headers
Antonio Prado (TIDAL | 7 Jun 2007 20:43

Re: [Proftpd-user] jailed user

Hi,

 

Can you please give me some directives.

 

Under the chroot I do have now:

DefaultRoot ~ ftponly

 

This jails the user to his / hers own directory (defined under the /etc/passwd).

 

I need, beside this also, allow to two more directories that resides in top of this  (ftpusers/fixes and /ftpusers/apps) ,  do you know if the syntax would be…   ftponly is the group that controls the jailed users.

 

 

DefaultRoot ~ ftponly

DefaultRoot /ftpusers/fixes ftponly

DefaultRoot /ftpusers/apps   ftponly

 

 

Appreciate your help,

 

 

./antonio/.

 

 

From: proftp-user-bounces <at> lists.sourceforge.net [mailto:proftp-user-bounces <at> lists.sourceforge.net] On Behalf Of mrabbaa
Sent: Monday, May 28, 2007 3:19 AM
To: proftp-user <at> lists.sourceforge.net
Subject: Re: [Proftpd-user] jailed user

 

Antonio Prado (TIDAL) a écrit :

Hi,

 

I am a new member, can I could not find an answer for this.

 

 

I need jailed users to gain access to one specific directory. This directory is one level up from the users.

 

 

 

TIA,

 

 

./antonio/.

 

Proftpd embark a chroot system.
See the directive DefaultChroot for more details

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 1 comment |
headers
Neu, Timothy | 7 Jun 2007 20:48

[Proftpd-user] Case-insensitive user names?

Is there a way to make the usernames for proftpd case-insensitive?  

 

I've seen plugins that deal with file/directory names once logged in, but I'm only interested in the authentication piece.

 

Thanks in advance.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 0 comments |
headers
Thomas L. Shinnick | 8 Jun 2007 02:15
Picon

Re: [Proftpd-user] Case-insensitive user names?

At 01:48 PM 6/7/2007, Neu, Timothy wrote:
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
         boundary="----_=_NextPart_001_01C7A934.817EFB6C"

Is there a way to make the usernames for proftpd case-insensitive?  
 
I've seen plugins that deal with file/directory names once logged in, but I'm only interested in the authentication piece.
 
Thanks in advance.
My brain is on vacation at the moment, but here's a canned solution from some time ago.  We were migrating from a Windows FTP server and needed to ignore casing on userids.  The below did the trick by lower-casing all userids as submitted during login, right in the command, before any authentication took place.  If all lower-case userids will work for you, done!  (Well, I don't remember if you have to rebuild to include the mod_rewrite module...)

    # Rather than using UserAlias's or duplicating some other config
    # statements to allow both upper- and lower-case userids, just
    # use TJ's mod_rewrite to lowercase WACS userids
    RewriteEngine     on
    RewriteMap        tlwr int:tolower
    RewriteCondition  %m  USER
    RewriteRule       ^(.*)   ${tlwr:$1|}
  # RewriteLog        /var/log/proftpd.rewrite.log
 
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 0 comments |
headers
David Wells | 8 Jun 2007 20:34
Picon

[Proftpd-user] HideFiles and regex help needed

Hi everybody!

I have set up proftp so my users can log in into the server and they get 
chrooted into their ~/ directory. Everything works fine up to there. The 
problem I'm having is that I need to hide the users ~/.* files and 
directories and some directories such as ~/Maildir/. I've been trying to 
use the "HideFiles" directive with no kind of success and I have no 
experience writing a regex so I would very much appreciate if someone 
could help me.

Thanx in advance, David.
Attachment (d.wells.vcf): text/x-vcard, 423 bytes
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 4 comments |
headers
Thomas L. Shinnick | 8 Jun 2007 22:47
Picon

Re: [Proftpd-user] HideFiles and regex help needed

At 01:34 PM 6/8/2007, David Wells wrote:
Hi everybody!

I have set up proftp so my users can log in into the server and they get chrooted into their ~/ directory. Everything works fine up to there. The problem I'm having is that I need to hide the users ~/.* files and directories and some directories such as ~/Maildir/. I've been trying to use the "HideFiles" directive with no kind of success and I have no experience writing a regex so I would very much appreciate if someone could help me.

Thanx in advance, David.

In my production setup I wanted everyone to have their own message files, ala
      # When users chdir into new directory, display '.message'
      DisplayFirstChdir .msg.chdir

So naturally I didn't want the users (or at least the remote users) to be able to affect those files.  So I used
      HideFiles       "(^|/)\.msg\."

