Home

News

Products

Customers

Web Development

About

Portfolio

Prices

Web Design

About

Portfolio

Prices

Translating

About

Languages

Prices

Bringing directories outside of chrooted enviroment to users' enviroment for Proftpd server

To keep your ftp server secure and not to allow your users to browse whole servers' directories structure you need to restrict ftp users to stay at their home directory. At *nix systems it's called "chrooted enviroment". Once a user logins to ftp account, ftp server software changes root's to the user's home directory. By this way users can't go outside of their directories.
To enable this feature at proftpd server you need to use DefaultRoot option at your proftpd.conf configuration file.
At general cases it looks as :

	DefaultRoot ~

Another question we're asked often is "How can I bring directories located somewhere to users' home directories?". There're 3 ways you could do but only one of them is working well. Lets consider them.

Proftpd and symlinks

For example, we have /var/ftp/common directory that we want to bring to /home/alex/common. At not-chrooted enviroment we could have symlink:

    lrwxrwxrwx 1 root root  7 Jan 25 23:50 /home/alex/common -> /var/tmp/common

But in chrooted enviroment it looks as:

    lrwxrwxrwx 1 root root  7 Jan 25 23:50 /home/alex/common -> /home/alex/var/tmp/common

Because root for user 'alex' is his home directory '/home/alex'. That's why we can't use symlinks for chrooted server software.

Proftpd and hardlinks

Another way you could do is hard links. But you can't use that due to 2 reasons:

You can't create hard links for directories
You can't make hard links for files located at different devices( as result at different filesystems as well)

Proftpd and mounting with bind option

There's only one good way to export resources to chrooted enviroment - using mounting directores to several locations in the filesysem. If you want to have an exact duplicate of the /var/ftp/common directory available for user alex at his /home/alex/common, use one these commands:

    * Linux (2.4.0 kernels and later):

    mount -o bind /var/ftp/common /home/alex/common
    mount -o bind /var/ftp/common /home/alex/common

    * BSD (as of 4.4BSD):

    mount_null /var/ftp/common /home/alex/common
    mount_null /var/ftp/common /home/alex/common

    * Solaris:

    mount -F lofs /var/ftp/common /home/alex/common
    mount -F lofs /var/ftp/common /home/alex/common

To keep directories mounted permanently you need to add them into /etc/fstab ( or /etc/vfstab for Solaris ).