GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
FTPCHROOT(5) FreeBSD File Formats Manual FTPCHROOT(5)

ftpchroot
list users and groups subject to FTP access restrictions

The file ftpchroot is read by ftpd(8) at the beginning of an FTP session, after having authenticated the user. Each line in ftpchroot corresponds to a user or group. If a line in ftpchroot matches the current user or a group he is a member of, access restrictions will be applied to this session by changing its root directory with chroot(2) to that specified on the line or to the user's login directory.

The order of records in ftpchroot is important because the first match will be used. Fields on each line are separated by tabs or spaces.

The first field specifies a user or group name. If it is prefixed by an “at” sign, ‘@’, it specifies a group name; the line will match each user who is a member of this group. As a special case, a single ‘@’ in this field will match any user. A username is specified otherwise.

The optional second field describes the directory for the user or each member of the group to be locked up in using chroot(2). Be it omitted, the user's login directory will be used. If it is not an absolute pathname, then it will be relative to the user's login directory. If it contains the /./ separator, ftpd(8) will treat its left-hand side as the name of the directory to do chroot(2) to, and its right-hand side to change the current directory to afterwards.

/etc/ftpchroot
 

These lines in ftpchroot will lock up the user “webuser” and each member of the group “hostee” in their respective login directories:
webuser
@hostee

And this line will tell ftpd(8) to lock up the user “joe” in /var/spool/ftp and then to change the current directory to /joe, which is relative to the session's new root:

joe /var/spool/ftp/./joe

And finally the following line will lock up every user connecting through FTP in his respective ~/public_html, thus lowering possible impact on the system from intrinsic insecurity of FTP:

@ public_html

chroot(2), group(5), passwd(5), ftpd(8)
January 26, 2003 FreeBSD 13.1-RELEASE

Search for    or go to Top of page |  Section 5 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.