Subject: Re: locking users in their home dir?
To: None <>
From: Geoff Wing <>
List: current-users
Date: 10/21/1998 03:00:44
Tom T. Thai <> typed:
:Is it possible to lock telnet or ftp users into their home dir and not
:allow them to go outside or up higher in the dir tree?

1) For FTP, RTFM ftpd(8)
      User authentication
            4.  f directed by the file /etc/ftpchroot (see below) the ses-
	        sion's root will be changed to the user's login directory by
		chroot(2) as for an ``anonymous'' or ``ftp'' account (see next
      .... (BTW, the typo's in the man page)
  however, you'll have to create a ``bin'' dir with a copy (or hard link) of
  ``ls'' if you want them to be able to send ``LIST'', not just ``NLST''
  commands.  You may not bother with the ``etc'' dir - just let them have 
  numeric uids/gids in their listings.

2) For telnet, there are quite a few restricted shells around, or shells 
   which have restricted modes (eg. zsh).  Other than changing their shell,
   you could write your own wrapper to chroot them - though that would
   be extremely limiting for them and maybe annoying to administer since
   you would have to give each user copies of any command you want them
   to be able to run.
Geoff Wing   <>            Mobile : 0412 162 441
Work URL:   Ego URL: