Enhancement #2805
FTP: allow chroot on home directory
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-vsftpd | |||
Target version: | v6.5 | |||
Resolution: | NEEDINFO: | No |
Description
When the FTP server is configured to use system users, these users should be chrooted on their home directory.
Actual configuration changes the user's chroot to: /var/lib/nethserver/ftp/<user>
.
For example, if the user's home is changed using the lusermod
command, the home should be honored as chroot directory.
Associated revisions
vsftpd.conf: chroot system users to their own home directory. Refs #2805
History
#1 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.5
- % Done changed from 0 to 20
#2 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
#4 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
Package in nethserver-testing:
- nethserver-vsftpd-1.0.0-1.0gitaa11f991.ns6.noarch.rpm
- create a gis user from web interface, enable remote shell and set the password to "Nethesis,1234"
- execute following commands:
config setprop vsftpd status enabled mkdir -p /var/lib/nethserver/GISTUDIO chown gis:gis /var/lib/nethserver/GISTUDIO lusermod -d /var/lib/nethserver/GISTUDIO gis config setprop vsftpd UserType system db accounts setprop gis FTPAccess enabled signal-event nethserver-vsftpd-save
- login using ftp client with gis user
- check the user is chrooted in
/var/lib/nethserver/GISTUDIO
directory - try to write and read a file from the directory
#5 Updated by Stefano Fancello about 7 years ago
- Assignee set to Stefano Fancello
#6 Updated by Stefano Fancello about 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Stefano Fancello) - % Done changed from 70 to 90
vsftpd correctly working, ftp user can't go on the upper level and file upload/download is working.
Tested using gFTP.
#7 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Package in nethserver-updates:
- nethserver-vsftpd-1.0.1-1.ns6.noarch.rpm