[CentOS] Problen with vsftpd and chroot

Mon Jan 8 10:59:58 UTC 2007
Tony Molloy <tony.molloy at ul.ie>

On Friday 05 January 2007 18:31, Kevan Benson wrote:
> On Friday 05 January 2007 03:46, Tony Molloy wrote:
> > I'm setting up a local mirror server on a CentOS4 box. I want it to
> > serve files over http, nfs and ftp.
> >
> > I've set this up with the mirrored directories on a separate
> > partition. I've got the http and nfs working but am having some
> > trouble with ftp.
> >
> > I'm using vsftpd as the ftp server. I can log in to the ftp server
> > and get to the pub (/var/ftp/pub) directory. However when I try and
> > go to the mirrored directories below this I get a "can't change
> > directory error. The mirrored directories is a symbolic link to the
> > actual directories on the separate partition.
> >
> > So my question is is vsftpd chrooted to the /var/ftp directory by
> > default and won't follow symbolic links and if so is there any way to
> > change this behaviour.
> >
> > I can change the mount points if I need to but I was just wondering.
> vsftpd stands for Very Secure FTP Daemon, so it's primary purpose is
> secure FTP.  It very well may have checks to make sure it doesn't
> follow symlinks out of the current allowed tree, but I didn't see
> anything in the vsftpd.conf(5) man page on quick examination.  A few
> tests with symlinks pointing to directories on the same partition in
> and out of the default path for vsftpd might yield more information.
> If there are issues with vsftpd and symlinks you can't work around,
> check the mount(8) man page and look up --bind.

I checked the man page as well. I'll check out the --bind option that 
seems to be exactly what I'm looking for.




Tony Molloy.

System Manager.
Dept. of Comp. Sci.
University of Limerick