Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

BeroFTPD passwd/shadow

0 views
Skip to first unread message

Bernhard Rosenkraenzer

unread,
Mar 12, 1999, 3:00:00 AM3/12/99
to
On Wed, 10 Mar 1999, Andreas Zierott wrote:

> I want to set up BeroFTPD to use multiple virtual domains. For better
> administration there should be a passwd/shadow file for each domain.

Get 1.3.4 - there are a couple of bugs in passwd/shadow handling I fixed
recently.

> anonymous-root /ftp/<domain>/home
> guest-root /ftp/<domain>/home
>
> After authentication the passwd/shadow files will be expected under the
> chrooted directory (e.g. /ftp/<domain>/home/ftp/<domain>/etc/passwd).
> Therefore they will not be found and the user's home directory cannot be
> determined.

I don't see a way to work around this (except for reading the entire file
to memory, which would be both a memory problem and a security problem) -
there's no way to undo a chroot().

> Another question: What is the current stable BeroFTPD? According to
> documentation it is version 1.2.3 and not the current version 1.3.4
> which should be regarded as experimental.

It's safe to use 1.3.4. The only reason why I'm still calling it
experimental is that I know for sure it doesn't compile on some systems.
(I thought 1.3.4 could fix this problem, but it didn't - it's quite hard
to fix problems occurring only on systems you don't have access to.)

LLaP
bero

--
Windows 98 supports real multitasking - it can boot and crash simultaneously.
***
Anyone sending unwanted advertising e-mail to this address will be charged
$25 for network traffic and computing time. By extracting my address from
this message or its header, you agree to these terms.

Andreas Zierott

unread,
Mar 12, 1999, 3:00:00 AM3/12/99
to
As there is no mailing archive of articles since beginning of this year
available I don't know if related problems were already discussed.

I want to set up BeroFTPD to use multiple virtual domains. For better

administration there should be a passwd/shadow file for each domain. I
created the files and put the passwd and shadow directives in the
appropriate ftpaccess file (both keywords are still undocumented in the
man pages). It looks like this

passwd /ftp/<domain>/etc/passwd
shadow /ftp/<domain>/etc/shadow

This works fine. But I use anonymous and guest accounts and set the root
directories with

anonymous-root /ftp/<domain>/home
guest-root /ftp/<domain>/home

After authentication the passwd/shadow files will be expected under the
chrooted directory (e.g. /ftp/<domain>/home/ftp/<domain>/etc/passwd).
Therefore they will not be found and the user's home directory cannot be
determined.

I could create a hard link there, so I only need to maintain one instead
of two passwd/shadow files. But isn't there a better way?
Or did I something wrong?

Another question: What is the current stable BeroFTPD? According to
documentation it is version 1.2.3 and not the current version 1.3.4
which should be regarded as experimental.

Thanx,
Andreas

--
Andreas Zierott
Deutscher Wetterdienst, Kaiserleistr 42, 63067 Offenbach/Main, Germany
Tel: +49 69 80622250, Fax: +49 69 80622801, eMail: azie...@dwd.d400.de


0 new messages