--===============1196774396==
Content-Type: multipart/alternative;
boundary="----=_Part_42975_27492748.1194537499101"

------=_Part_42975_27492748.1194537499101
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

hi !

yes i also have it running that way ... -> the sqldefaultUID and GID user
...(in your case.2000:2001 ) has write access to the directory i want to
acces/write with this ftp-session ......

if you deny "everybody" execute-premissions, my experience was, that you
dont get a dirlist anymore ..... ( so i guess this means at least +x for the
proftpduser (nobody)

hope it helps ...




2007/11/8, Marco Strullato :
>
> Hi all!
> I'm configuring a ftp server with virtual users.
>
> This is my config file:
> ServerName "name"
> ServerIdent on "FTP Server ready."
> ServerAdmin mail@address
> ServerType standalone
> DefaultServer on
> AccessGrantMsg "User %u logged in."
> DeferWelcome off
> DefaultRoot ~
> AuthOrder mod_auth_file.c
> IdentLookups off
> UseReverseDNS off
> Port 21
> Umask 022
> ListOptions "-a"
> AllowRetrieveRestart on
> AllowStoreRestart on
> MaxInstances 20
> User nobody
> Group nobody
> UseSendfile no
> ScoreboardFile /var/run/proftpd.score
>
> AllowOverwrite yes
>
> AllowAll
>

>

> LogFormat default "%h %l %u %t \"%r\" %s %b"
> LogFormat auth "%v [%P] %h %t \"%r\" %s"
> AuthUserFile /etc/ftpasswd
> AuthGroupFile /etc/ftgroup
> RequireValidShell no
>
>
> DenyAll
>

>

>
> The ftpasswd file is
>
> download:$1$gv4mq0h7$Jm1........................R0 :2000:2000::/home/ftpsite/download:/bin/false
> es:$1$lMP...................lBy77t1GrUf.:2001:2001 ::/home/ftpsite/es:/bin/false
>
>
> The filesystem is:
> [root@server ftpsite]# ls -l
> drwx---r-x 7 nobody nobody 4096 Nov 1 20:22 download
> drwx---r-x 7 nobody nobody 4096 Nov 1 20:22 es
>
> The question is what should be the filesystem permissions. I mean I can
> log in, I can list the filesystem but I can not write.
> Proftpd is running as nobody and the filesystem owner is nobody. Is that
> owner right? Or should I change the owner to the uid 2000 and 2001?
> Documentation is not clear.
> If I do chmod 777everything works but I don't like this solution!
> The only interesting doc is
> http://www.proftpd.org/localsite/Use...nked/x846.html (id to id
> mapping) but this isn't usefull.
>
> What do you suggest me?
>
>
> Thanks
>
> Marco
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> ProFTPD Users List
> Unsubscribe problems?
> http://www.proftpd.org/list-unsub.html
>


------=_Part_42975_27492748.1194537499101
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

hi !

yes i also have it running that way ... -> the sqldefaultUID and GID user ..(in your case.2000:2001&nbsp has write access to the directory i want to acces/write with this ftp-session ......

if you deny  "everybody" execute-premissions, my experience was, that you dont get a dirlist anymore ..... ( so i guess this means at least +x for the proftpduser (nobody) 


hope it helps ...

 



 

2007/11/8, Marco Strullato <marco.strullato@gmail.com>:
Hi all!
I'm configuring a ftp server with virtual users.

This is my config file:
ServerName                      "name"

ServerIdent                     on "FTP Server ready."
ServerAdmin                     mail@address
ServerType                      standalone
DefaultServer                   on
AccessGrantMsg                  "User %u logged in."

DeferWelcome                    off
DefaultRoot                     ~
AuthOrder                       mod_auth_file.c
IdentLookups                    off
UseReverseDNS                   off
Port                            21

Umask                           022
ListOptions                     "-a"
AllowRetrieveRestart            on
AllowStoreRestart               on
MaxInstances                    20
User                            nobody

Group                           nobody
UseSendfile                     no
ScoreboardFile                  /var/run/proftpd.score
<Global>
  AllowOverwrite                yes
  <Limit ALL SITE_CHMOD>

    AllowAll
  </Limit>
</Global>
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

AuthUserFile /etc/ftpasswd
AuthGroupFile /etc/ftgroup
RequireValidShell no
<Directory /home/ftpsite/download>
<Limit WRITE>
DenyAll
</Limit>
</Directory>

The ftpasswd file is

download:$1$gv4mq0h7$Jm1........................R0 :2000:2000::/home/ftpsite/download:/bin/false
es:$1$lMP...................lBy77t1GrUf.:2001:2001 ::/home/ftpsite/es:/bin/false

The filesystem is:
[root@server
ftpsite]# ls -l
drwx---r-x  7 nobody nobody 4096 Nov  1 20:22 download
drwx---r-x  7 nobody nobody 4096 Nov  1 20:22 es

The question is what should be the filesystem permissions. I mean I can log in, I can list the filesystem but I can not write.

Proftpd is running as nobody and the filesystem owner is nobody. Is that owner right?  Or should I change the owner to the uid 2000 and 2001? Documentation is not clear.
If I do chmod 777everything works but I don't like this solution!

The only interesting doc is http://www.proftpd.org/localsite/Use...nked/x846.html
(id to id mapping) but this isn't usefull.

What do you suggest me?


Thanks

Marco



-------------------------------------------------------------------------

This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>
http://get.splunk.com/
_______________________________________________
ProFTPD Users List   <roftpd-users@proftpd.org">
proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html




------=_Part_42975_27492748.1194537499101--


--===============1196774396==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
--===============1196774396==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
--===============1196774396==--