This says to 'hide' a file if the whole filepath begins_with   .msg.   or if an internal part of the filepath contains   /.msg.

The key is the   (^|/)   part which says beginning of the whole path, or anywhere following a path separator, which catches a bare ".msg.foo" or "no/.msg.is/added"

You might have to experiment, as I don't remember if the complete path to the file is matched against.  The question is whether
      HideFiles       "^Maildir"
might also unintentionally hide file "/saves/Maildir.tar.gz" if the user was already CD'd into "/saves" and says "dir *.gz"
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 3 comments |
headers
Niki Hammler | 10 Jun 2007 18:44

[Proftpd-user] LDAP and chroot to different user directory

Hi,

I want to authenticate my users by LDAP with (no anonymous login should
be possible):

<IfModule mod_ldap.c>
        AuthOrder mod_ldap.c
        LDAPServer "localhost"
        LDAPProtocolVersion 3
        LDAPSearchScope subtree
        LDAPDefaultGID 1003
        LDAPDefaultUID 1003
        LDAPForceDefaultGID on
        LDAPForceDefaultUID on
        LDAPDoAuth on "ou=users,dc=int" "(&(uid=%v)(objectclass=*))"
        LDAPDNInfo "uid=reader,dc=int" "secret"
        LDAPAuthBinds on
        LDAPUseTLS on
</IfModule>

Problem 1: The userdirectory in the attribute "userDirectory" does not
exist and MUST NOT exist! (The LDAP users are completely unindependent
from the system users).
But if that attribute is not set then the login fails. Any way to avoid
this? (Auto-Creating directories is no solution).

Problem 2: I have a directory somewhere on the server, e.g.

/server/ftp/one/two/three

This directory is completely independent from any homedir!

But this directory has subdirectories which are the same as the users, e.g.:

/server/ftp/one/two/three/user1
/server/ftp/one/two/three/user2
...

And the logged in user should be chrooted to exactly this directory!

I'm searching for something like

<Directory /home/ftp/one/two/three/$USER>
...
</Directory>

Another way would be something like

LDAPAttr homeDirectory "/home/ftp/one/two/three/"uid

But any other solution would be appreciated.

Is there any way to implement this?

Thank you very much!

Best regards,
Niki

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 2 comments |
headers
David Wells | 11 Jun 2007 22:50
Picon

Re: [Proftpd-user] HideFiles and regex help needed

Hi Thomas, thank you very much!!! I did some slight modifications and worked like a charm!!!
I replaced your regex with the following "(^|/)\.bash|(^|/)\.ssh|(^|/)\Maildir" and all .bash*, .ssh* and Maildir/* are simply ignored completely. What I did try was "(^|/)\." to vanish all .* files but this way I cannot list any files. Do you or anybody else have by any chance some sugestion on how to acomplish this?

Thanx a lot, David Wells.

Thomas L. Shinnick escribió:
At 01:34 PM 6/8/2007, David Wells wrote:
Hi everybody!

I have set up proftp so my users can log in into the server and they get chrooted into their ~/ directory. Everything works fine up to there. The problem I'm having is that I need to hide the users ~/.* files and directories and some directories such as ~/Maildir/. I've been trying to use the "HideFiles" directive with no kind of success and I have no experience writing a regex so I would very much appreciate if someone could help me.

Thanx in advance, David.

In my production setup I wanted everyone to have their own message files, ala
      # When users chdir into new directory, display '.message'
      DisplayFirstChdir .msg.chdir

So naturally I didn't want the users (or at least the remote users) to be able to affect those files.  So I used
      HideFiles       "(^|/)\.msg\."

This says to 'hide' a file if the whole filepath begins_with   .msg.   or if an internal part of the filepath contains   /.msg.

The key is the   (^|/)   part which says beginning of the whole path, or anywhere following a path separator, which catches a bare ".msg.foo" or "no/.msg.is/added"

You might have to experiment, as I don't remember if the complete path to the file is matched against.  The question is whether
      HideFiles       "^Maildir"
might also unintentionally hide file "/saves/Maildir.tar.gz" if the user was already CD'd into "/saves" and says "dir *.gz"
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ ProFTPD Users List <proftpd-users <at> proftpd.org> Unsubscribe problems? http://www.proftpd.org/list-unsub.html
Attachment (d.wells.vcf): text/x-vcard, 423 bytes
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 2 comments |
headers
Gray, Richard | 13 Jun 2007 09:58

Re: [Proftpd-user] HideFiles and regex help needed


Hi David 

Have a look at the documentation for the HideFiles directive:

http://www.proftpd.org/docs/directives/linked/config_ref_HideFiles.html

In the examples section, the first two examples show the same regex with and without quotes - there is a small difference.

