Osf Managers,
I have set up guest accounts on an Alpha (DU4.0d) using wu-ftp, but the
guests have access to the entire file system.
Are there special requirements for chroot to work on DU?
Here's is an example of the chroot command not working:
# cp /bin/sh /home/users/sam/sh
# cd /home/users/sam
# ls -l
-rwxr-xr-x 1 root system 131072 Sep 30 15:03 sh
# chroot /home/users/sam ./sh
./sh: not found
Here is an example of a guest ftp session:
# ftp ash
Connected to ash.aquinas.edu.
220 ash.aquinas.edu FTP server (Version wu-2.4(1) Fri Jul 10 23:36:51
EDT 199
8) ready.
Name (ash:aqadmin): sam
331 Password required for sam.
Password:
230 User sam logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/home/users/sam" is current directory.
ftp> user
(username) jason
530 Can't change user from guest login.
Login failed.
ftp>
I have the following directory structure:
-rw-rw-r-- root system /etc/msgs/msg.dead
drwxr-xr-x root system /home/users
-rw-r--r-- root system /home/users/welcome.msg
d--x--x--x root system /home/users/bin
---x--x--x root system /home/users/bin/ls
d--x--x--x root system /home/users/etc
-rw-r--r-- root system /home/users/etc/passwd
-rw-r--r-- root system /home/users/etc/group
d--x--x--x root system /home/users/etc/msgs
-rw-r--r-- root system /home/users/etc/pathmsg
drwxr-s--t sam system /home/users/sam
In /etc/passwd:
sam:*:207:15:Sam I Am:/home/users/./sam:/bin/sh
[the star is because of C2 security]
In /etc/group:
users:*:15:sam
ftponly:*:203:sam
In /home/users/etc/passwd:
root:*:0:0::/:
sam:*:207:15::/sam:
In /home/users/etc/group:
system::0:
users::15:
The ftpaccess file (in /usr/local/etc):
class gs guest *
class rl real *
class an anonymous *
limit gs 10 Any /etc/msgs/msg.dead
message /welcome.msg login gs
path-filter gs /etc/msgs/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^-
path-filter rl /etc/msgs/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^-
email webmaster_at_aquinas.edu
delete no guest # delete permission?
overwrite no guest # overwrite permission?
rename no guest # rename
chmod no guest # chmod permission?
umask no guest # umask permission?
passwd-check rfc822 enforce
guestgroup ftponly
In /etc/fstab:
root_domain#root / advfs rw 0 0
home_domain#home /home advfs rw 0 2
However when I had set up anonymous ftp on this system the wu-ftp did
chroot to my ~ftp directory.
Does anyone know a secret to getting guest accounts to chroot on DU?
Jason Kantz
Aquinas College
Grand Rapids, Michigan
______________________________________________________
Get Your Private, Free Email at
http://www.hotmail.com
Received on Thu Oct 01 1998 - 12:17:57 NZST