Re: Pure-FTP setup and NSS volumes

[DrumDude]

KBOYLE wrote:
> bertbrand;1925652 Wrote:
>> We'd like to user Pure-FTP and was wondering where you create the users.
>> All FTP accounts will be for people outside the company, so no eDir
>> integration is needed.
>>
>> We'd also like to store the FTP site/files on an NSS volume. Is
>> possible?
> I did just that about six months ago. I found these documents helpful.
> 'Cool Solutions: Installing Pure-FTPd on SLES 10'
> (http://www.novell.com/coolsolutions/feature/18281.html)
> 'LUM-enabling pure-ftpd: Quick and Easy'
> (http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=3503915&sliceId=1&docTypeID=DT_TID_1_1&dialogID=42441683&stateId=0%200%2042443404)
> 'Setting a Common Root Directory for FTP Users using Pure-FTPd | Novell
> User Communities'
> (http://www.novell.com/communities/node/4744/setting-a-common-root-directory-ftp-users-using-pure-ftpd)
>
>
My opinion.

All possible if you mount your NSS volume as a NFS mount and use
traditional Linux rights.

I would setup 2 instances of pureftp in your scenario.

1: for eDir users only.
2: the other for Linux.

Of course this scenario requires the utmost security, lockdown your NFS
export and pureftp wisely.
Also you have to consider file case and how you export the NSS volume
for performance.

I would just go with eDir accounts and NSS if I were you and take
advantage of the rich file rights and eDir security.

[Thomas Reiß]

bertbrand schrieb:
> UPDATE
>
> when I do 'ls -l' on FTP folder, it shows nobody and root as the
> owners. doing the chown seems to do nothing on NSS vol/dir. if I
> create a dummy folder in /root and chown to ftpuser:ftpgroup, it shows
> correctly.
>
> so.... how do I chown on NSS vol?
>
> thanks
>
> bertbrand;1927152 Wrote:
>> Thanks for the links. I've referred to and looked over, but still have
>> issues.
>>
>> here's how I created Linux ftp user:
>>
>> useradd -g ftpgroup -s /usr/bin/false -d /media/nss/VOL1/FTP/ ftpuser
>>
>> This is because I want all pure-ftp virtual users to have their own
>> sub-dir under FTP.
>>
>> I did a chown for ftpuser:ftpgroup on /media/nss/VOL1/FTP
>>
>> here's how I created pure-ftp user:
>>
>> pure-pw useradd testftp -u ftpuser -d /media/nss/VOL1/FTP/testftp
>>
>> if I do pure-pw list or show, it shows what I want for home dir -
>> /media/nss/VOL1/FTP/testftp. also has ftpuser and ftpgroup in show as
>> well.
>>
>> So when I try to access via FTP client, I get placed in '/' and
>> permission denied when I try to change to /media/nss/VOL1/FTP/testftp.
>>
>> I have a feeling something is not right with the ftpuser/ftpgroup
>> rights.
>>
>> any ideas?

TID: 3503915
Dos this help?

I thing you have to create User "ftpuser" and Group "ftpgroup" in
Edirectory and LUM enable it.

Check if the are visible at Linux.

Examble:

namuserlist -x o=<Your org>
namgrouplist -x o=<Your org>

Then you can use tratitional Novell Tools (Novell Client) to change
permissions to this User/Group Combo.

Or you use the "rigths" command at Linux Console.

Example: rights -f /media/nss/VOL1/FTP/testftp -r rwfc trustee
ftpuser.engineer.acme_tree

Hope it helps
Thomas