Omezeni prav na FTP - wu-ftpd
adam_1 na centrum.cz
adam_1 na centrum.cz
Pátek Únor 15 22:15:06 CET 2002
Hello Lukas,
Friday, February 15, 2002, 10:02:29 PM, you wrote:
LM> Dne pá 15. únor 2002 21:14 jste napsal(a):
>> Hello linux,
>>
>> Potreboval bych nastavit ftp aby uzivatel nemohl courat po celem
>> serveru. Pouzivam RH 7.1 s ftp serverem wu-ftpd. Nekde jsem slysel
>> že se da pouzit nejaky chroot.
>>
>> pokusil jsem se upravit zaznam v passwd.
>>
>> pokus:x:500:500::/home/./pokus:/bin/false
>>
>> a shells
>>
>> /bin/false
>>
>> Uzivatel i nadale muze na serveru navstevovat co chce.
>>
>> Děkuji Adam
LM> Poslete vypis etc/ftpaccess apod, abychom videli, jak je to vubec nastavene.
LM> taky si tedka zacinam hrat s ftp serverem ...
LM> Lucas
LM> ---------------------------------------------------------------------------
LM> Meta-FAQ (odhlá±ení, archív, FAQ a dal±í): http://www.linux.cz/mailing-list
LM> TIP: Konference o UNIXu obecne: munix-l na listserv na muni.cz
--------------------------------------------------------- ftpaccess
deny-uid %-99 %65534-
deny-gid %-99 %65534-
allow-uid ftp
allow-gid ftp
guestgroup ftpchroot
# User classes...
class all real,guest,anonymous *
# Set this to your email address
email root na localhost
# Allow 5 mistyped passwords
loginfails 5
# Notify the users of README files at login and when
# changing to a different directory
readme README* login
readme README* cwd=*
# Messages displayed to the user
message /welcome.msg login
message .message cwd=*
# Allow on-the-fly compression and tarring
compress yes all
tar yes all
# Prevent anonymous users (and partially guest users)
# from executing dangerous commands
chmod no guest,anonymous
delete no anonymous
overwrite no anonymous
rename no anonymous
# Turn on logging to /var/log/xferlog
log transfers anonymous,guest,real inbound,outbound
# If /etc/shutmsg exists, don't allow logins
# see ftpshut man page
shutdown /etc/shutmsg
# Ask users to use their email address as anonymous
# password
passwd-check rfc822 warn
----------------------------------------------------------------------ftpgroups
# test:ENCRYPTED PASSWORD HERE:archive
----------------------------------------------------------------------ftpusers
# The ftpusers file is deprecated. Use deny-uid/deny-gid in ftpaccess.
root
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody
-----------------------------------------------------------------shells
/bin/bash2
/bin/bash
/bin/sh
/bin/ash
/bin/bsh
/bin/tcsh
/bin/csh
/bin/false
----------------------------------------------------------------passwd není to vse
ftp:x:14:50:FTP User:/home/ftp:
apache:x:48:48:Apache:/var/www:/bin/false
adam:x:500:300::/home/./adam:/bin/false
Adam
--
Best regards,
adam mailto:adam_1 na centrum.cz
Daląí informace o konferenci Linux