Date: Sun, 04 Apr 2004 08:56:51 -0700 From: Drew Tomlinson <drew@mykitchentable.net> To: Mark <admin@asarian-host.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Symlinks & chroot - Is it Possible? Message-ID: <40703043.4040908@mykitchentable.net> In-Reply-To: <200404032013.I33KDPWD023137@asarian-host.net> References: <406EF598.5000508@mykitchentable.net> <200404032013.I33KDPWD023137@asarian-host.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/3/2004 12:13 PM Mark wrote: >Drew Tomlinson wrote: > > > >>I have a few users that I wish to allow FTP access on my >>4.9-RELEASE-p4 system. I've setup their accounts and added them to >>/etc/ftpchroot to lock them into their login directories. >>They are in the standard /home/user dirs. >> >>However, I want all of them to have access to another directory >>(/ftp/share) that is setup read-only. I tried adding a symlink to >>/ftp/share but I've found this doesn't work when the user is chrooted. >> >> > > >True. A symlink cannot traverse 'up' the chroot; only a hardlink can (to a >file). Personally, I would not use something as beta as "mount_null". When >the man pages say: "(READ: IT DOESN'T WORK)", I would stay clear of it. > >There are other ways, though. You say your chroot is at: > > /etc/ftpchroot > > Thank you for your reply. No, I created the file /etc/ftpchroot to chroot the user at /home/<username>. Sorry for the confusion. >I'm not necessarily sure whether the root-partition is the best place for a >chroot; > Agreed. >but working from that fact, you could "reverse" the condition. >Instead of trying to link to /ftp/share, from within the chroot, you could >do the opposite: first create the following directory: > > /etc/ftpchroot/ftp/share > >Then, in /ftp/, symlink to within the chrooted dir: > > share -> /etc/ftpchroot/ftp/share > >Then "/ftp/share" is accessible from both the 'real' and the chrooted >environment, pointing to the same directory. > > Short of another solution, I may move things around to implement your suggestion. Thanks, Drew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40703043.4040908>