Your regexp looks essentially correct, but you should either lose the quotes, or escape the backslash with
another backslash.

e.g.
HideFiles		(^|/)\.
or
HideFiles		"(^|/)\\."

Also, as mentioned in the docs, you might want to have a look at the IgnoreHidden directive as well.  

Richard
________________________________

	From: proftp-user-bounces <at> lists.sourceforge.net
[mailto:proftp-user-bounces <at> lists.sourceforge.net] On Behalf Of David Wells
	Sent: Monday, June 11, 2007 9:50 PM
	To: proftp-user <at> lists.sourceforge.net
	Subject: Re: [Proftpd-user] HideFiles and regex help needed
	
	
	Hi Thomas, thank you very much!!! I did some slight modifications and worked like a charm!!!
	I replaced your regex with the following "(^|/)\.bash|(^|/)\.ssh|(^|/)\Maildir" and all .bash*,
.ssh* and Maildir/* are simply ignored completely. What I did try was "(^|/)\." to vanish all .* files but
this way I cannot list any files. Do you or anybody else have by any chance some sugestion on how to acomplish this?
	
	Thanx a lot, David Wells.
	
	Thomas L. Shinnick escribió: 

		At 01:34 PM 6/8/2007, David Wells wrote:
		

			Hi everybody!
			
			I have set up proftp so my users can log in into the server and they get chrooted into their ~/ directory.
Everything works fine up to there. The problem I'm having is that I need to hide the users ~/.* files and
directories and some directories such as ~/Maildir/. I've been trying to use the "HideFiles" directive
with no kind of success and I have no experience writing a regex so I would very much appreciate if someone
could help me.
			
			Thanx in advance, David.

		In my production setup I wanted everyone to have their own message files, ala
		      # When users chdir into new directory, display '.message'
		      DisplayFirstChdir .msg.chdir
		
		So naturally I didn't want the users (or at least the remote users) to be able to affect those files.  So I used
		      HideFiles       "(^|/)\.msg\."
		
		This says to 'hide' a file if the whole filepath begins_with   .msg.   or if an internal part of the filepath
contains   /.msg. 
		
		The key is the   (^|/)   part which says beginning of the whole path, or anywhere following a path separator,
which catches a bare ".msg.foo" or "no/.msg.is/added"
		
		You might have to experiment, as I don't remember if the complete path to the file is matched against.  The
question is whether
		      HideFiles       "^Maildir"
		might also unintentionally hide file "/saves/Maildir.tar.gz" if the user was already CD'd into
"/saves" and says "dir *.gz"
		
		________________________________

		-------------------------------------------------------------------------
		This SF.net email is sponsored by DB2 Express
		Download DB2 Express C - the FREE version of DB2 express and take
		control of your XML. No limits. Just data. Click to get it now.
		http://sourceforge.net/powerbar/db2/
		________________________________

		_______________________________________________
		ProFTPD Users List   <proftpd-users <at> proftpd.org> <mailto:proftpd-users <at> proftpd.org> 
		Unsubscribe problems?
		http://www.proftpd.org/list-unsub.html

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

This message is intended only for the personal and confidential use of the designated recipient(s) named
above.  If you are not the intended recipient of this message you are hereby notified that any review,
dissemination, distribution or copying of this message is strictly prohibited.  This communication is
for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer
to buy any financial product, an official confirmation of any transaction, or as an official statement of
Lehman Brothers.  Email transmission cannot be guaranteed to be secure or error-free.  Therefore, we do
not represent that this information is complete or accurate and it should not be relied upon as such.  All
information is subject to change without notice.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 1 comment |
headers
David Wells | 13 Jun 2007 18:02
Picon

