Date: Sat, 06 Jun 1998 22:16:22 -0700 From: Jerry Preeper <preeper@cts.com> To: freebsd-questions@FreeBSD.ORG Subject: guest users and ftpd Message-ID: <3.0.5.32.19980606221622.00831e20@crash.cts.com>
next in thread | raw e-mail | index | archive | help
I have been following all of the instructions in the various emails and manpages to create groups of users that will only have ftp access to the server. I'm almost there I think, but it doesn't quite work. The short of it is that if I take the -a flag off the ftp line from inetd.conf the user is granted access but can browse anywhere throughout the server, which I don't want to allow - but rather restrict them to their directory. ls support is built in (login without the -a option shows Version 6.00LS) Using the -al option in inetd.conf (I have done killall -1 inetd after making the changes), I always either get a connection failed message as follows: Connected to xxx.xx.xx.x port 21 ftpd: invalid address for -a Any ideas on what I am missing here? Jerry Preeper ------------------------------------------ Details of applicable files are: ------------------------------------------ I created a user and then modified the /etc/passwd file to chroot the user like this: username:*:6101:6100:Real Name:/www/dirname/htdocs/aaa/username/./:/bin/ftponly The group file shows 6101 as a member of 6100 At /bin/ftponly is a small script as follows (comments removed) - chmod 755 owner bin.bin : <bigger>trap "/bin/echo Sorry; exit 0" 1 2 3 4 5 6 7 10 15 IFS="" Admin=admin@hostname.com System=`SiteName` /bin/echo /bin/echo "********************************************************************" /bin/echo " You are NOT allowed interactive access to $System." /bin/echo /bin/echo " User accounts are restricted to ftp and web access." /bin/echo /bin/echo " Direct questions concerning this policy to $Admin." /bin/echo "********************************************************************" /bin/echo exit 0 </bigger> The ftp line from inetd.conf is: ftp stream tcp nowait root /usr/local/libexec/tcpd ftpd -al I have created the most basic ftpaccess file in /usr/local/etc to see if I can get it to work without most of the options as follows (comments removed) chmod 600 owner root.wheel : <bigger>guestgroup group1 guestgroup group2 guestgroup group3 guestgroup group4 guestgroup group5 class all real,guest,anonymous * limit all 100 Any # /etc/msgs/msg.toomany readme README* login readme README* cwd=* shutdown /etc/shutmsg email user@hostname </bigger> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19980606221622.00831e20>