new user questions. (Before I back myself into a corner!)
nathan at vidican.com
Thu Nov 25 14:42:10 UTC 2010
On Wed, Nov 24, 2010 at 4:49 PM, Dave <dave at g8kbv.demon.co.uk> wrote:
> Hi again.
> Firstly, many thanks for the responces to my questions. Much
> appreciated. Especialy as on other "lesser" forums (Lugs etc) I often
> get flamed for asking such stuff, and learn nothing as a result.
> OK. The FTP thing first.... Just for the heck of it, trying to use
> the built in server daemon, "because it's there" etc....
> I've sort of got the default FTP server up and running thanks to the
> hints from you all, but pound to a penny, it's not optimaly configured,
> I have two users defined, "ral" and "faros" (easy to remember, as they
> are the names of the two external automated systems I intend to have send
> data to the small website, when that's done.) Each with a unique
> Both are also members of a group "webupdater".
> (As an asside, creating users, regardless of what "shell" I pick from the
> list, I get "unknown root shell" warnings as adduser completes.)
> Both users can connect to the ftp server (still stuck at port 21 for now,
> but I'm manually starting it from the root command line) and log in with
> their username and password.
> (Both can also login to the system from the console too, not what I
> wanted, but...... I did try the "nologin" shell, but that prevents them
> from loging in to the FTP server too.)
> However, each user see's it's own unique homedir folder, exactly as
> described in the man pages, but I'd like them to see the folder structure
> below by default.
> I have created a directory '/var/site' and from that some decendant
> directories that mimic the existing site on the other machine.
> /site < the "root" folder for the FTP and WWW
> I've been trying to use Groups, and the ftpchroot file, to get the
> "users" to see the /site directory as their root (for compatablility with
> the way things work on the other system, so I don't have to change
> existing batch and script files when I get to point them at this box) or
> their individual data directory 60m for ral and 'Faros' for Faros.
> However, the pages for that feature are a little thin in content detail
> that I can use. (I'm looking at the man pages and handbook files on the
> freebsd.org site)
> I have this in /etc/ftpchroot
> @webupdater /var/site
> And indeed, loging into the ftp server as either faros, or ral, the
> default directory is indeed the /site folder as I wish. As ftp users,
> then can traverse the tree downwards as needed, but not upwards from
> /site back to /var. Nice.
> But, neither user can read write or even see anything in those
> directories (only the decendant directories are visible.)
> Without that entry in ftpchroot, then I can indeed ftp stuff
> up/down/sideways to/from each user's home folder, but that's not a lot of
> use for what I want.
> I sort of understand the way the rights work (I think) but as yet I can't
> see a way to assign group rights to a folder tree.
> Navigating my way there in the console, if I do a ls -l, then I see
> what's sort of expected.
> drwxr-xr-x # root wheel 512 date time subfolder etc.....
> (# is a number) (when logged in as root, somewhat less, when logged in
> as ral or faros, but I can still list and read stuff.)
> Of course, the group "webupdater" is not listed, hence it's users wont be
> able to see or do anything.
> What have I missed? Can I assign group rights to a folder structure?
> Or, am I going about this all wrong.
> Problems and unfamiliarity asside, I'm sort of enjoying all this. But
> it's a near vertical learning curve, again...
> Best regards, time for the kettle to start work I think.
> Dave B.
> PS: I saw somewhere, that pureftp has had some recent security
> Can't find the details right now though.
> Ah.. Here we are....
> Like yesterday!
> Mind you, looking at it's features and abilities, I think I already need
> a second FreeBSD machine to play with to check this stuff out on.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
Two commands of interest here, 'chmod' and 'chown'. I'd highly suggest
reading the manpage on both, but here's the short/quick-start version:
- used to change permissions for a file or directory
- permissions are broken down into: 2=read, 4=write, 1=execute
- permissions are displayed in group of three, corresponding to
- so chmod 666 means "make owner,group,everyone each able to read(2) plus
- the first number indicating the owner of the files permission, the
second the group, and the last everyone
- so when you noted seeing "drwxr-xr-x" - that's 755 (owner
read+write+execute(7), group read+execute (5), everyone else read+execute(5)
- in order for a user to 'cd' to a directory, the execute permission must
- to answer your original question then, "chmod 775 <dir_name>" would then
change the permissions to that the group can write as well
- used to change ownership of a file or directory
- can change owner, or group ownership
- syntax is "chown user:group <dir_name>"
As far as the FTP thing goes, you need to make sure that the shell you
assign the user is listed in /etc/shells - that's what the system 'standard'
ftpd is looking for.
nathan at vidican.com
More information about the freebsd-questions