Re: [Proftpd-user] HideFiles and regex help needed

Thanx a lot Richard, just what I needed, it's working perfectly now

Gray, Richard escribió:
> Hi David 
>
> Have a look at the documentation for the HideFiles directive:
>
> http://www.proftpd.org/docs/directives/linked/config_ref_HideFiles.html
>
> In the examples section, the first two examples show the same regex with and without quotes - there is a
small difference.
>
> Your regexp looks essentially correct, but you should either lose the quotes, or escape the backslash
with another backslash.
>
> e.g.
> HideFiles		(^|/)\.
> or
> HideFiles		"(^|/)\\."
>
> Also, as mentioned in the docs, you might want to have a look at the IgnoreHidden directive as well.  
>
> Richard
> ________________________________
>
> 	From: proftp-user-bounces <at> lists.sourceforge.net
[mailto:proftp-user-bounces <at> lists.sourceforge.net] On Behalf Of David Wells
> 	Sent: Monday, June 11, 2007 9:50 PM
> 	To: proftp-user <at> lists.sourceforge.net
> 	Subject: Re: [Proftpd-user] HideFiles and regex help needed
> 	
> 	
> 	Hi Thomas, thank you very much!!! I did some slight modifications and worked like a charm!!!
> 	I replaced your regex with the following "(^|/)\.bash|(^|/)\.ssh|(^|/)\Maildir" and all .bash*,
.ssh* and Maildir/* are simply ignored completely. What I did try was "(^|/)\." to vanish all .* files but
this way I cannot list any files. Do you or anybody else have by any chance some sugestion on how to acomplish this?
> 	
> 	Thanx a lot, David Wells.
> 	
> 	Thomas L. Shinnick escribió: 
>
> 		At 01:34 PM 6/8/2007, David Wells wrote:
> 		
>
> 			Hi everybody!
> 			
> 			I have set up proftp so my users can log in into the server and they get chrooted into their ~/ directory.
Everything works fine up to there. The problem I'm having is that I need to hide the users ~/.* files and
directories and some directories such as ~/Maildir/. I've been trying to use the "HideFiles" directive
with no kind of success and I have no experience writing a regex so I would very much appreciate if someone
could help me.
> 			
> 			Thanx in advance, David.
>
>
> 		In my production setup I wanted everyone to have their own message files, ala
> 		      # When users chdir into new directory, display '.message'
> 		      DisplayFirstChdir .msg.chdir
> 		
> 		So naturally I didn't want the users (or at least the remote users) to be able to affect those files.  So I used
> 		      HideFiles       "(^|/)\.msg\."
> 		
> 		This says to 'hide' a file if the whole filepath begins_with   .msg.   or if an internal part of the filepath
contains   /.msg. 
> 		
> 		The key is the   (^|/)   part which says beginning of the whole path, or anywhere following a path separator,
which catches a bare ".msg.foo" or "no/.msg.is/added"
> 		
> 		You might have to experiment, as I don't remember if the complete path to the file is matched against.  The
question is whether
> 		      HideFiles       "^Maildir"
> 		might also unintentionally hide file "/saves/Maildir.tar.gz" if the user was already CD'd into
"/saves" and says "dir *.gz"
> 		
> 		________________________________
>
>
> 		-------------------------------------------------------------------------
> 		This SF.net email is sponsored by DB2 Express
> 		Download DB2 Express C - the FREE version of DB2 express and take
> 		control of your XML. No limits. Just data. Click to get it now.
> 		http://sourceforge.net/powerbar/db2/
> 		________________________________
>
>
> 		_______________________________________________
> 		ProFTPD Users List   <proftpd-users <at> proftpd.org> <mailto:proftpd-users <at> proftpd.org> 
> 		Unsubscribe problems?
> 		http://www.proftpd.org/list-unsub.html
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
> This message is intended only for the personal and confidential use of the designated recipient(s) named
above.  If you are not the intended recipient of this message you are hereby notified that any review,
dissemination, distribution or copying of this message is strictly prohibited.  This communication is
for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer
to buy any financial product, an official confirmation of any transaction, or as an official statement of
Lehman Brothers.  Email transmission cannot be guaranteed to be secure or error-free.  Therefore, we do
not represent that this information is complete or accurate and it should not be relied upon as such.  All
information is subject to change without notice.
>
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> ProFTPD Users List   <proftpd-users <at> proftpd.org>
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>
>
Attachment (d.wells.vcf): text/x-vcard, 423 bytes
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 0 comments |
headers
Jethro Hermans | 13 Jun 2007 08:37
Picon

[Proftpd-user] Slow upload to ftp-server

Hi,

I've got a very slow upload to my Proftpd server.
On forums I saw that much people suggest to set the "UseReverseDNS" and 
"IdentLookups" to off.
After that login is very fast but copy files to the ftp server fails 
each time.
Without this settings everything works fine but very slow.
Is there something else I can do?

Thanks,
Jet

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Permalink | Reply | 0 comments |

Gmane