Fedora Security :: Give FTP Control Of Different Directories To Different Users
Aug 24, 2010
I have my own dedicated server box running (using it for game servers). I access it via ssh and I have root control of it. It has FEDORA Operating System. I wanna give FTP control of different directories to different users. Right now there are no other FTP users except root. I have installed vsftpd and dont know what should I do next? How do I add users (who can read/write/delete files) and How do I restrict them to their home directory?
Here is what I want:
username:client1
password:12345
home directory: home/server1
username:client2
password:12345
home directory: home/server2
View 1 Replies
ADVERTISEMENT
Feb 8, 2011
So, I am looking to implement an FTP server with Isolated Client accounts/directories where a client can only access what's in their directory. I also need to provide my internal user's (content managers) the ability to upload, delete, etc from all of the Client accounts. The simple part is creating the secure client accounts. It's a matter of changing DIR_MODE in adduser.conf to 700 or 770, creating a user, having the FTP server chroot them to their home directory, revoke/restrict shell/ssh access and maybe even slap on some ACL to prevent botched permissions.The hard part is figuring out how to give my power users the ability to access all of their folders without thrashing security.
My first thought was to put all of the client user-groups in a parent group and having my internal users inherit group permissions..but you can't have groups inside of groups.My second thought was to put all of the client users in the same group and prey that the FTP chroot is enough to keep them from poking around but then I have the problem of how do my internal users access other user directories if they are chrooted. Do I create a second server without chroot.do I create some weird nested homedir structure..I honestly have no idea how to satisfy both requirements (secure client accounts and privileged user accounts). I need my privileged users to authenticate against Active Directory via Likewise open, LDAP, etc and I don't care how the clients authenticate. Though, I would prefer to have both file and FTP-server level protection just to make sure no one can see the other client's data.
View 1 Replies
View Related
Jan 20, 2010
Is it possible to restrict users to their home directories and allow admins to have different home directories? Essentially I want users to have a folder in /var/www/html/$USER and admins to have either unrestricted access or have their root directory be ./ or /www or /etc. I have is set now so users have access to thier home direcotry but I need to upload web files as admin.
So far I have created:
chroot_list
user_list
[code]....
View 1 Replies
View Related
Apr 27, 2011
I am using Fedora 14 64-bit and after login through a user other than root when I try to open any folder on other partitions I get the message that I don't have permission to access such and such folders.
View 7 Replies
View Related
Jun 24, 2010
I want to give priority access for some users when they logon to the Redhat Server. I changed in the /etc/security/limits.conf file but also i am not able to get the priority .
View 2 Replies
View Related
May 15, 2011
I want to make a webserver with multiple users allowed to login through SFTP to a specific folder, www.Multiple users are added, lets say user1 and user2, and all of them belonging to the www-data group. The www directory has an owner www-data and a group www-data.
I have used chmod -R 775 on the www folder, but after I try to create a folder test through my SFTP server (using Filezilla) the group of the directory created has only r and x permissions, and I am not able to log in with the second user user2 and create a directory within www/test due to a lack of w permission to the group.
I also tried using chmod 2775 on www directory, but without luck. Can somebody explain to me, how can I make it so that a newly created directory inherits the root directory group permissions?
View 2 Replies
View Related
Jan 25, 2011
I'm a refugee from WindowsXP, running Fedora 14 with three user accountsMy problem is that I need the primary user (userd 500) to be able to have full access all other users' files in their home directories so that user can copy, move, delete, etc.I tried making that user a member of the other users' groups - but I still get the 'not got permission' error when I try to access their home directories
View 8 Replies
View Related
Sep 1, 2010
My Fedora box is giving me an SELinux security error:
Code: Summary:
SELinux is preventing the samba daemon from reading users' home directories.
