11-02-2001
Solaris 8 ftp access
I just setup my ftp server on Solaris 8. Everything works fine...except I do not want to allow certain users to be able to change directories outside of their /home directory. In other wors I don't want everyone to be able to view files in other folders outside of their home directoy. I know how to do it running wu-ftp, but this is not exactly the same. Does anyone know how to accoplish this. I did a search and didn't find anything that covered this topic.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Current setup:
I am running Solaris 8 and PROFtpd. I have my network functioning correctly. The server can be pinged from any machine on the network. There is no firewall between the client and the server. The proftpd service is running using the correct and only proftpd.conf file in standalone... (5 Replies)
Discussion started by: zbis12
5 Replies
2. UNIX for Dummies Questions & Answers
I created a user which I would like to have access only to FTP. I am able to get FTP to the machine with that user, but I only want him to have access to two directories, and no shell access. How can I accomplish this?
Thanx,
Aaron (1 Reply)
Discussion started by: Spetnik
1 Replies
3. UNIX for Dummies Questions & Answers
How to restrict ftp user to move to the parent directory of his home directory.
Any suggestions will be appreciated.
O.S Sun solaris
Regards (3 Replies)
Discussion started by: sehgalniraj
3 Replies
4. UNIX for Dummies Questions & Answers
Hi All,
I want to ftp a file from Windows 2000 to Unix. The file is present in a remote server which has been mapped to one of my drives. I am not able to connect to that directory.
I am getting an error saying
?Invalid command
550 //hbxs02/shared No such file or directory.
The... (0 Replies)
Discussion started by: shashi_kiran_v
0 Replies
5. UNIX for Dummies Questions & Answers
Folks;
I'm working on building ACL for our Solaris 10 box. I'm going to use LDAP for authentication.
We have a mounted drive on that server & users would like to be able to write to it.
We need to restrict the write access to that mounted drive on the box to be only through FTP, so if they... (13 Replies)
Discussion started by: Katkota
13 Replies
6. Red Hat
Hi dear all
When i try to connect to an ftp site it shows the following error
"An FTP authentication failure occurred while trying to retrieve the URL: ftp://xyz.org/
Squid sent the following FTP command:
PASS <yourpassword>
and then received this reply
User anonymous cannot log in"
I... (3 Replies)
Discussion started by: surfer24
3 Replies
7. Solaris
Hello,I must share file from Linux machine to Solaris.I've enabled ftp with svcadm enable ftp,when I connect from Linux box I have this
"Name (192.168.1.4:root): anonymous
331 Guest login ok,send your complete e-mail address as password
Password : (I give my e-mail address)
530 Login incorrect... (3 Replies)
Discussion started by: bgf0
3 Replies
8. IP Networking
hi,
I was wondering why I can't connect through Terminal to my FTP server.
It perfectly works through client FTP (I've attached an image with settings)
http://dl.getdropbox.com/u/72686/cushy2.png
But I can't using the terminal
I tried many times the same password I use on FTP... (4 Replies)
Discussion started by: aneuryzma
4 Replies
9. UNIX for Advanced & Expert Users
Hello all,
I am currently writing an application that besides other thing ,ftps files from remote machines (running linux and solaris). My problem is this: i am connecting to remote machines as a user other than root and i have found that there is a possibility that i will encounter folders with... (3 Replies)
Discussion started by: noam128
3 Replies
10. AIX
Hi all,
I'm using AIX v 5.3
I want to create system users to access through ftp or sftp and restrict those users into specific directory and don't traverse the whole file system just to be restricted within a directory and don't get shell access . i don't want to use any other third party... (7 Replies)
Discussion started by: h@foorsa.biz
7 Replies
LEARN ABOUT OPENSOLARIS
ftpd_selinux
ftpd_selinux(8) ftpd SELinux policy documentation ftpd_selinux(8)
NAME
ftpd_selinux - Security-Enhanced Linux policy for ftp daemons.
DESCRIPTION
Security-Enhanced Linux provides security for ftp daemons via flexible mandatory access control.
FILE_CONTEXTS
SELinux requires files to have a file type. File types may be specified with semanage and are restored with restorecon. Policy governs the
access that daemons have to files.
Allow ftp servers to read the /var/ftp directory by adding the public_content_t file type to the directory and by restoring the file type.
semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
restorecon -F -R -v /var/ftp
Allow ftp servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and by restoring the file
type. This also requires the allow_ftpd_anon_write boolean to be set.
semanage fcontext -a -t public_content_rw_t "/var/ftp/incoming(/.*)?"
restorecon -F -R -v /var/ftp/incoming
BOOLEANS
SELinux policy is based on least privilege required and may also be customizable by setting a boolean with setsebool.
Allow ftp servers to read and write files with the public_content_rw_t file type.
setsebool -P allow_ftpd_anon_write on
Allow ftp servers to read or write files in the user home directories.
setsebool -P ftp_home_dir on
Allow ftp servers to read or write all files on the system.
setsebool -P allow_ftpd_full_access on
Allow ftp servers to use cifs for public file transfer services.
setsebool -P allow_ftpd_use_cifs on
Allow ftp servers to use nfs for public file transfer services.
setsebool -P allow_ftpd_use_nfs on
system-config-selinux is a GUI tool available to customize SELinux policy settings.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO
selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)
dwalsh@redhat.com 17 Jan 2005 ftpd_selinux(8)