PNG  IHDRQgAMA a cHRMz&u0`:pQ<bKGDgmIDATxwUﹻ& ^CX(J I@ "% (** BX +*i"]j(IH{~R)[~>h{}gy)I$Ij .I$I$ʊy@}x.: $I$Ii}VZPC)I$IF ^0ʐJ$I$Q^}{"r=OzI$gRZeC.IOvH eKX $IMpxsk.쒷/&r[޳<v| .I~)@$updYRa$I |M.e JaֶpSYR6j>h%IRز if&uJ)M$I vLi=H;7UJ,],X$I1AҒJ$ XY XzI@GNҥRT)E@;]K*Mw;#5_wOn~\ DC&$(A5 RRFkvIR}l!RytRl;~^ǷJj اy뷦BZJr&ӥ8Pjw~vnv X^(I;4R=P[3]J,]ȏ~:3?[ a&e)`e*P[4]T=Cq6R[ ~ޤrXR Հg(t_HZ-Hg M$ãmL5R uk*`%C-E6/%[t X.{8P9Z.vkXŐKjgKZHg(aK9ڦmKjѺm_ \#$5,)-  61eJ,5m| r'= &ڡd%-]J on Xm|{ RҞe $eڧY XYrԮ-a7RK6h>n$5AVڴi*ֆK)mѦtmr1p| q:흺,)Oi*ֺK)ܬ֦K-5r3>0ԔHjJئEZj,%re~/z%jVMڸmrt)3]J,T K֦OvԒgii*bKiNO~%PW0=dii2tJ9Jݕ{7"I P9JKTbu,%r"6RKU}Ij2HKZXJ,妝 XYrP ެ24c%i^IK|.H,%rb:XRl1X4Pe/`x&P8Pj28Mzsx2r\zRPz4J}yP[g=L) .Q[6RjWgp FIH*-`IMRaK9TXcq*I y[jE>cw%gLRԕiFCj-ďa`#e~I j,%r,)?[gp FI˨mnWX#>mʔ XA DZf9,nKҲzIZXJ,L#kiPz4JZF,I,`61%2s $,VOϚ2/UFJfy7K> X+6 STXIeJILzMfKm LRaK9%|4p9LwJI!`NsiazĔ)%- XMq>pk$-$Q2x#N ؎-QR}ᶦHZډ)J,l#i@yn3LN`;nڔ XuX5pF)m|^0(>BHF9(cզEerJI rg7 4I@z0\JIi䵙RR0s;$s6eJ,`n 䂦0a)S)A 1eJ,堌#635RIgpNHuTH_SԕqVe ` &S)>p;S$魁eKIuX`I4춒o}`m$1":PI<[v9^\pTJjriRŭ P{#{R2,`)e-`mgj~1ϣLKam7&U\j/3mJ,`F;M'䱀 .KR#)yhTq;pcK9(q!w?uRR,n.yw*UXj#\]ɱ(qv2=RqfB#iJmmL<]Y͙#$5 uTU7ӦXR+q,`I}qL'`6Kͷ6r,]0S$- [RKR3oiRE|nӦXR.(i:LDLTJjY%o:)6rxzҒqTJjh㞦I.$YR.ʼnGZ\ֿf:%55 I˼!6dKxm4E"mG_ s? .e*?LRfK9%q#uh$)i3ULRfK9yxm܌bj84$i1U^@Wbm4uJ,ҪA>_Ij?1v32[gLRD96oTaR׿N7%L2 NT,`)7&ƝL*꽙yp_$M2#AS,`)7$rkTA29_Iye"|/0t)$n XT2`YJ;6Jx".e<`$) PI$5V4]29SRI>~=@j]lp2`K9Jaai^" Ԋ29ORI%:XV5]JmN9]H;1UC39NI%Xe78t)a;Oi Ҙ>Xt"~G>_mn:%|~ޅ_+]$o)@ǀ{hgN;IK6G&rp)T2i୦KJuv*T=TOSV>(~D>dm,I*Ɛ:R#ۙNI%D>G.n$o;+#RR!.eU˽TRI28t)1LWϚ>IJa3oFbu&:tJ*(F7y0ZR ^p'Ii L24x| XRI%ۄ>S1]Jy[zL$adB7.eh4%%누>WETf+3IR:I3Xה)3אOۦSRO'ٺ)S}"qOr[B7ϙ.edG)^ETR"RtRݜh0}LFVӦDB^k_JDj\=LS(Iv─aTeZ%eUAM-0;~˃@i|l @S4y72>sX-vA}ϛBI!