Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Limit FTP user's access to a specific directory
Operating Systems Solaris Limit FTP user's access to a specific directory Post 302844047 by hicksd8 on Friday 16th of August 2013 08:17:28 AM
Old 08-16-2013
Firstly, you can create an account for your ftp client to use (with a unique userid/passwd). Create a separate group too just for this user. This means that they are very restricted with regards gaining access via userid and group access to other directories. When they connect they land in their home directory as specified on the account. You can disable them from interactive login too, so ftp access only (and they need to know the password for the account).

Secondly, (I'm assuming you are talking Solaris 10) you can restrict them to their own directory:

Code:
 
# ftpconfig /export/home/USERID
 
# vi /etc/ftpd/ftpaccess 
  guestuser USERID

where USERID is the special ftp account that you created.

I reckon that ought to do it. Make sure you test it.
Let us know if that doesn't work.

See this thread.........this may be useful too.............
How to restrict user to a specific directory in solaris 10
Last edited by hicksd8; 08-16-2013 at 09:26 AM..
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

failed to access directory thru ftp

Hi all, I am a beginner to unix and ftp too.So i request your valuable comments. Requirement: I want to put a specific file into a server(linux) and under a particular directory path in that server as /caps/details/data/ Problem : I login to that server through the command `ftp... (1 Reply)
Discussion started by: DILEEP410
1 Replies

2. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

3. Solaris

when FTP user will go to specific directory

Hi experts, I have a user "bingo" in my sunsolaris 9. # /etc/passwd bingo:x:513:1::/export/home/bingo:/bin/bash when anyone Telnet to this user it goes to his home directory /export/home/bingo But now i want- when someone FTP to this user "bingo" it will NOT go to his home dir. Rather it... (5 Replies)
Discussion started by: thepurple
5 Replies

4. Solaris

create user with RWX access to a specific directory in Solaris 10

I need to create a user account for a developer that will allow him rwx access to all resources in a directory. How can I do that? Thanks (5 Replies)
Discussion started by: gsander
5 Replies

5. AIX

Limit user access

We have gotten an application that will read and display logs in a report format. The application need a user name and password to access the AIX servers where the logs reside. My problem is the logs are in a few different file systems on the server. Is there any way to lock the user to only the... (1 Reply)
Discussion started by: daveisme
1 Replies

6. Shell Programming and Scripting

User access to only specific subdirectory

is is possible to grant user access to only one subdirectory? example a. create ftp user with read/write/delete access (ftp user doesnt belong to uguys group) $ cd /etc/mydir $ls file1 file2 $ls -al -rw-rw-r-x 2 unixguy uguys 96 Dec 8 12:53 file1 -rw-rw-r-x 2 unixguy uguys 96... (0 Replies)
Discussion started by: lhareigh890
0 Replies

7. UNIX for Advanced & Expert Users

allow user to use sudo cp on a specific directory and only a specific file

Is there a way to allow a user to use sudo cp on a specific directory and only a specific file? (6 Replies)
Discussion started by: cokedude
6 Replies

8. Solaris

How to Limit ftp access parameters for specific users?

Dear friends, :) I create new user useradd -g other -d /export/home/sltftp -m -s /bin/bash -c "SLT user account for TMA ftp backup" sltftp now i need do restrict thees chmod delete overwrite rename from this user:(for all the files in the server ,sltftp user can only able to download... (4 Replies)
Discussion started by: darakas
4 Replies

9. UNIX and Linux Applications

Limit Website access upto specific count

Hi to all, I am new to Linux. but i am facing issue with my web server in Ubuntu 11.10. In my webserver i want to restrict maximum users website access (e.g., suppose i want to restrict users to access web to 250 persons in single time). So can you please suggest me to how to do that in... (1 Reply)
Discussion started by: Chintanghanti
1 Replies

10. Solaris

Limit bash/sh user's access to a specific directory

Hello Team, I have Solaris 10 u6 I have a user test1 using bash that belong to the group staff. I would like to restrict this user to navigate only in his home directory and his subfolders but not not move out to other directories. How can I do it ? Thanks in advance (1 Reply)
Discussion started by: csierra
1 Replies

LEARN ABOUT MINIX

ftpd

FTPD(8) 						      System Manager's Manual							   FTPD(8)

NAME

       ftpd, in.ftpd, setup.anonftp - DARPA Internet File Transfer Protocol server

SYNOPSIS

       ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
       tcpd ftp /usr/sbin/in.ftpd

DESCRIPTION

       Ftpd  is the DARPA Internet File Transfer Prototocol server process.  The server uses the TCP protocol and listens at the port specified in
       the ``ftp'' service specification; see services(5).

