PDA

View Full Version : Setting FTP chroot directory




marcusg
Mar 6, 2013, 03:46 PM
I'm trying to set up FTP on a Mac Mini (Mountain Lion, non-server version). I'm trying to chroot a user to another directory than the user's home directory. Let's call him aaron, homedir = /Users/aaron and desiered chroot upon ftp-login = /some/other/dir.

- I've added aaron to /etc/ftpchroot
- I've added the following line to /etc/ftpd.conf
- - chroot aaron /some/other/dir

As far as I can understand, that should put aaron in /some/other/dir. But when loggin in, aaron is chrooted in /Users/aaron! Why? Can't [pathformat] be a normal path (see https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man5/ftpd.conf.5.html#//apple_ref/doc/man/5/ftpd.conf )?



assembled
Mar 6, 2013, 06:44 PM
from here https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man5/ftpchroot.5.html#//apple_ref/doc/man/5/ftpchroot

The file /private/etc/ftpchroot is used to determine which users will have their session's root directory changed (using chroot(2)), either to the directory specified in the ftpd.conf(5) chroot directive (if set), or to the home directory of the user. If the file does not exist, the root directory change is not performed.

HenryAZ
Mar 7, 2013, 08:26 AM
- I've added the following line to /etc/ftpd.conf
- - chroot aaron /some/other/dir


Shouldn't the second word be a class keyword, rather than the user's name?

marcusg
Mar 7, 2013, 02:38 PM
Thanks both of you! I hadn't fully understood the usage of class. You made me study the manual a little bit more and now i nailed it! I added "aaron allow myclass" to ftpusers and modified ftpd.conf to contain "chroot my class /some/other/dir". I also removed the entry in ftpchroot.

... and (shame on me) after copying the line from ftp.conf to ftpd.conf (apparently I made a typo when opening the file in the first place!) it all worked perfect!