I am trying to setup a FTP server. I am using VsFTPd on an Ubuntu server that will authenticate against an LDAP server.
My users should have access to their personal directory (read/write), to their public directory (read/write), to the public directory of other users (read) and to a general public directory (read). Admin users have read/write access on all directories.
My problem is the following: when a user is created on the LDAP server, he should be able to connect to the FTP server. But his directories will not be created on the FTP server. Another part of the problem is the modification of the status of an user: if an user becomes admin, how do I change his configuration to give him access to all the directories?
One solution would be to execute a script when an user tries to connect to the FTP server. This script would check if the directories are created and if not, create them.
But how can I configure VsFTPd to execute a script when an user logs in?
Thank you for your help.
You should use the pam module pam_mkhomedir. Use it globally for all the system or only for VsFTP if your installation was compiled against libpam.so. Check this using ldd in the vsftpd binary.
Related
I've been having an issue trying to add github materials from a private repo on a Windows server.
I've seen lots of people suggesting how to add the ssh keys and where but on unix based systems. Haven't found anything related to Windows Servers.
I'm using Go latest release and have installed Go Server & Agent on a Windows Server 2008 with git installed.
I can connect to the private repo using Git Bash.
Whenever I try to add the materials it keeps saying Checking Connection and looks like it stays there forever.
If I use basic auth it works but I would like to make it work without exposing my password in the URL.
Is there a way to do that?
If you run Go under the default local system account, you can follow the suggestions from http://opensourcetester.co.uk/2013/06/28/jenkins-windows-ssh/ to setup the ssh keys for local system account.
If you run Go Server under a domain account (and not the default Local System account), check if you have uploaded your ssh keys to %USERPROFILE%/.ssh/ folder on the server machine, %USERPROFILE% being HOME folder for the domain user. Once you set that up, Go server would be able to pick the required keys. The same holds good for the agent machines. Just so you know, Go would not invoke Git-bash internally to run the git commands, so any setup on bash will not take effect when running git from within Go.
If you are using a windows machine to host GoCD server and agents , it does not run under a normal user account, it runs under the “Local System Account”
So even you can access your git repo from git bash (logged in as the current user),GOCD cannot access the same.
So you need to add the SSH keys for the Local System Account from your your current user.
1.First find the home directory for the Local System Account(It will not reside under C:/Users )
2.Use any remote administration tool to find the home directory- If you go with http://download.sysinternals.com/files/PSTools.zip
a)unzip and run command-line as administrator
b)PsExec.exe -i -s cmd.exe -start the tool )
c)run echo %userprofile% to get the home directory (eg:C:\Windows\system32\config\systemprofile)
3.Now you can either copy the SSH key files from current user or create a new one using ssh commands.
Try checking Connection after creating/copying the SSH keys, it will show Connection OK!
I've started using the Apache web server that comes with OS X (10.9.4) for testing. When I copy files to its web root (/Library/WebServer/Documents) or delete from the same, I get prompted for the admin password. I have this password, so that's not a problem. It's just inefficient. I haven't had this issue when using other installs of Apache (generally via MAMP). So I'm sure it's just a config issue. Any help is appreciated.
This is done to protect the directory, you can add an ACL to allow your user account read/write access to that folder.
You can add the ACL as follows, Please be sure to change "yourshortname" to your username on the computer.
sudo chmod -R +a "yourshortname allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" /Library/WebServer/Documents
Let me know if it works for you.
I have an established workflow, but a change has caused some complications. An upstream Windows server delivers a file to my Solaris server where the file is accessed by my Windows 2003 server.
The problem is that either the ownership or permissions on a file delivered daily to the Solaris server has changed, and now the service running on my Windows server cannot copy and delete the file.
My Windows server has a parent directory on the Solaris server mapped and authenticated by User1.
The failing file comes in with an ownership of User2 and permissions of 664.
The failing file can be copied and deleted directly through Windows Explorer without additional authentication. A scheduled task batch file also can perform the copy and delete without authentication. It is only the running service which is unable to perform these tasks.
For comparison, there are a collection of files following the same workflow. These have an of ownership of User1 and permissions of 755.
User1 is a member of User1.
User2 is a member of staff.
The Solaris directory holding the files has permissions of 755 and ownership of User1.
What change can I make to give my Windows services ongoing access to files with both ownerships?
UPDATE:
Using a persistent shell script to change the ownership.
Had to use a persistent shell script to edit the file ownership.
I am developing a rather basic CMS locally and can not ftp due to permissions problems. I have FileZilla FTP server running in XAMPP and can connect without problems but receive error "550 Permission Denied" when my code tries to upload via ftp.
I tried changing permissions via my FileZilla FTP client but without success (presumably because it is windows- error: "504 Command not implemented for that parameter"). I also tried going to the target folder's properties --> security --> permissions and checking "full" for the user XAMPP is running under.
So how do I setup the permissions to allow my CMS to use ftp in XAMPP?
Finally figured it out. For anyone else who has this problem, there is no need to set permissions in Windows. Instead, on the FileZilla FTP server admin interface select edit --> users --> shared folders and check 'write'.
For a fix of this make sure that the root folder is allowed to write and pass rights permission. had this same issue for a script to run on local web xampp server windows xp.. just change the root file attributes to 755 then try it if that don't work try 777. should work now... hope this works for you... as it did me.
If that does not work go to your htdocs folder in your xampp directory then right click it and check properties .. if read only is ticked .. untick it and apply to all sub folders and files
You're behind firewall? Try to allow FileZilla server program in Firewall.
I'm new to Linux and it's command line and I need to change user rights on FTP server. The situation is like this:
I have a Debian server (without GUI, only with command line) with FTP server. And I have 2 users. Root (all access) and webmaster (limited user). Webmaster can upload files via FTP, but these get permission 600 (chmod 0600). But I need 0777.
How or where can I change this? I can log in as the root but I don't know how to manage FTP users.
I probably need to change "umask" for webmaster. I don't know what FTP software is my Linux using. I found file etc/login.defs with value #UMASK 022, but it is commented.
Can anyone help please? Explanatory link for beginners would be enought.
This depends on which package you use to provide your ftp server program.
With some programs you can specify a default umask on the daemon's command line.
With vsftpd you can specify it in /etc/vsftpd.conf. Here's a snippet from the default config file:
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
I think clients can also change their umask from the default from within an ftp shell.