Detailed Description:
SELinux has denied the samba daemon access to users' home directories. Someone
is attempting to access your home directories via your samba daemon. If you only
setup samba to share non-home directories, this probably signals an intrusion
attempt. For more information on SELinux integration with samba, look at the
samba_selinux man page. (man samba_selinux)
Allowing Access: If you want samba to share home directories you need to turn on the
samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
Fix Command:
setsebool -P samba_enable_home_dirs=1
Additional Information:
Source Context system_u:system_r:smbd_t:s0
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects /home/micah [ dir ]
Source smbd
[code]....
View 2 Replies
View Related
Dec 30, 2009
I have several local users on a F11 box. I want to keep one of those users from getting to the network. I could upgrade this machine to F12, if it offers a better solution.
View 1 Replies
View Related
Jun 28, 2010
I'm using Debian Squeeze and my 0-9 remote control buttons and power off button work even if I've didn't installed lirc. In a Gnome desktop I could set up the volume too, but now as I'm using Fluxbox I can't start the volume control applet anymore (by the way does somebody knows any handy volume applet for Fluxbox ?)So my question is that if some button of my remote control already work without lirc, then there must by some drivers installed, when I've upgraded to a newer kernel, but I can't figure out what makes my remote control to work. Does anybody knows something about this and if there's something already installed for IR devices in newer kernels how can it be further configured ?If i type the command "cat /dev/input/event6" in my terminal I can see that all my remote control buttons give a signal, but still I can't figure it out how can I set up all of them.
View 2 Replies
View Related
Mar 4, 2009
What support does linux OS distros normally give to their users?
View 1 Replies
View Related
Apr 5, 2011
a small lab of linux servers contains two servers. the administrator wishes to permit user settings and project files to be available when users log in on any machine descibe the server processes needed on the servers
View 1 Replies
View Related
Dec 19, 2009
I am trying to set up Protected Web Directories on my server Fedora8 32bit I have webmin 1.5 and there is Protected Web Directories option, so I follow instructions and setting up all what is asked, in dir what I need to protect shows up 2 files:
[Code]...
View 6 Replies
View Related
Aug 11, 2010
I just created a 2nd user on my computer. I've got the hard drive that ubuntu runs on, and then a 2tb drive for media. If the 2tb is mounted on my desktop, it won't show up on his desktop even if I'm logged out. It won't show up on his unless I unmount on mine.
If I'm logged out I'm obviously not using it. So why doesn't it show up? He has all privileges. Is there a way to make this work without having to unmount?
I'm running karmic btw. If you need computer info let me know what to type into the terminal and whatnot and I'll paste it all here!
View 4 Replies
View Related
Jun 15, 2011
I am posting the o/p of /etc/fstab and /etc/mtab...Currently i am the only user but if i add one more , how can i give that user the right to mount any partition
View 7 Replies
View Related
Jan 22, 2011
i want to give some permission to non root users so that they can mount drives without need of root password.
View 2 Replies
View Related
May 9, 2011
There is a folder that is owned by user tomcat6: drwxr-xr-x 2 tomcat6 tomcat6 69632 2011-05-06 03:43 document. I want to allow another user (ruser) write permissions on document folder. The two users (tomcat6 and ruser) does not belong to same group. I have tried using setfacl: sudo setfacl -m u:ruser:rwx document
but this gives me setfacl: document: Operation not supported error.
View 1 Replies
View Related
May 1, 2011
The desktop computer of my two children has a total of three users:
1) The superuser (me)
2) The user 1001 (my elder son)
3) The user 1002 (my younger son)
Both users 1001 and 1002 can not access their files system, and also they can not save any attachments from incoming mails.
What I tried so far:
I accessed the file manager as superuser, and went: >Root>Home. Here I right-clicked on the folder User 1001, selected properties, selected the tab 'permissions' and allowed this user to read and write into this folder. I also checked the checkbox �extend this permission to all subfolders and its contents.
The problem is, when I reboot, everything is 'forgotten' and I am at quadrant zero again.