ݎߨWl*)3{'Y|iSlEڻ(5KtSI$Uv02,~ԩ~x;P4ցCrO%tyn425:KMlD ^4JRxSهF_}شJTS6uj+ﷸk$eZO%G*^V2u3EMj3k%)okI]dT)URKDS 7~m@TJR~荪fT"֛L \sM -0T KfJz+nإKr L&j()[E&I ߴ>e FW_kJR|!O:5/2跌3T-'|zX ryp0JS ~^F>-2< `*%ZFP)bSn"L :)+pʷf(pO3TMW$~>@~ū:TAIsV1}S2<%ޟM?@iT ,Eūoz%i~g|`wS(]oȤ8)$ ntu`өe`6yPl IzMI{ʣzʨ )IZ2= ld:5+請M$-ї;U>_gsY$ÁN5WzWfIZ)-yuXIfp~S*IZdt;t>KūKR|$#LcԀ+2\;kJ`]YǔM1B)UbG"IRߊ<xܾӔJ0Z='Y嵤 Leveg)$znV-º^3Ւof#0Tfk^Zs[*I꯳3{)ˬW4Ւ4 OdpbZRS|*I 55#"&-IvT&/윚Ye:i$ 9{LkuRe[I~_\ؠ%>GL$iY8 9ܕ"S`kS.IlC;Ҏ4x&>u_0JLr<J2(^$5L s=MgV ~,Iju> 7r2)^=G$1:3G< `J3~&IR% 6Tx/rIj3O< ʔ&#f_yXJiގNSz; Tx(i8%#4 ~AS+IjerIUrIj362v885+IjAhK__5X%nV%Iͳ-y|7XV2v4fzo_68"S/I-qbf; LkF)KSM$ Ms>K WNV}^`-큧32ŒVؙGdu,^^m%6~Nn&͓3ŒVZMsRpfEW%IwdǀLm[7W&bIRL@Q|)* i ImsIMmKmyV`i$G+R 0tV'!V)֏28vU7͒vHꦼtxꗞT ;S}7Mf+fIRHNZUkUx5SAJㄌ9MqμAIRi|j5)o*^'<$TwI1hEU^c_j?Е$%d`z cyf,XO IJnTgA UXRD }{H}^S,P5V2\Xx`pZ|Yk:$e ~ @nWL.j+ϝYb퇪bZ BVu)u/IJ_ 1[p.p60bC >|X91P:N\!5qUB}5a5ja `ubcVxYt1N0Zzl4]7­gKj]?4ϻ *[bg$)+À*x쳀ogO$~,5 زUS9 lq3+5mgw@np1sso Ӻ=|N6 /g(Wv7U;zωM=wk,0uTg_`_P`uz?2yI!b`kĸSo+Qx%!\οe|އԁKS-s6pu_(ֿ$i++T8=eY; צP+phxWQv*|p1. ά. XRkIQYP,drZ | B%wP|S5`~́@i޾ E;Չaw{o'Q?%iL{u D?N1BD!owPHReFZ* k_-~{E9b-~P`fE{AܶBJAFO wx6Rox5 K5=WwehS8 (JClJ~ p+Fi;ŗo+:bD#g(C"wA^ r.F8L;dzdIHUX݆ϞXg )IFqem%I4dj&ppT{'{HOx( Rk6^C٫O.)3:s(۳(Z?