Date: Mon, 11 Oct 1999 16:30:10 -0500 (CDT) From: James Wyatt <jwyatt@rwsystems.net> To: Ryan Thompson <freebsd@sasknow.com> Cc: freebsd-isp@freebsd.org Subject: Re: Chroot and ~/bin, ~/etc. Better way? Message-ID: <Pine.BSF.4.10.9910111606070.30594-100000@bsdie.rwsystems.net> In-Reply-To: <Pine.BSF.4.10.9910111251500.9384-100000@sasknow.com>
next in thread | previous in thread | raw e-mail | index | archive | help
We considered having all the ftpgroup users share ~/bin and ~/etc dirs with linked copys of the files, but figured that if anyone of them could somehow find a way to update their /bin/ls or something, they could trojan it for the others. They could also try cracking the other accounts if they knew of them in the shared password file - though they wouldn't have the crypted passwords. Obviously symlinks wouldn't work in a chroot()ed env. We also couldn't think of anything better to support users changing their own passwords than having /bin/passwd as their shell. EDI users usually don't change their passwords often anyway... Having something that copied a common one to all user dirsets in the ftpuser group was the best we could think of at the time... - Jy@ On Mon, 11 Oct 1999, Ryan Thompson wrote: > Hi everybody; Hi Dr. Nick! (for Simpsons fans) > If this message looks a tad familiar, I posted a similar one to -questions > a couple of weeks ago or so. I'm just trying again :-) > > Basically, I'm just looking for an easier solution for maintaining the bin > and etc directories in user directories. The ~/bin directory isn't bad, > as global changes to these directories are seldom at best on my system. > ~/etc, however, must be updated every time the password file is changed, > and I update my (ftp)motd files semi-frequently, as well. The majority of > my users have ftp accounts only, (thus, chroot is done by ftpd), but there > are still a few with shell accounts. > > Is there a way to maintain ONE copy of /bin and /etc and have it apply to > all chroot'd users? Perhaps I DO need to write a script to periodically > sync the home direcories' copies with my master copy. I would hope for a > more elegant solution, though. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9910111606070.30594-100000>