new user questions. (Before I back myself into a corner!)

Dave dave at
Wed Nov 24 21:49:12 UTC 2010

Hi again.

Firstly, many thanks for the responces to my questions.  Much 
appreciated.   Especialy as on other "lesser" forums (Lugs etc) I often 
get flamed for asking such stuff, and learn nothing as a result.

OK.   The FTP thing first....   Just for the heck of it, trying to use 
the built in server daemon, "because it's there" etc....

I've sort of got the default FTP server up and running thanks to the 
hints from you all, but pound to a penny, it's not optimaly configured, 

I have two users defined, "ral" and "faros" (easy to remember, as they 
are the names of the two external automated systems I intend to have send 
data to the small website, when that's done.) Each with a unique 

Both are also members of a group "webupdater".

(As an asside, creating users, regardless of what "shell" I pick from the 
list, I get "unknown root shell" warnings as adduser completes.)

Both users can connect to the ftp server (still stuck at port 21 for now, 
but I'm manually starting it from the root command line) and log in with 
their username and password.

(Both can also login to the system from the console too, not what I 
wanted, but......   I did try the "nologin" shell, but that prevents them 
from loging in to the FTP server too.)

However, each user see's it's own unique homedir folder, exactly as 
described in the man pages, but I'd like them to see the folder structure 
below by default.

I have created a directory '/var/site' and from that some decendant 
directories that mimic the existing site on the other machine.

/site				< the "root" folder for the FTP and WWW system.

I've been trying to use Groups, and the ftpchroot file, to get the 
"users" to see the /site directory as their root (for compatablility with 
the way things work on the other system, so I don't have to change 
existing batch and script files when I get to point them at this box) or 
their individual data directory 60m for ral and 'Faros' for Faros.

However, the pages for that feature are a little thin in content detail 
that I can use.  (I'm looking at the man pages and handbook files on the site)

I have this in /etc/ftpchroot
@webupdater /var/site

And indeed, loging into the ftp server as either faros, or ral, the 
default directory is indeed the /site folder as I wish.  As ftp users, 
then can traverse the tree downwards as needed, but not upwards from 
/site back to /var.  Nice.

But, neither user can read write or even see anything in those 
directories (only the decendant directories are visible.)

Without that entry in ftpchroot, then I can indeed ftp stuff 
up/down/sideways to/from each user's home folder, but that's not a lot of 
use for what I want.

I sort of understand the way the rights work (I think) but as yet I can't 
see a way to assign group rights to a folder tree.

Navigating my way there in the console, if I do a ls -l, then I see 
what's sort of expected.
drwxr-xr-x # root  wheel 512 date time subfolder     etc.....
(# is a number)   (when logged in as root, somewhat less, when logged in 
as ral or faros, but I can still list and read stuff.)

Of course, the group "webupdater" is not listed, hence it's users wont be 
able to see or do anything.

What have I missed?   Can I assign group rights to a folder structure?  
Or, am I going about this all wrong.

Problems and unfamiliarity asside, I'm sort of enjoying all this.  But 
it's a near vertical learning curve, again...

Best regards, time for the kettle to start work I think.

Dave B.

PS:	I saw somewhere, that pureftp has had some recent security troubles.  
Can't find the details right now though.

Ah..  Here we are....  
Like yesterday!

Mind you, looking at it's features and abilities, I think I already need 
a second FreeBSD machine to play with to check this stuff out on.


More information about the freebsd-questions mailing list