httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: disabling system logon and allowing ftp login
Date Fri, 12 Jul 2002 14:35:03 GMT
Errr.. What has this got to do with apache? This looks liek Unix sysadmin to me. While there
might be some people who could help you, it is a bit off-topic for all the rest of the list.
 Try http://marc.theaimsgroup.com/ and see if you can find a more suitable forum.

Rgds,

Owen Boyle

>-----Original Message-----
>From: Paul Stephenson [mailto:PStephenson@ficgroup.com]
>Sent: Freitag, 12. Juli 2002 14:58
>To: Owen Phillis; users@httpd.apache.org
>Subject: RE: disabling system logon and allowing ftp login
>
>
>I have looked through the ftpaccess file, and I am still 
>confused.  I have setup real user accounts for people, and 
>when I try to change from /bin/bash to /bin/false that user 
>can no longer log into the ftp server.  The following is a 
>copy of my /etc/passwd ~/etc/passwd and /etc/ftpaccess file.
>
>/etc/passwd  [example of a user I setup]
>
>onramp:1PFTp60AqHswg:505:505::/home/sites:/bin/false
>
>~/etc/passwd 
>
>onramp::505:505::/www.mittefoundation.org:
>
>/etc/ftpaccess is
>
>#This file controls the behavior of the wu-ftpd
># ftp server.
>#
># If you're looking for a graphical frontend to
># editing it, try kwuftpd from the kdeadmin
># package.
>
># Don't allow system accounts to log in over ftp
>deny-uid %-99 %65534-
>deny-gid %-99 %65534-
>#allow-uid ftp
>#allow-gid ftp
>
># Chroot all users to their home directory by default
># (comment this out if you don't want to chroot most of your users)
>guest-root /home/sites
>guestuser *
>restrict-uid *
># If you wish to allow user1 and user2 to access other
># directories, use the line below:
># realuser user1,user2
>
>
># The ftpchroot group doesn't exist by default, this
># entry is just supplied as an example.
># To chroot a user, modify the line below or create
># the ftpchroot group and add the user to it.
>#
># You will need to setup the required applications
># and libraries in the root directory (set using
># guest-root).
>#
># Look at the anonftp package for the files you'll need.
># guestgroup ftpchroot
>
># User classes...
>class   all   real,guest  *
>
># Set this to your email address
>email bmoore@ficgroup.com
>
># Allow 5 mistyped passwords
>loginfails 5
>
># Notify the users of README files at login and when
># changing to a different directory
>readme  README*    login
>readme  README*    cwd=*
>
># Messages displayed to the user
>message /welcome.msg            login
>message .message                cwd=*
>
># Allow on-the-fly compression and tarring
>compress        yes             all
>tar             yes             all
>
># Prevent anonymous users (and partially guest users)
># from executing dangerous commands
>chmod           no              guest,anonymous
>delete          no              anonymous
>overwrite       no              anonymous
>rename          no              anonymous
>
># Turn on logging to /var/log/xferlog
>log transfers anonymous,guest,real inbound,outbound
>
># If /etc/shutmsg exists, don't allow logins
># see ftpshut man page
>shutdown /etc/shutmsg
>
># Ask users to use their email address as anonymous
># password
>passwd-check rfc822 warn
>
>Any further assistance would be greatly appreciated.
>
>Paul Stephenson
>
>
>-----Original Message-----
>From: Owen Phillis [mailto:owen@aesir.ath.cx] 
>Sent: Tuesday, July 09, 2002 4:32 PM
>To: Paul Stephenson
>Cc: wuftp-questions
>Subject: Re: disabling system logon and allowing ftp login
>
>Hi man, 
>
>dont give the users a shell. or create guest access to the 
>server for evey user, rather than setup real accounts on the machine. 
>
>man ftpaccess 
>
>has all the details... 
>
>but in short to stop a real user logging in via telnet or 
>whatever, just change the users entry in the /etc/passwd file 
>from something like this. 
>
>owen:x:500:100:Owen Phillis:/home/owen:/bin/bash 
>
>
>to something like this (the change is at the end) 
>
>owen:x:500:100:Owen Phillis:/home/owen:/bin/false 
>
>
>
>
>On Tue, 2002-07-09 at 17:50, Paul Stephenson wrote: 
>Hello all, 
>
>  
>
>I was trying to figure out how to allow people to login to ftp 
>but not allow them to logon to actual server.  If someone 
>could help I would appreciate it.  I am using Red Hat 7.3 and 
>wu-ftpd 2.6.2-5, and I am setting up guest ftp using the 
>guest-root directive.  
>
>  
>
>Paul 
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message