Date: Tue, 16 Aug 2005 08:51:08 -0400 (EDT) From: Jerry McAllister <jerrymc@clunix.cl.msu.edu> To: stephen_honea@yahoo.com (stephen honea) Cc: freebsd-questions@freebsd.org Subject: Re: ftp security Message-ID: <200508161251.j7GCp8Gk028516@clunix.cl.msu.edu> In-Reply-To: <20050816023109.59234.qmail@web52401.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I read http://www.freebsddiary.org/ftp-anonymous.php to try and secrue my ftp server. > The author sugested to add a line to my fstab: > > /dev/ad2s2f /home/ftp/incoming ufs rw,SUIDDIR 2 2 > > however i don't have the file ad2s2f in my /dev directory > > # Device Mountpoint FStype Options Dump Pass# > /dev/ad0s1b none swap sw 0 0 > /dev/ad0s1a / ufs rw 1 1 > /dev/ad0s1e /tmp ufs rw 2 2 > /dev/ad0s1f /usr ufs rw 2 2 > /dev/ad0s1d /var ufs rw 2 2 > /dev/acd0 /cdrom cd9660 ro,noauto 0 0 > #/dev/ad0s /ftp/incoming ufs rw,SUIDDIR 2 2 > > [root]/etc- > > i don't really understand the fstab but I gather > ad0s1 is the drive and a-f is the partitions created at boot time > > basicly i am trying to sticky a directory mounted by fstab You are only partly right. The drive slice is ad0s1 - there can be up to 4 slices. The a-f (Actually a-h are possible) are partitions within the slice created when the the disk is partitioned - before a file system is built on them using newfs. To use a disk: (yes, I know you can get by with some shortcutting - don't) use fdisk to create slices 1..4 (and write the sector boot block if desired). use disklabel to create partitions in the slice[s]. use newfs to build a filesystem in each partition except swap. use mkdir to create a mount point - which is the same as a directory use mount to bind the partition to the mount point and/or edit /etc/fstab to specify the partition-mount point binding and mount -a will look through fstab and do the mounts. at boot time the equivalent of a mount -s is done. Just putting something in /etc/fstab will not be enough. The file system needs to be created first. Having a line /dev/ad2s2f /home/ftp/incoming ufs rw,SUIDIR 2 2 implies that you - have a second IDE drive in the machine and - that it has been sliced with fdisk in to at least two slices and - then the slice 2 on disk 2 has had at least an f partition created with disklabel (you can skip letters if you want, a, b, c and d are reserved for certain things by convention, though not by requirement) and - then newfs was used to create a filesystem on it and - that the directories /home (normally there anyway), /home/ftp and /home/ftp/incoming were all created by mkdir. I would skip putting it in /home myself, just to reduce typing and would just make a /ftpincoming directory right in root (/), but suit yourself on the naming and arrangement of directories. Then you can have a separate filesystem to receive incoming ftp uploads and not have them affect the other filesystems on your machine. If you are planning on allowing uploads via ftp, it is a good idea. On the other hand, if you don't want to allow ftp uploads, then just don't allow them and skip all that stuff. ////jerry > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508161251.j7GCp8Gk028516>