~ٻ89zmT"PLtw䥈5&b<8GZ-Y&K?e8,`I6e(֍xb83 `rzXj)F=l($Ij 2*(F?h(/9ik:I`m#p3MgLaKjc/U#n5S# m(^)=y=đx8ŬI[U]~SцA4p$-F i(R,7Cx;X=cI>{Km\ o(Tv2vx2qiiDJN,Ҏ!1f 5quBj1!8 rDFd(!WQl,gSkL1Bxg''՞^ǘ;pQ P(c_ IRujg(Wz bs#P­rz> k c&nB=q+ؔXn#r5)co*Ũ+G?7< |PQӣ'G`uOd>%Mctz# Ԫڞ&7CaQ~N'-P.W`Oedp03C!IZcIAMPUۀ5J<\u~+{9(FbbyAeBhOSܳ1 bÈT#ŠyDžs,`5}DC-`̞%r&ڙa87QWWp6e7 Rϫ/oY ꇅ Nܶըtc!LA T7V4Jsū I-0Pxz7QNF_iZgúWkG83 0eWr9 X]㾮݁#Jˢ C}0=3ݱtBi]_ &{{[/o[~ \q鯜00٩|cD3=4B_b RYb$óBRsf&lLX#M*C_L܄:gx)WΘsGSbuL rF$9';\4Ɍq'n[%p.Q`u hNb`eCQyQ|l_C>Lb꟟3hSb #xNxSs^ 88|Mz)}:](vbۢamŖ࿥ 0)Q7@0=?^k(*J}3ibkFn HjB׻NO z x}7p 0tfDX.lwgȔhԾŲ }6g E |LkLZteu+=q\Iv0쮑)QٵpH8/2?Σo>Jvppho~f>%bMM}\//":PTc(v9v!gոQ )UfVG+! 35{=x\2+ki,y$~A1iC6#)vC5^>+gǵ@1Hy٪7u;p psϰu/S <aʸGu'tD1ԝI<pg|6j'p:tպhX{o(7v],*}6a_ wXRk,O]Lܳ~Vo45rp"N5k;m{rZbΦ${#)`(Ŵg,;j%6j.pyYT?}-kBDc3qA`NWQū20/^AZW%NQ MI.X#P#,^Ebc&?XR tAV|Y.1!؅⨉ccww>ivl(JT~ u`ٵDm q)+Ri x/x8cyFO!/*!/&,7<.N,YDŽ&ܑQF1Bz)FPʛ?5d 6`kQձ λc؎%582Y&nD_$Je4>a?! ͨ|ȎWZSsv8 j(I&yj Jb5m?HWp=g}G3#|I,5v珿] H~R3@B[☉9Ox~oMy=J;xUVoj bUsl_35t-(ՃɼRB7U!qc+x4H_Qo֮$[GO<4`&č\GOc[.[*Af%mG/ ňM/r W/Nw~B1U3J?P&Y )`ѓZ1p]^l“W#)lWZilUQu`-m|xĐ,_ƪ|9i:_{*(3Gѧ}UoD+>m_?VPۅ15&}2|/pIOʵ> GZ9cmíتmnz)yߐbD >e}:) r|@R5qVSA10C%E_'^8cR7O;6[eKePGϦX7jb}OTGO^jn*媓7nGMC t,k31Rb (vyܴʭ!iTh8~ZYZp(qsRL ?b}cŨʊGO^!rPJO15MJ[c&~Z`"ѓޔH1C&^|Ш|rʼ,AwĴ?b5)tLU)F| &g٣O]oqSUjy(x<Ϳ3 .FSkoYg2 \_#wj{u'rQ>o;%n|F*O_L"e9umDds?.fuuQbIWz |4\0 sb;OvxOSs; G%T4gFRurj(֍ڑb uԖKDu1MK{1^ q; C=6\8FR艇!%\YÔU| 88m)֓NcLve C6z;o&X x59:q61Z(T7>C?gcļxѐ Z oo-08jہ x,`' ҔOcRlf~`jj".Nv+sM_]Zk g( UOPyεx%pUh2(@il0ݽQXxppx-NS( WO+轾 nFߢ3M<;z)FBZjciu/QoF 7R¥ ZFLF~#ȣߨ^<쩡ݛкvџ))ME>ώx4m#!