From owner-freebsd-questions@FreeBSD.ORG Wed Nov 24 21:49:12 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 076F110656C1 for ; Wed, 24 Nov 2010 21:49:12 +0000 (UTC) (envelope-from dave@g8kbv.demon.co.uk) Received: from lon1-post-1.mail.demon.net (lon1-post-1.mail.demon.net [195.173.77.148]) by mx1.freebsd.org (Postfix) with ESMTP id BF4FE8FC1D for ; Wed, 24 Nov 2010 21:49:11 +0000 (UTC) Received: from dyn-62-56-110-65.dslaccess.co.uk ([62.56.110.65] helo=[192.168.33.1]) by lon1-post-1.mail.demon.net with esmtpa (AUTH g8kbv) (Exim 4.69) id 1PLNDC-0005Ys-X3 for freebsd-questions@freebsd.org; Wed, 24 Nov 2010 21:49:10 +0000 From: "Dave" To: freebsd-questions@freebsd.org Date: Wed, 24 Nov 2010 21:49:09 -0000 MIME-Version: 1.0 Message-ID: <4CED8855.23373.40E2965D@dave.g8kbv.demon.co.uk> Priority: normal X-mailer: Pegasus Mail for Windows (4.52) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Subject: Re: new user questions. (Before I back myself into a corner!) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Nov 2010 21:49:12 -0000 Hi again. Firstly, many thanks for the responces to my questions. Much appreciated. Especialy as on other "lesser" forums (Lugs etc) I often get flamed for asking such stuff, and learn nothing as a result. OK. The FTP thing first.... Just for the heck of it, trying to use the built in server daemon, "because it's there" etc.... I've sort of got the default FTP server up and running thanks to the hints from you all, but pound to a penny, it's not optimaly configured, yet. I have two users defined, "ral" and "faros" (easy to remember, as they are the names of the two external automated systems I intend to have send data to the small website, when that's done.) Each with a unique password. Both are also members of a group "webupdater". (As an asside, creating users, regardless of what "shell" I pick from the list, I get "unknown root shell" warnings as adduser completes.) Both users can connect to the ftp server (still stuck at port 21 for now, but I'm manually starting it from the root command line) and log in with their username and password. (Both can also login to the system from the console too, not what I wanted, but...... I did try the "nologin" shell, but that prevents them from loging in to the FTP server too.) However, each user see's it's own unique homedir folder, exactly as described in the man pages, but I'd like them to see the folder structure below by default. I have created a directory '/var/site' and from that some decendant directories that mimic the existing site on the other machine. /site < the "root" folder for the FTP and WWW system. /site/60m /site/faros /site/faros/fixedimages /site/faros/parking I've been trying to use Groups, and the ftpchroot file, to get the "users" to see the /site directory as their root (for compatablility with the way things work on the other system, so I don't have to change existing batch and script files when I get to point them at this box) or their individual data directory 60m for ral and 'Faros' for Faros. However, the pages for that feature are a little thin in content detail that I can use. (I'm looking at the man pages and handbook files on the freebsd.org site) I have this in /etc/ftpchroot @webupdater /var/site And indeed, loging into the ftp server as either faros, or ral, the default directory is indeed the /site folder as I wish. As ftp users, then can traverse the tree downwards as needed, but not upwards from /site back to /var. Nice. But, neither user can read write or even see anything in those directories (only the decendant directories are visible.) Without that entry in ftpchroot, then I can indeed ftp stuff up/down/sideways to/from each user's home folder, but that's not a lot of use for what I want. I sort of understand the way the rights work (I think) but as yet I can't see a way to assign group rights to a folder tree. Navigating my way there in the console, if I do a ls -l, then I see what's sort of expected. drwxr-xr-x # root wheel 512 date time subfolder etc..... (# is a number) (when logged in as root, somewhat less, when logged in as ral or faros, but I can still list and read stuff.) Of course, the group "webupdater" is not listed, hence it's users wont be able to see or do anything. What have I missed? Can I assign group rights to a folder structure? Or, am I going about this all wrong. Problems and unfamiliarity asside, I'm sort of enjoying all this. But it's a near vertical learning curve, again... Best regards, time for the kettle to start work I think. Dave B. PS: I saw somewhere, that pureftp has had some recent security troubles. Can't find the details right now though. Ah.. Here we are.... http://www.vuxml.org/freebsd/533d20e7-f71f-11df-9ae1-000bcdf0a03b.html Like yesterday! Mind you, looking at it's features and abilities, I think I already need a second FreeBSD machine to play with to check this stuff out on. >><<