a member of the wheel group. How can I configure things so that 'virtual' can upload files, see them, but not delete them? Details: I'm using vsftpd-1.2.0 on FBSD 4.8-RELEASE-p10. I've created a symlink in /var called 'ftp' that points to /usr/ftp for disk space reasons. The directory structure in /usr/ftp is as follows: [charles@curly ~]$ ls -l /usr/ftp total 12 drwxr-xr-x 8 root wheel 512 Sep 23 06:16 Applications drwxr-xr-x 2 root wheel 2048 Sep 23 06:18 Bash Scripts drwxr-xr-x 2 root wheel 1024 Sep 23 06:18 Tech Docs drwxrwxrwx 2 root wheel 512 Oct 2 13:15 Uploads drwxr-xr-x 4 root wheel 512 Sep 23 06:19 Utilities drwxr-xr-x 11 root wheel 512 Sep 23 06:21 eBooks [charles@curly ~]$ cat /etc/inetd.conf | grep vsftpd ftp stream tcp nowait root /usr/local/libexec/vsftpd vsftpd The only login I allow outsiders is: user: virtual. [charles@curly ~]$ cat /etc/passwd | grep virtual virtual:*:1000:1000:Virtual User:/var/ftp:/usr/local/bin/bash My vsftpd.conf: [charles@curly ~]$ cat /usr/local/etc/vsftpd.conf # Access rights anonymous_enable=3DNO local_enable=3DYES write_enable=3DYES # Security chown_uploads=3DYES chown_username=3Dnobody chroot_local_user=3DYES anon_world_readable_only=3DYES connect_from_port_20=3DYES hide_ids=3DYES pasv_min_port=3D50000 pasv_max_port=3D60000 # Features banner_file=3D/usr/local/etc/vsftpd.banner xferlog_enable=3DYES ls_recurse_enable=3DNO ascii_download_enable=3DNO async_abor_enable=3DYES # Performance idle_session_timeout=3D120 data_connection_timeout=3D300 accept_timeout=3D60 connect_timeout=3D60 anon_max_rate=3D50000 Thanks, Charles Got a computer with idle CPU time? Join SETI@home and help make history! http://setiathome.ssl.berkeley.edu/