Had a devil time with setting up vsftpd.<br>all the examples never worked out the same.<br>read about a plugin for webmin for vsftpd<br>installed webmin & plugin<br>setup via the plugin and worked a treat :)<br>then disable webmin (only use it if I need the odd configs to workout)<br><br>vsftpd working a treat<br><br>give it a go and see if the output config is diff to you<br><br>regards <br><br><b><i>Denis Brown <dsbrown@cyllene.uwa.edu.au></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Dear PLUG list members,<br><br>Despite best efforts I cannot get users to be confined to their chroot <br>jails. Debian etch and vsftpd installed using aptitude. Vsftpd version <br>is 2.0.5<br><br>Have scoured the web for info on this and I understand the manner in which <br>vsftpd's config file *should* jail users, but it does not :-( Snippets <br>follow:<br><br><quote from="" etc=""
vsftpd.conf=""><br>chroot_local_user=NO<br>chroot_list_enable=YES<br>chroot_list_file=/etc/vsftpd.chroot_list<br><unquote><br><br>User "badboy" appears in /etc/vsftpd.chroot_list<br><br>User "badboy" has entry in /etc/passwd like so...<br>badboy:x:1002:1002:Bad Boy,,,:/home/badboy/./:/bin/bash<br><br>The use of a trailing /./ for the home directory specification was <br>mentioned in one of the web articles but it apparently makes no difference.<br><br>Using pscp.exe on a windows box I can sftp to the host, authenticate as <br>badboy and happily issue cd .. commands and traverse the directory tree <br>:-( At each level I can do an ls and see contents. It was my <br>understanding that this should not be possible.<br><br>There are no errata or bugs filed against vsftpd that I can see and the <br>only mentions that it has on the web generally have been from people who <br>messed up the configuration by misinterpreting the config file <br>directives. Maybe I've joined
that elite too?<br><br>Thoughts appreciated!<br>Denis<br><br><br>_______________________________________________<br>PLUG discussion list: plug@plug.org.au<br>http://www.plug.org.au/mailman/listinfo/plug<br>Committee e-mail: committee@plug.linux.org.au<br></unquote></quote></blockquote><br><p>
<hr size=1>Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. <a href="http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ "> Try it now.</a>