       The ftp server currently supports the following ftp requests;  case is not distinguished.

       Request	      Description
       ABOR	      abort previous command
       ACCT	      specify account (ignored)
       ALLO	      allocate storage (vacuously)
       APPE	      append to a file
       CDUP	      change to parent of current working directory
       CWD	      change working directory
       DELE	      delete a file
       HELP	      give help information
       LIST	      give list files in a directory (``ls -lA'')
       MKD	      make a directory
       MODE	      specify data transfer mode
       NLST	      give name list of files in directory (``ls'')
       NOOP	      do nothing
       PASS	      specify password
       PASV	      prepare for server-to-server transfer
       PORT	      specify data connection port
       PWD	      print the current working directory
       QUIT	      terminate session
       RETR	      retrieve a file
       RMD	      remove a directory
       RNFR	      specify rename-from file name
       RNTO	      specify rename-to file name
       STOR	      store a file
       STOU	      store a file with a unique name
       STRU	      specify data transfer structure
       TYPE	      specify data transfer type
       USER	      specify user name
       XCUP	      change to parent of current working directory
       XCWD	      change working directory
       XMKD	      make a directory
       XPWD	      print the current working directory
       XRMD	      remove a directory

       The remaining ftp requests specified in Internet RFC 959 are recognized, but not implemented.

       The ftp server will abort an active file transfer only when the ABOR command is preceded by a Telnet "Interrupt Process" (IP) signal and  a
       Telnet "Synch" signal in the command Telnet stream, as described in Internet RFC 959.

       Ftpd  interprets  file  names  according  to  the ``globbing'' conventions used by csh(1).  This allows users to utilize the metacharacters
       ``*?[]{}~''.

       Ftpd authenticates users according to three rules.

       1)     The user name must be in the password data base, /etc/passwd, and not have a null password.  In this case a password  must  be  pro-
	      vided by the client before any file operations may be performed.

       2)     The user name must not appear in the file /etc/ftpusers.

       3)     If the user name is ``anonymous'' or ``ftp'', an anonymous ftp account must be present in the password file (user ``ftp'').  In this
	      case the user is allowed to log in by specifying any password (by convention this is given as the client host's name).

       In the last case, ftpd takes special measures to restrict the client's access privileges.  The server performs a chroot(2) command  to  the
       home  directory	of  the  ``ftp''  user.  In order that system security is not breached, it is recommended that the ``ftp'' subtree be con-
       structed with care;  the following rules are recommended.

       ~ftp)  Make the home directory owned by ``ftp'' and unwritable by anyone.

       ~ftp/bin)
	      Make this directory owned by the super-user and unwritable by anyone.  The program ls(1) must be present to support  the	list  com-
	      mands.  This program should have mode 111.

       ~ftp/etc)
	      Make  this  directory owned by the super-user and unwritable by anyone.  The files passwd(5) and group(5) must be present for the ls
	      command to work properly.  These files should be mode 444.

       ~ftp/pub)
	      Make this directory mode 755 and owned by the super-user.  Create directories in it owned by users if those users want to manage	an
	      anonymous ftp directory.

       ~ftp/pub/incoming)
	      Optionally  create  this	directory  for	anonymous  uploads.  Make it mode 777.	The FTP daemon will create files with mode 266, so
	      remote users can write a file, but only local users can do something with it.

       The script setup.anonftp can be used to create or check an anonymous FTP tree.

SEE ALSO

       ftp(1).

BUGS

       The anonymous account is inherently dangerous and should avoided when possible.

																	   FTPD(8)
All times are GMT -4. The time now is 12:46 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy