[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [linux-team] Chroot... mon cauchemard
j utlise
wu-ftpd
mais en changeant le HOME ca marhe pas ...
-----Original Message-----
From: Pascal Bleser [mailto:pbleser@atos-group.com]
Sent: Thursday 3 August 2000 11:54
To: linux-team@rtfm.be
Subject: Re: [linux-team] Chroot... mon cauchemard
> A la demande de certaines personnes, je voudrais pouvoir empecher un
> utilisateur ftp de remonter plus loin que son $HOME.
> La commande chroot devrait pouvoir faire ceci...
ouaip, coup classique ;)
> Je dis bien devrait car je ne trouve que peu de renseignements sur son
> utilisation.
> Pourriez-vous soit me dire comment procéder soit m'indiquer une page qui
me
> renseignerait ??
Tu utilises quel démon FTP ?
wu-ftpd:
========
change la HOME des utilisateurs en questions, p.ex.:
/home/./foo
au lieu de
/home/foo
p.ex.:
for user in foo blah spam eggs; do
usermod -d /home/./$user $user
done
ProFTPd:
========
1) crée un groupe UNIX dans lequel tu mets tous ces utilisateurs (dont
l'accès
FTP doit être chrooté), p.ex.:
groupadd -g 1000 ftpchrt
# ensuite, ajouter les utilisateurs à ce groupe:
for user in foo blah spam eggs; do
usermod -G $(id -Gn $user|sed 's/ /,/g'),ftpchrt $user
done
2) ajouter une directive à /etc/proftpd.conf:
DefaultRoot ~ ftpchrt
PS: je te conseille plutôt ProFTPd: la configuration est mieux
documentée (cf. dans
/usr/doc/packages/proftpd/Configuration.html) et plus flexible que
wu-ftpd.
--
-o) / Pascal Bleser ATOS Payment Systems|
/\\ \ C++/UNIX Development Aachen, Germany|
_\_v \<guru@linuxbe.org> <pbleser@atos-group.com>|
---------------------------------------------------|
/earth is 98% full... please delete anyone you can.:
---------------------------------------------------'
--------
Visit the Linux Supertore Online: http://www.redcorp.com !
If you want to be deleted from the list, send a mail to
majordomo@rtfm.be with "unsubscribe linux-team" in the body.
Archive of the list: http://tania.be.linux.org/
**** DISCLAIMER ****
"This e-mail and any attachments thereto may contain information
which is confidential and/or protected by intellectual property
rights and are intended for the sole use of the recipient(s) named above.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form)
by persons other than the designated recipient(s) is prohibited.
If you have received this e-mail in error, please notify the sender either
by telephone or by e-mail and delete the material from any computer.
Thank you for your cooperation."
--------
Visit the Linux Supertore Online: http://www.redcorp.com !
If you want to be deleted from the list, send a mail to
majordomo@rtfm.be with "unsubscribe linux-team" in the body.
Archive of the list: http://tania.be.linux.org/