Is it possible to restrict all users (I am not using anonymous) to their
directory and those below? In reading the docs, I am not sure how this
can be done.

Todd

On Tue, 1 Jul 2003 Todd Cary wrote:

>Is it possible to restrict all users (I am not using anonymous) to their
>directory and those below? In reading the docs, I am not sure how this
>can be done.

Yes. You can use the chroot options.

chroot_local_user=yes [for all local users]

or

chroot_list_enable=yes
chroot_list_file=/etc/vsftpd.chroot_list

Check 'man vsftpd.conf' for more info.

Gl
V.

Vwakes wrote:
> On Tue, 1 Jul 2003 Todd Cary wrote:
>
> >Is it possible to restrict all users (I am not using anonymous) to their
> >directory and those below? In reading the docs, I am not sure how this
> >can be done.
>
> Yes. You can use the chroot options.
>
> chroot_local_user=yes [for all local users]
>
> or
>
> chroot_list_enable=yes
> chroot_list_file=/etc/vsftpd.chroot_list
>
> Check 'man vsftpd.conf' for more info.
>
> Gl
> V.

This is my conf file, yet I can see all of the directories:

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

Any suggestions?

Todd

On Wed, 2 Jul 2003 Todd Cary wrote:

>Vwakes wrote:
>> On Tue, 1 Jul 2003 Todd Cary wrote:
>>
>> >Is it possible to restrict all users (I am not using anonymous) to
>> >their directory and those below? In reading the docs, I am not
>> >sure how this can be done.
>>
>> Yes. You can use the chroot options.
>>
>> chroot_local_user=yes [for all local users]
>>
>> or
>>
>> chroot_list_enable=yes
>> chroot_list_file=/etc/vsftpd.chroot_list
>>
>> Check 'man vsftpd.conf' for more info.
>
>This is my conf file, yet I can see all of the directories:

Are you sure? Coz, I tried with the exact same configuration and it
works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
and typing 'pwd' what do you see? You should see something like '/', if
you see '/home/userx' then it's not chrooted. Are you using the RH rpm
for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
'/etc/vsftpd.conf'.

>anonymous_enable=NO
>local_enable=YES
>write_enable=YES
>local_umask=022
>dirmessage_enable=YES
>xferlog_enable=YES
>connect_from_port_20=YES
>xferlog_std_format=YES
>chroot_local_user=YES
>pam_service_name=vsftpd
>userlist_enable=YES

>tcp_wrappers=YES

You don't need the above option if you are running from xinetd. Check
the manpage.

Vwakes wrote:
> On Wed, 2 Jul 2003 Todd Cary wrote:
>
> >Vwakes wrote:
> >> On Tue, 1 Jul 2003 Todd Cary wrote:
> >>
> >> >Is it possible to restrict all users (I am not using anonymous) to
> >> >their directory and those below? In reading the docs, I am not
> >> >sure how this can be done.
> >>
> >> Yes. You can use the chroot options.
> >>
> >> chroot_local_user=yes [for all local users]
> >>
> >> or
> >>
> >> chroot_list_enable=yes
> >> chroot_list_file=/etc/vsftpd.chroot_list
> >>
> >> Check 'man vsftpd.conf' for more info.
> >
> >This is my conf file, yet I can see all of the directories:
>
> Are you sure? Coz, I tried with the exact same configuration and it
> works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
> and typing 'pwd' what do you see? You should see something like '/', if
> you see '/home/userx' then it's not chrooted. Are you using the RH rpm
> for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
> '/etc/vsftpd.conf'.
>
> >anonymous_enable=NO
> >local_enable=YES
> >write_enable=YES
> >local_umask=022
> >dirmessage_enable=YES
> >xferlog_enable=YES
> >connect_from_port_20=YES
> >xferlog_std_format=YES
> >chroot_local_user=YES
> >pam_service_name=vsftpd
> >userlist_enable=YES
>
> >tcp_wrappers=YES
>
> You don't need the above option if you are running from xinetd. Check
> the manpage.

My mistake!! I used the incorrect vsftpd.conf!! My system is the RH 9
with the installed vsftpd and I initially used /etc/vsftpd/vsftpd.conf.
It needed to be /etc/vsftpd.conf.

Thank you for reminding me to check that out.

Todd

On Wed, 2 Jul 2003 Todd Cary wrote:

>Vwakes wrote:
>>
>> Are you sure? Coz, I tried with the exact same configuration and it
>> works for me. I am using version 1.1.3 tho. As soon as you ftp
>> yourself and typing 'pwd' what do you see? You should see something
>> like '/', if you see '/home/userx' then it's not chrooted. Are you
>> using the RH rpm for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf'
>> file instead of '/etc/vsftpd.conf'. [....]
>
>My mistake!! I used the incorrect vsftpd.conf!! My system is the RH 9
>with the installed vsftpd and I initially used /etc/vsftpd/vsftpd.conf.
> It needed to be /etc/vsftpd.conf.

It's not your mistake, its RH's. I thought VsFtpd that came with RH 9
used /etc/vsftpd/vsftpd.conf. If it's not then it's a bug.

Vwakes wrote:
> On Wed, 2 Jul 2003 Todd Cary wrote:
>
> >Vwakes wrote:
> >> On Tue, 1 Jul 2003 Todd Cary wrote:
> >>
> >> >Is it possible to restrict all users (I am not using anonymous) to
> >> >their directory and those below? In reading the docs, I am not
> >> >sure how this can be done.
> >>
> >> Yes. You can use the chroot options.
> >>
> >> chroot_local_user=yes [for all local users]
> >>
> >> or
> >>
> >> chroot_list_enable=yes
> >> chroot_list_file=/etc/vsftpd.chroot_list
> >>
> >> Check 'man vsftpd.conf' for more info.
> >
> >This is my conf file, yet I can see all of the directories:
>
> Are you sure? Coz, I tried with the exact same configuration and it
> works for me. I am using version 1.1.3 tho. As soon as you ftp yourself
> and typing 'pwd' what do you see? You should see something like '/', if
> you see '/home/userx' then it's not chrooted. Are you using the RH rpm
> for vsftpd? If so, it uses '/etc/vsftpd/vsftpd.conf' file instead of
> '/etc/vsftpd.conf'.
>
> >anonymous_enable=NO
> >local_enable=YES
> >write_enable=YES
> >local_umask=022
> >dirmessage_enable=YES
> >xferlog_enable=YES
> >connect_from_port_20=YES
> >xferlog_std_format=YES
> >chroot_local_user=YES
> >pam_service_name=vsftpd
> >userlist_enable=YES
>
> >tcp_wrappers=YES
>
> You don't need the above option if you are running from xinetd. Check
> the manpage.

Many thanks! It is hard enough getting use to the Linux
environment...alsomt like I have never used a computer before :-) !!

I need to recompile PHP with the Interbase extensions (and then
recompile Apache). Conceptually I understand what needs to be done
*BUT* the nitty-gritty is quite foreign.

The installed version of PHP has all of the extensions I need except
Interbase (http://209.204.172.137:8080/testphp.php ). Is it possible to
just *add* Interbase.

If so, is there docs on how to do that and then recompile Apache?

Todd