From owner-freebsd-questions  Mon Nov 27 14:11:50 1995
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id OAA03571
          for questions-outgoing; Mon, 27 Nov 1995 14:11:50 -0800
Received: from alpha.dsu.edu (ghelmer@alpha.dsu.edu [138.247.32.12])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id OAA03565
          for <questions@freebsd.org>; Mon, 27 Nov 1995 14:11:44 -0800
Received: (from ghelmer@localhost) by alpha.dsu.edu (8.7.1/8.7.1) id QAA10374; Mon, 27 Nov 1995 16:11:39 -0600 (CST)
Date: Mon, 27 Nov 1995 16:11:38 -0600 (CST)
From: Guy Helmer <ghelmer@alpha.dsu.edu>
To: Raul Zighelboim <mango@communique.net>
cc: questions@freebsd.org
Subject: Re: Secure ftp under FreeBSD...
In-Reply-To: <Pine.A32.3.91.951127112228.8153E-100000@ryu.communique.net>
Message-ID: <Pine.OSF.3.91.951127155255.9704A-100000@alpha.dsu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@freebsd.org
Precedence: bulk

On Mon, 27 Nov 1995, Raul Zighelboim wrote:

> I am trying to set secure ftp on a FreeBSD box;  ie, all my users can ftp
> into the box, but, as they get in, I want to chroot them to their home 
> directory...

Interesting -- I'd be interested in hearing how you solve the need for
"/bin/ls" relative to each user's home directory...

> My first problem was that every user is set to his own group; easily fixed
> by adding them to another group...
> 
> Now, it seems that the '/etc/groups' line is restricted to ~1000 characters
> (or is ~ 1000/6 users ?).  Is there a way to overcome this ?  OR does 
> this question belongs to some wu-ftp maillist ?

Yes, getgrent(3) and friends use a fixed-size buffer (1024 bytes, I 
believe) to read and parse the lines in /etc/group.  This problem was 
recently discussed on the alpha-osf-managers list; one hack to overcome 
this limitation was to split the group members over multiple lines but 
using the same GID, like:

group:678:*:lots,of,members
group1:678:*:more,members

Unfortunately, it's not a general solution (due to the different group 
names for each line), but it may work for you...

> Raul Zighelboim                         e-mail:    mango@communique.net  
> Communique Inc.                            Tel:    504.527.6200
> Technical Specialist                       Fax:    504.527.6030 

Guy Helmer, Dakota State University Computing Services - ghelmer@alpha.dsu.edu