-m!L;vv#~Y[đKmx9.[,UFS CVkZ +ߟrY٧IZd/ioi$%͝ب_ֶX3ܫhNU ZZgk=]=bbJS[wjU()*I =ώ:}-蹞lUj:1}MWm=̛ _ ¾,8{__m{_PVK^n3esw5ӫh#$-q=A̟> ,^I}P^J$qY~Q[ Xq9{#&T.^GVj__RKpn,b=`żY@^՝;z{paVKkQXj/)y TIc&F;FBG7wg ZZDG!x r_tƢ!}i/V=M/#nB8 XxЫ ^@CR<{䤭YCN)eKOSƟa $&g[i3.C6xrOc8TI;o hH6P&L{@q6[ Gzp^71j(l`J}]e6X☉#͕ ׈$AB1Vjh㭦IRsqFBjwQ_7Xk>y"N=MB0 ,C #o6MRc0|$)ف"1!ixY<B9mx `,tA>)5ػQ?jQ?cn>YZe Tisvh# GMމȇp:ԴVuږ8ɼH]C.5C!UV;F`mbBk LTMvPʍϤj?ԯ/Qr1NB`9s"s TYsz &9S%U԰> {<ؿSMxB|H\3@!U| k']$U+> |HHMLޢ?V9iD!-@x TIî%6Z*9X@HMW#?nN ,oe6?tQwڱ.]-y':mW0#!J82qFjH -`ѓ&M0u Uγmxϵ^-_\])@0Rt.8/?ٰCY]x}=sD3ojަЫNuS%U}ԤwHH>ڗjܷ_3gN q7[q2la*ArǓԖ+p8/RGM ]jacd(JhWko6ڎbj]i5Bj3+3!\j1UZLsLTv8HHmup<>gKMJj0@H%,W΃7R) ">c, xixј^ aܖ>H[i.UIHc U1=yW\=S*GR~)AF=`&2h`DzT󑓶J+?W+}C%P:|0H܆}-<;OC[~o.$~i}~HQ TvXΈr=b}$vizL4:ȰT|4~*!oXQR6Lk+#t/g lԁߖ[Jڶ_N$k*". xsxX7jRVbAAʯKҎU3)zSNN _'s?f)6X!%ssAkʱ>qƷb hg %n ~p1REGMHH=BJiy[<5 ǁJҖgKR*倳e~HUy)Ag,K)`Vw6bRR:qL#\rclK/$sh*$ 6덤 KԖc 3Z9=Ɣ=o>X Ώ"1 )a`SJJ6k(<c e{%kϊP+SL'TcMJWRm ŏ"w)qc ef꒵i?b7b('"2r%~HUS1\<(`1Wx9=8HY9m:X18bgD1u ~|H;K-Uep,, C1 RV.MR5άh,tWO8WC$ XRVsQS]3GJ|12 [vM :k#~tH30Rf-HYݺ-`I9%lIDTm\ S{]9gOڒMNCV\G*2JRŨ;Rҏ^ڽ̱mq1Eu?To3I)y^#jJw^Ńj^vvlB_⋌P4x>0$c>K†Aļ9s_VjTt0l#m>E-,,x,-W)سo&96RE XR.6bXw+)GAEvL)͞K4$p=Ũi_ѱOjb HY/+@θH9޼]Nԥ%n{ &zjT? Ty) s^ULlb,PiTf^<À] 62R^V7)S!nllS6~͝V}-=%* ʻ>G DnK<y&>LPy7'r=Hj 9V`[c"*^8HpcO8bnU`4JȪAƋ#1_\ XϘHPRgik(~G~0DAA_2p|J묭a2\NCr]M_0 ^T%e#vD^%xy-n}-E\3aS%yN!r_{ )sAw ڼp1pEAk~v<:`'ӭ^5 ArXOI驻T (dk)_\ PuA*BY]yB"l\ey hH*tbK)3 IKZ򹞋XjN n *n>k]X_d!ryBH ]*R 0(#'7 %es9??