Very Computer

Hi,

I have wu-ftpd running and have a number of users with www directories who
I only want to have ftp access.  I have managed to get the ftpaccess file
setup so that they are in a guest group (ftponly) and they can get ftp
access so that they can go no further up the directory tree (the chroot
seems to work okay).  However, once logged in, they cannot see any files
(ls doesnt work). Is there anything I am forgetting to do here ?

Regards
Stewart Bamford
--

     "The brain is a wonderful organ; it starts working the moment you
      get up in the morning, and does not stop until you get to work."

Hi,

I have wu-ftpd running and have a number of users with www directories who
I only want to have ftp access.  I have managed to get the ftpaccess file
setup so that they are in a guest group (ftponly) and they can get ftp
access so that they can go no further up the directory tree (the chroot
seems to work okay).  However, once logged in, they cannot see any files
(ls doesnt work). Is there anything I am forgetting to do here ?

Regards
Stewart Bamford
--

     "The brain is a wonderful organ; it starts working the moment you
      get up in the morning, and does not stop until you get to work."

Since they are chrooted to a particular directory tree, you need
to make sure that you have the file ~/bin/ls, where ~ is the root
of that directory tree.  

later,
Ashok
--
Ashok Aiyar

Univ. of Wisconsin-Madison                    tel: (608) 262-6697

saying:

Quote:>Hi,
>I have wu-ftpd running and have a number of users with www directories who
>I only want to have ftp access.  I have managed to get the ftpaccess file
>setup so that they are in a guest group (ftponly) and they can get ftp
>access so that they can go no further up the directory tree (the chroot
>seems to work okay).  However, once logged in, they cannot see any files
>(ls doesnt work). Is there anything I am forgetting to do here ?

I have similar problems with my server using wu-ftp in anonymous mode.

Symptoms: User (anonymous) logs in and sees nothing if they are using
a GUI based ftp client (with the exception of PCTCP's windows client).
Any command line based ftp seems to work properly. Users can see
directories and files. If the user knows the full path and file name,
they can download files. The fact that it works sometimes suggests
that the ls is properly setup and the rest of the account is properly
setup.

This server is using Linux 1.2.3 kernel, but now it appears that it
may be more than just a linux problem.

any ideas out there? suggestions as to what's wrong, or where to ask
this question. I need answers asap as my boss is on my butt...

===================================
Sig? We don' need no s*kin' sig!
===================================

: the wu-ftpd can do a 'LIST' in short form itself but needs ~/bin/ls in
: the chroot-environment for doing it in long form (similar to 'ls -s').
                                                                ^^^^^
                                                               'ls -l'

remember netiquette? "always read it a second time before posting"...well..

sorry
  delta

--
helmut 'delta' springer             Unix/Net Consulting, InfoSystems, StudBox

http://www.veryComputer.com/~delta/
phone : +49 711 1319-112                    If you've got to do it,
FAX   : +49 711 685-2043                      do it with cold *...

: I have similar problems with my server using wu-ftp in anonymous mode.
:
: Symptoms: User (anonymous) logs in and sees nothing if they are using
: a GUI based ftp client (with the exception of PCTCP's windows client).
: Any command line based ftp seems to work properly. Users can see
: directories and files. If the user knows the full path and file name,
what do you mean with 'can see files'?

the wu-ftpd can do a 'LIST' in short form itself but needs ~/bin/ls in
the chroot-environment for doing it in long form (similar to 'ls -s').

if you're using the short 'ls' in your command line client, but your
GUI clients use 'ls -l' the first will do the second fail.

regards
  delta

--
helmut 'delta' springer             Unix/Net Consulting, InfoSystems, StudBox

http://www.veryComputer.com/~delta/
phone : +49 711 1319-112                    If you've got to do it,
FAX   : +49 711 685-2043                      do it with cold *...

Stewart,

        You need to create a bin directory in your chroot'ed environment
that contains the ls command (and any other commands your wu-ftp doesn't
provide that your users need).  If your chroot'ed directory is
/users/ftponly then create /users/ftponly/bin and copy the ls command to
it.  If you're running Sunos you will also have to create a dev
directory with a 'zero' file in it (if you're using dynamically linked
executables).  Create it with the command 'mknod zero c 3 12'.

        You can set the bin (and dev) directory to permissions of 0111.
 The ls command can also be set to 111.

        Good Luck.

jcs

Springer) burst forth, saying:

Okay, additional info... When I ftp local host from the console, I get
the same basic symptoms. I use ls - nada! I use nlist and voila! info
revealed. Unfortunately, chameleon and a host of other clients won't
do this as htey seem to be hard coded. WU-FTPD has nlist, which seems
to be specific to it only.  When I say see the files, I mean they can
do a basic ls command and see the listing. I have made sure that the
libraries are in place and properly set, the special device needed is
set up, etc. A UNIX guru at work went through it all too, and is
stumped. This seems to be a common problem withwu-ftpd as I saw a few
messages about it over in th linux area too, all with the same
problems. so again I plead HEEEELLLPPPP!
===================================
Sig? We don' need no s*kin' sig!
===================================

I don't know which OS you're using, so the following answer may not
apply.  On SunOS, and several other flavors of Unix, /bin/ls is linked
dynamically.  This means that at runtime, it needs to access libraries
in /usr/lib.  If you just copy /bin/ls to ~/bin/ls for your chroot'ed
environment on such a system, this ls will fail because it can't find
the libraries that it needs in ~/usr/lib.

If this is the case, there are two solutions.  You can either find ls
source somewhere (for example, a BSD source archive, such as on UUnet),
and compile it statically, without shared libraries.  How exactly you
do that is specific to your system, you can probably find the answer
in the man page for your C compiler.

The other option is to find out what libraries ls wants, and make
copies of them in ~/usr/lib under your chroot'ed environment.  You can
do something like "trace ls -l |& grep open" (if you're using a csh)
to see what libraries, devices, and other system files your ls needs.

 "I think it's pretty clear that Unix is dead as a research system."