Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
FTPCHROOT(5)		      File Formats Manual		  FTPCHROOT(5)

NAME
       ftpchroot -- list users and groups subject to FTP access	restrictions

DESCRIPTION
       The  file  ftpchroot is read by ftpd(8) at the beginning	of an FTP ses-
       sion, after having authenticated	the user.  Each	line in	ftpchroot cor-
       responds	to a user or group.  If	a line in ftpchroot matches  the  cur-
       rent user or a group he is a member of, access restrictions will	be ap-
       plied  to this session by changing its root directory with chroot(2) to
       that specified on the line or to	the user's login directory.

       The order of records in ftpchroot is important because the first	 match
       will be used.  Fields on	each line are separated	by tabs	or spaces.

       The  first  field specifies a user or group name.  If it	is prefixed by
       an "at" sign, `@', it specifies a group name; the line will match  each
       user who	is a member of this group.  As a special case, a single	`@' in
       this field will match any user.	A username is specified	otherwise.

       The  optional second field describes the	directory for the user or each
       member of the group to be locked	up in using chroot(2).	Be it omitted,
       the user's login	directory will be used.	 If  it	 is  not  an  absolute
       pathname,  then	it will	be relative to the user's login	directory.  If
       it contains the /./ separator, ftpd(8) will treat its left-hand side as
       the name	of the directory to do chroot(2) to, and its  right-hand  side
       to change the current directory to afterwards.

FILES
       /etc/ftpchroot

EXAMPLES
       These  lines in ftpchroot will lock up the user "webuser" and each mem-
       ber of the group	"hostee" in their respective login directories:

	     webuser
	     @hostee

       And this	 line  will  tell  ftpd(8)  to	lock  up  the  user  "joe"  in
       /var/spool/ftp  and then	to change the current directory	to /joe, which
       is relative to the session's new	root:

	     joe  /var/spool/ftp/./joe

       And finally the following line  will  lock  up  every  user  connecting
       through FTP in his respective ~/public_html, thus lowering possible im-
       pact on the system from intrinsic insecurity of FTP:

	     @	  public_html

SEE ALSO
       chroot(2), group(5), passwd(5), ftpd(8)

FreeBSD	14.3		       January 26, 2003			  FTPCHROOT(5)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ftpchroot&sektion=5&manpath=FreeBSD+14.3-RELEASE+and+Ports>

home | help