Archive

Posts Tagged ‘proftpd’

Add user account in proftpd server(Privileges through setfacl &getfacl)

August 27th, 2010 No comments

After you've installed proftpd in centos or debian,add user account is the next step.Use groupadd and useradd command,and passwd to set a password,the new user is then ready to use ftp to log in the home directory(set home directory by 'useradd -d').
But sometimes,things are not that simple.Now you want the ftp user have specified privileges on some directories,and you are not allowed to change the old mod(for example,directories under /var/www/htdocs).If you encounter this,time for you to use acl(Access Control List) module of linux.
Here is the detailed steps:
groupadd test
useradd -g test -d /var/www/virtual -s /sbin/nologin test #-s /sbin/nologin disallow user to log in the system
passwd test
setfacl -m u:test:rwx /var/www/virtual #test now have mod rwx
getfacl /var/www/virtual

#In /etc/rc.local,type in setfacl -m u:test:rwx /var/www/virtual to run the command at boot time

#If you find no command setfacl,getfacl on your system,use yum install acl(centos),apt-get install acl(debian,ubuntu) to firstly install them.

PS:

You can read more about ACL in linux hereĀ https://wiki.archlinux.org/index.php/Access_Control_Lists