Eventually I should state that part of the folders are from a backup drive, because the hard disk had to be replaced so, once I re-installed the OS on the new hard drive, I copied the folders from the backup drive into the home folder.
One last question:
Is there a good tutorial about permissions?
View 9 Replies
View Related
Jul 14, 2009
I have a new server with Fedora 10. The root user can log in by SSH using an RSA key but for any other user the RSA key is ignored and a password required.Ultimately I wish to access an SVN server over SSH and would like to to have to keep entering a password. I have Googled this issue and found nothing.If I log on as root the /var/log/secure file shows that the key is accepted, for any other user no message is added and the password is requested.I have checked all the config files and as far as I can see they are all correct so I am at a complete loss as to why SSH will not use the users RSA key.
View 13 Replies
View Related
Feb 19, 2009
I'm writing a perl script to remove a test database and part of that is of course getting rid of all files. So I wrote this to do the job:
Code:
This always results in an "Could not open /u00/app/oracle/product/10.2.0/rdbms/dbs for reading: No such file or directory" (that directory is the one ending with the $spfile_dir variable) message, although that directory exists and the executing user has writing rights on it.
The same behaviour if I create the directory array like this:
Code:
The problem does not occur when one of the directories is the only element in the array though. Of course I could copy and paste that part of the script for the second directory, but I don't like that workaround.
View 1 Replies
View Related
Apr 17, 2010
I want to restrict access to certain directories to my ssh users but allow them to read files by known path from there(mostly it's meant to be done by applications).
View 2 Replies
View Related
Mar 31, 2011
I don't quite understand /etc/skel. I know that everything in /etc/skel will effect all NEW users, and that's about it.
Basically, what I'm trying to do is add the directories "home" and "work" to the users /home directory.
How do I do this?
View 2 Replies
View Related
May 6, 2009
Problem: I need to map directories to a user's home directory when they log in.
For example, I need to map /school/homework/ to user "steve" in his home directory when he logs in. I'm guessing I could use a logon script, but I can't figure out what command I should be putting in the script. I've been searching for hours through man pages and googled it a ton and can't find anything on it.
View 3 Replies
View Related
Jul 26, 2010
I need to create a number of internal Linux users for admin purposes. I do not want these users to appear on the initial console login page just after Fedora boots up, as users who can attempt to log in, and I do not want to allow these users to log in directly. I merely want these users to be accessed via su, just like the root user.
View 2 Replies
View Related
Nov 1, 2010
We are trying to set up a classroom training environment where our SIG can hold classes for prospective converts from Microsoft/Mac. The ten machines will have /home/student01..10 and /home/linsig01..10 as users. We want /home/student01 to be able to explore and sudo so they can learn to administer their personal machines at home. We don't want them to be able to modify (sudo) /home/linsig01. I've seen the tutorial on Access Control Lists but I'd like other input so we get it right the first time.
View 3 Replies
View Related
Feb 16, 2010
I need some kind of step by step process to restrict my users to only have access to directories that I specify ? For example user joe can only access his home directory, read access to /tmp and read access to /var/log/httpd
View 1 Replies
View Related
Oct 30, 2009
Is it possible in Linux to restrict POP3 or IMAP for particular users.I need a confirmation on this, that it is possible or not in Linux.
View 3 Replies
View Related
Apr 21, 2011
When I'm logged into my account, I can't shut down the computer if someone else is also logged in unless I supply the root password. However, if I log out, I can shut down from GDM without being challenged, even though another person is logged in, which could cause problems if that person is in the middle of some work. Is there a way to password-protect the gdm shutdown function if people are logged in?
View 2 Replies
View Related
Jun 20, 2011
Is it possible to restrict users with 'sudo' from accessing certain directories? Rather than just exclude cd and ls from the sudo privileges, that is.
View 5 Replies
View Related
Dec 11, 2010
How can i chroot group of users to thier home directories and they have ssh access on RHEL 5.5 .. i tried many tuts but it was about chroot services.
View 2 Replies
View Related
