new user questions. (Before I back myself into a corner!)
Dave
dave at g8kbv.demon.co.uk
Wed Nov 24 21:49:12 UTC 2010
Hi again.
Firstly, many thanks for the responces to my questions. Much
appreciated. Especialy as on other "lesser" forums (Lugs etc) I often
get flamed for asking such stuff, and learn nothing as a result.
OK. The FTP thing first.... Just for the heck of it, trying to use
the built in server daemon, "because it's there" etc....
I've sort of got the default FTP server up and running thanks to the
hints from you all, but pound to a penny, it's not optimaly configured,
yet.
I have two users defined, "ral" and "faros" (easy to remember, as they
are the names of the two external automated systems I intend to have send
data to the small website, when that's done.) Each with a unique
password.
Both are also members of a group "webupdater".
(As an asside, creating users, regardless of what "shell" I pick from the
list, I get "unknown root shell" warnings as adduser completes.)
Both users can connect to the ftp server (still stuck at port 21 for now,
but I'm manually starting it from the root command line) and log in with
their username and password.
(Both can also login to the system from the console too, not what I
wanted, but...... I did try the "nologin" shell, but that prevents them
from loging in to the FTP server too.)
However, each user see's it's own unique homedir folder, exactly as
described in the man pages, but I'd like them to see the folder structure
below by default.
I have created a directory '/var/site' and from that some decendant
directories that mimic the existing site on the other machine.
/site < the "root" folder for the FTP and WWW system.
/site/60m
/site/faros
/site/faros/fixedimages
/site/faros/parking
I've been trying to use Groups, and the ftpchroot file, to get the
"users" to see the /site directory as their root (for compatablility with
the way things work on the other system, so I don't have to change
existing batch and script files when I get to point them at this box) or
their individual data directory 60m for ral and 'Faros' for Faros.
However, the pages for that feature are a little thin in content detail
that I can use. (I'm looking at the man pages and handbook files on the
freebsd.org site)
I have this in /etc/ftpchroot
@webupdater /var/site
And indeed, loging into the ftp server as either faros, or ral, the
default directory is indeed the /site folder as I wish. As ftp users,
then can traverse the tree downwards as needed, but not upwards from
/site back to /var. Nice.
But, neither user can read write or even see anything in those
directories (only the decendant directories are visible.)
Without that entry in ftpchroot, then I can indeed ftp stuff
up/down/sideways to/from each user's home folder, but that's not a lot of
use for what I want.
I sort of understand the way the rights work (I think) but as yet I can't
see a way to assign group rights to a folder tree.
Navigating my way there in the console, if I do a ls -l, then I see
what's sort of expected.
drwxr-xr-x # root wheel 512 date time subfolder etc.....
(# is a number) (when logged in as root, somewhat less, when logged in
as ral or faros, but I can still list and read stuff.)
Of course, the group "webupdater" is not listed, hence it's users wont be
able to see or do anything.
What have I missed? Can I assign group rights to a folder structure?
Or, am I going about this all wrong.
Problems and unfamiliarity asside, I'm sort of enjoying all this. But
it's a near vertical learning curve, again...
Best regards, time for the kettle to start work I think.
Dave B.
PS: I saw somewhere, that pureftp has had some recent security troubles.
Can't find the details right now though.
Ah.. Here we are....
http://www.vuxml.org/freebsd/533d20e7-f71f-11df-9ae1-000bcdf0a03b.html
Like yesterday!
Mind you, looking at it's features and abilities, I think I already need
a second FreeBSD machine to play with to check this stuff out on.
>><<
More information about the freebsd-questions
mailing list