Question : Linux FTP Jail - Sortof

Running VSFTPD on Fedora Core 8.  No annon access allowed...using pam.d authentication with local users.  Using ACLs on the folders.
FTP User's home directories are in /var/ftp/$USER

I have some users that require being jailed in their home directory which I have accomplished easily with /etc/vsftpd.chroot_list

I have some other users that must be able to browse to other user's home directories which I can do easily with ACLs and not jailing them.

I want the users that are not placed in a chroot jail (those who need access to other's home directories) to be blocked from browsing higher than the /var/ftp folder.  I do not want them in /var, /, /etc, /usr, etc...

Anyone know how to do this?  My conf file is below in the code snipit

Thank you in advance!!
Code Snippet: 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:

anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
nopriv_user=ftpsecure
ascii_upload_enable=YES
ascii_download_enable=YES
listen=YES
background=YES
chroot_local_user=YES
chroot_list_enable=YES
Open in New Window Select All

Answer : Linux FTP Jail - Sortof

The way I accomplished this was to make jail everyone in  a /ftp directrory.  Then I created home folders inside of there and used permissions to only allow certain users access to certain folders.  It takes one step more when creating a user because you will then have to manually create their home folder and set permissions, but it works like a charm and is easy to administer once done.


So everyone has access to /ftp filesystem via FTP.

Inside /ftp I have this:

/ftp
/ftp/home
/ftp/home/joe
/ftp/home/bob
/ftp/home/lisa


The reason I did it this way was I also have a lot of folders everyone needs access to which reside in the /ftp directory.
Random Solutions  
 
programming4us programming4us