 |
 |
ftpd on Panther
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
On pre-Panther builds I am almost positive I was able to create a user account via System Preferences and then, using Netinfo Manager, set their shell to /dev/null so they couldn't log in via telnet or ssh. Now when I do this it seems to disallow users to log in via ftp:
"User not allowed to use FTP"
Anyone know what's going on? Though this bug/feature is a pain, I'm glad that the chroot is fixed in Panther now, whereas ftp was pretty much broken for other users than the main admin account before.
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Nov 2003
Location: SoCal
Status:
Offline
|
|
Perhaps this is because the shell file is completely missing (/dev/null). Instead make an "ftponly" file and place it in /bin. You can have this file simply echo they have no access like (make sure it does exit 0; at least):
#!/bin/sh
#
# ftponly shell
#
/bin/echo "You are NOT allowed shell access to this system."
exit 0;
Then assign the user /bin/ftponly. Lastly add the ftponly to the /etc/shells list.
I hope this works for you.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Originally posted by si_lance:
Perhaps this is because the shell file is completely missing (/dev/null). Instead make an "ftponly" file and place it in /bin. You can have this file simply echo they have no access like (make sure it does exit 0; at least):
#!/bin/sh
#
# ftponly shell
#
/bin/echo "You are NOT allowed shell access to this system."
exit 0;
Then assign the user /bin/ftponly. Lastly add the ftponly to the /etc/shells list.
I hope this works for you.
Interesting. I can't wait for the day where I come up with nifty little solutions like that. That's pretty cool, man. Thanks.
I've got a question, though, what does having the shell in /etc/shells do for the system? Users usually specify their shell by path, so I'm not sure what good having a list of all shells on a system does.
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Nov 2003
Location: SoCal
Status:
Offline
|
|
Daemons often check the user's shell against this list for connections. If it doesn't exist, no connectivity at all is granted (usually).
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Originally posted by si_lance:
Daemons often check the user's shell against this list for connections. If it doesn't exist, no connectivity at all is granted (usually).
So it's more of a safety measure than anything? It sounds like it's not mission critical that a "shell" be in /etc/shells, eh?
Thanks regardless. 
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
