Results 1 to 3 of 3

Thread: Proftpd - Limit FTP Access To Home Directory

  1. #1
    Junior Member
    Join Date
    Jun 2001
    Melbourne, Australia

    Proftpd - Limit FTP Access To Home Directory

    I have set up Proftpd using a fairly basic proftpd.conf file, on a Slackware 10 box (not sure of full details, I didn't build it). I have a user that will ftp in either over teh net or from the LAN, and I want to limit that user to their home directory and sub-directories of their home directory (ie - they can't "cd ../" up the directory tree, etc). The user will need to write to their home directory, as well as pull stuff out of it when offsite.

    Is there a way to get Proftpd to do this, or is there some sort of permissions deal I need to set up with this user?

    Here is /etc/proftpd.conf. I am going to kill the anonymous section, just in case you were wondering.

    # This is a basic ProFTPD configuration file.
    # It establishes a single server and a single anonymous login.
    # It assumes that you have a user/group "nobody" and "ftp"
    # for normal/anonymous operation.

    ServerName "ProFTPD Default Installation"
    #ServerType standalone
    ServerType inetd
    DefaultServer on

    # Port 21 is the standard FTP port.
    Port 21
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask 022

    # To prevent DoS attacks, set the maximum number of child processes
    # to 30. If you need to allow more than 30 concurrent connections
    # at once, simply increase this value. Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances 30

    # Set the user and group that the server normally runs at.
    User nobody
    Group nogroup

    # This next option is required for NIS or NIS+ to work properly:
    #PersistentPasswd off

    SystemLog /var/log/proftpd.log
    TransferLog /var/log/xferlog

    # Normally, we want files to be overwriteable.
    <Directory /*>
    AllowOverwrite on

    # A basic anonymous FTP server configuration.
    # To enable this, remove the user ftp from /etc/ftpusers.
    <Anonymous ~ftp>
    RequireValidShell off
    User ftp
    Group ftp
    # We want clients to be able to login with "anonymous" as well as "ftp"
    UserAlias anonymous ftp

    # Limit the maximum number of anonymous logins
    MaxClients 50

    # We want 'welcome.msg' displayed at login, and '.message' displayed
    # in each newly chdired directory.
    DisplayLogin welcome.msg
    DisplayFirstChdir .message

    # Limit WRITE everywhere in the anonymous chroot
    <Limit WRITE>

  2. #2
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    This ProFTP guide is for Debian but it should be similar to every distro as long as you follow some basic steps. This should show you how to configure your ProFTP to have users only being able to see its home dirs.

    HTH ...
    LinuxVillage - The truely community run Linux/Floss forum !

    No IT BS !!

  3. #3
    Junior Member
    Join Date
    Jun 2001
    Melbourne, Australia
    Thanks for that. Looks like it is what I'm after. Will try it out over teh weekend.

Similar Threads

  1. Relieve a full /tmp or /home directory
    By jmn0729 in forum Linux - General Topics
    Replies: 4
    Last Post: 01-13-2008, 02:44 AM
  2. Using grep in my home directory
    By Clai2x in forum Linux - Software, Applications & Programming
    Replies: 0
    Last Post: 12-19-2007, 04:57 AM
  3. Access can't change the working directory to
    By regix in forum Windows - General Topics
    Replies: 0
    Last Post: 01-04-2005, 01:44 AM
  4. cant write to home directory
    By S_D_Willie in forum Linux - General Topics
    Replies: 1
    Last Post: 07-04-2002, 05:10 AM
  5. home directory of /dev/null
    By tolstoy in forum Linux - Software, Applications & Programming
    Replies: 7
    Last Post: 01-24-2002, 10:01 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts