View previous topic :: View next topic |
Author |
Message |
tomr n00b

Joined: 13 Aug 2003 Posts: 6
|
Posted: Tue Sep 16, 2003 2:24 pm Post subject: pure-ftp doesn't read config file |
|
|
I have successfully installed pure-ftpd.
Virtual users can log in, upload, download, ect with no problems.
My server is on a LAN, so I wanted to allow users to upload files/directories that start with a .
In my /etc/conf.d/pure-ftpd file, I changed the "-X" to a "-x", and restarted pure-ftpd.
No dice. It still tells me that a dot file is a prohibited file type when I try to upload it.
Here is my /etc/conf.d/pure-ftpd file:
fatman / # more /etc/conf.d/pure-ftpd
# Config file for /etc/init.d/pure-ftpd
##Comment variables out to disable its features, or change the values in it... ##
## This variable must be uncommented in order for the server to start ##
IS_CONFIGURED="yes"
## FTP Server,Port (separated by comma) ##
## If you prefer host names over IP addresses, it's your choice :
## SERVER="-S ftp.rtchat.com,21"
## IPv6 addresses are supported.
SERVER="-S 192.168.0.201,21"
## Number of simultaneous connections in total, and per ip ##
MAX_CONN="-c 30"
MAX_CONN_IP="-C 10"
## Start daemonized in background ##
DAEMON="-B"
## Don't allow uploads if the partition is more full then this var ##
DISK_FULL="-k 90%"
## If your FTP server is behind a NAT box, uncomment this ##
#USE_NAT="-N"
## Authentication (others are 'pam', ...)##
## Further infos in the README file.
AUTH="-lpuredb:/etc/pureftpd.pdb -lunix"
## Change the maximum idle time. (in minutes. default 15)
#TIMEOUT="-I <timeout>'"
## Use that facility for syslog logging. It defaults to 'ftp'
## Logging can be disabled with '-f none' .
#LOG="-f facility"
## Misc. Others ##
#MISC_OTHER="-A -x -j -R"
MISC_OTHER="-E -x -H -j -H -w"
PURE_DBFILE="/etc/pureftpd.pdb"
PURE_PASSWDFILE="/etc/pureftpd.passwd"
Everything is working great, except this.
Anyone got any clues (I even tried to Microsoft solution and rebooted...didn't work) ? |
|
Back to top |
|
 |
mglauche Retired Dev


Joined: 25 Apr 2002 Posts: 564 Location: Germany
|
Posted: Tue Sep 16, 2003 2:32 pm Post subject: |
|
|
from the pro-ftdp manual page :
Code: |
-x In normal operation mode, authenticated users can read/write files beginning with a dot ('.'). Anonymous
users can't, for security reasons (like changing banners or a forgotten .rhosts). When '-x' is used,
authenticated users can download dot-files, but not overwrite/create them, even if they own them. That
way, you can prevent hosted users from messing
-X This flag is identical to the previous one (writing dot-files is prohibited), but in addition, users
can't even *read* files and directories beginning with a dot (like "cd .ssh").
|
so -X is actually worse than -x - both prevent accessing .dotfiles try removing them both . |
|
Back to top |
|
 |
tomr n00b

Joined: 13 Aug 2003 Posts: 6
|
Posted: Tue Sep 16, 2003 2:46 pm Post subject: |
|
|
Thanks for the quick reply. It worked like a charm.
Looks like some of the info at the bottom of the config file that explain switches is incomplete.
Here's whats at the bottom of mine (left it out, as I didn't think it made a difference):
#
# Use these inside $MISC_OTHER
# More can be found on "http://pureftpd.sourceforge.net/README"
#
# -A [ chroot() everyone, but root ]
# -e [ Only allow anonymous users ]
# -E [ Only allow authenticated users. Anonymous logins are prohibited. ]
# -i [ Disallow upload for anonymous users, whatever directory perms are ]
# -j [ If the home directory of a user doesn't exist, auto-create it ]
# -M [ Allow anonymous users to create directories. ]
# -R [ Disallow users (even non-anonymous ones) usage of the CHMOD command ]
# -x [ Authenticated users can read/write files beginning with a dot ('.')
# Anonymous users can't, for security reasons ]
# -X [ Users can't write/read files and directories starting with a dot ('.') ]
# -D [ List files beginning with a dot ('.') even when the client doesn't
# append the '-a' option to the list command. A workaround for badly
# configured FTP clients. ]
# -G [ Disallow renaming. ]
# -d [ Send various debugging messages to the syslog. ONLY for DEBUG ]
# -F <fortune file> [ Display a fortune cookie on login. Check the README file ]
# -H [ By default, fully-qualified host names are logged. The '-H' flag avoids host names resolution. ] |
|
Back to top |
|
 |
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|