From owner-freebsd-questions@FreeBSD.ORG Thu Apr 3 15:53:56 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6D8B106564A for ; Thu, 3 Apr 2008 15:53:56 +0000 (UTC) (envelope-from phatbuckett@gmail.com) Received: from el-out-1112.google.com (el-out-1112.google.com [209.85.162.183]) by mx1.freebsd.org (Postfix) with ESMTP id F1EE48FC1E for ; Thu, 3 Apr 2008 15:53:55 +0000 (UTC) (envelope-from phatbuckett@gmail.com) Received: by el-out-1112.google.com with SMTP id v27so1602378ele.12 for ; Thu, 03 Apr 2008 08:53:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=63ilaVdOchT5TsIufZNqr1BRS6FKSXJ+0w2wXKQCj8g=; b=S26/btZUsjJLYuQwuNlNzhuuBaruIuCbGwhpEA+C7nFw5hggidfEq1PZzJnXv4RsqZWbD99ZTCxe0iHkmGr44FSbYu4llgDbmgu1u5d//e9Fky7mQOfGa7CvYAQG1AlW5iW9AmivokfVQbBKa68nKcEEeZN+DUFlPvhAxQD7qyk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=VZrOm76e8mA4OKbgYmT00l+hv9YXipRSqCsWVfHEwTCOsvqN0DWCrse/tMcCusl02cV1VM8BM2c8S/2jQzrLXKFNh/g9cv0MKpBgKyqdzrqAib+P6c6weAQiUit3Saa4og6BfEwFBjQX3n6/SK6sdpivNOHbcftmxL2FXQPLhmY= Received: by 10.115.54.1 with SMTP id g1mr17623237wak.136.1207238033188; Thu, 03 Apr 2008 08:53:53 -0700 (PDT) Received: by 10.114.47.12 with HTTP; Thu, 3 Apr 2008 08:53:53 -0700 (PDT) Message-ID: <839aec700804030853j5314b6c0j7fbcdf6d16858568@mail.gmail.com> Date: Thu, 3 Apr 2008 08:53:53 -0700 From: "Darren Spruell" To: "Victor Farah" In-Reply-To: <47F4F65E.3080007@netmediaservices.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47F4F65E.3080007@netmediaservices.net> Cc: freebsd-questions@freebsd.org Subject: Re: ftpd help X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2008 15:53:56 -0000 On Thu, Apr 3, 2008 at 8:23 AM, Victor Farah wrote: > Hey > I have a default install of freebsd 6.2, and I enable ftpd in inetd. > That all works nicely, I add a user to the system that needs to access ONLY > two directories that are in two different places. > For example: /usr/local/www/dir1 and /usr/local/www/dir2/ > > There are many directories in /usr/local/www/ that this person SHOULD not > have access too. I also made this person a home directory: > /usr/home/personX/. I then made the symlinks to the two directories they > need to access. After all that setup I went into my /etc/ftpchroot file and > added the following line: > personX > saved and I try to log on to test to see if it is locked in the home > directory but has access to the two other directories they need. > Does work, is there anyway to do this with the default ftpd package that > comes with this? If you're attempting to restrict this FTP user to their home directory, then symlinks to directories outside of their home directory won't be accessible; this is the nature of chroot. You could create those directories in that user's home directory and create symlinks to those directories in the web directories (the opposite of what you have) and that might work how you want. If the permissions on your user's home directory are restricted you'd probably have to modify permissions so that the web user could access them. -- Darren Spruell phatbuckett@gmail.com