Date: Mon, 8 Jul 2002 11:37:57 +0200 From: "Patrick O'Reilly" <bsd@perimeter.co.za> To: "Peter Brezny" <pbrezny@purplecat.net>, <freebsd-questions@FreeBSD.ORG> Subject: Re: a default ftpchroot entry? Message-ID: <024901c22663$29a433c0$b50d030a@PATRICK> References: <NEBBIGLHNDFEJMMIEGOOEEIMFCAA.pbrezny@purplecat.net>
index | next in thread | previous in thread | raw e-mail
----- Original Message -----
From: "Peter Brezny" <pbrezny@purplecat.net>
> Is there a way to have a wildcard in the /etc/ftpchroot file in
combination
> with an 'exculded' list so that every new user is restricted to their
> directory?
Hey Peter - are you still hacking away???
ftpchroot supports group names as well as user names. What I've done is
create a group called 'email' for email only accounts, and a group
called 'ftp' for accounts which have ftp access.
Then, in /etc/ftpchroot I have this line:
---
@ftp
---
and in /etc/ftpusers I have this line:
---
@email
---
This prevents email users from doing FTP at all, and applies chroot to
all users who belong to group 'ftp', based on the home directory
specified in /etc/passwd.
Members of other groups ('wheel', etc) can connect and are not chrooted.
You will probably need to develop a variation of this plan to meet your
needs.
HTH.
Regards,
Patrick O'Reilly.
___ _ __
/ _ )__ __ (_)_ __ ___ _/ /____ __
/ __/ -_) _) / ~ ) -_), ,-/ -_) _)
/_/ \__/_//_/_/~/_/\__/ \__/\__/_/
http://www.perimeter.co.za
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?024901c22663$29a433c0$b50d030a>