ښFC,ՁQPjARJ\Ρw K#jahgw;2$l*) %Xq5!U᢯6Re] |0[__64ch&_}iL8KEgҎ7 M/\`|.p,~`a=BR?xܐrQ8K XR2M8f ?`sgWS%" Ԉ 7R%$ N}?QL1|-эټwIZ%pvL3Hk>,ImgW7{E xPHx73RA @RS CC !\ȟ5IXR^ZxHл$Q[ŝ40 (>+ _C >BRt<,TrT {O/H+˟Pl6 I B)/VC<6a2~(XwV4gnXR ϱ5ǀHٻ?tw똤Eyxp{#WK qG%5],(0ӈH HZ])ג=K1j&G(FbM@)%I` XRg ʔ KZG(vP,<`[ Kn^ SJRsAʠ5xՅF`0&RbV tx:EaUE/{fi2;.IAwW8/tTxAGOoN?G}l L(n`Zv?pB8K_gI+ܗ #i?ޙ.) p$utc ~DžfՈEo3l/)I-U?aԅ^jxArA ΧX}DmZ@QLےbTXGd.^|xKHR{|ΕW_h] IJ`[G9{).y) 0X YA1]qp?p_k+J*Y@HI>^?gt.06Rn ,` ?);p pSF9ZXLBJPWjgQ|&)7! HjQt<| ؅W5 x W HIzYoVMGP Hjn`+\(dNW)F+IrS[|/a`K|ͻ0Hj{R,Q=\ (F}\WR)AgSG`IsnAR=|8$}G(vC$)s FBJ?]_u XRvύ6z ŨG[36-T9HzpW̞ú Xg큽=7CufzI$)ki^qk-) 0H*N` QZkk]/tnnsI^Gu't=7$ Z;{8^jB% IItRQS7[ϭ3 $_OQJ`7!]W"W,)Iy W AJA;KWG`IY{8k$I$^%9.^(`N|LJ%@$I}ֽp=FB*xN=gI?Q{٥4B)mw $Igc~dZ@G9K X?7)aK%݅K$IZ-`IpC U6$I\0>!9k} Xa IIS0H$I H ?1R.Чj:4~Rw@p$IrA*u}WjWFPJ$I➓/6#! LӾ+ X36x8J |+L;v$Io4301R20M I$-E}@,pS^ޟR[/s¹'0H$IKyfŸfVOπFT*a$I>He~VY/3R/)>d$I>28`Cjw,n@FU*9ttf$I~<;=/4RD~@ X-ѕzἱI$: ԍR a@b X{+Qxuq$IЛzo /~3\8ڒ4BN7$IҀj V]n18H$IYFBj3̵̚ja pp $Is/3R Ӻ-Yj+L;.0ŔI$Av? #!5"aʄj}UKmɽH$IjCYs?h$IDl843.v}m7UiI=&=0Lg0$I4: embe` eQbm0u? $IT!Sƍ'-sv)s#C0:XB2a w I$zbww{."pPzO =Ɔ\[ o($Iaw]`E).Kvi:L*#gР7[$IyGPI=@R 4yR~̮´cg I$I/<tPͽ hDgo 94Z^k盇΄8I56^W$I^0̜N?4*H`237}g+hxoq)SJ@p|` $I%>-hO0eO>\ԣNߌZD6R=K ~n($I$y3D>o4b#px2$yڪtzW~a $I~?x'BwwpH$IZݑnC㧄Pc_9sO gwJ=l1:mKB>Ab<4Lp$Ib o1ZQ@85b̍ S'F,Fe,^I$IjEdù{l4 8Ys_s Z8.x m"+{~?q,Z D!I$ϻ'|XhB)=…']M>5 rgotԎ 獽PH$IjIPhh)n#cÔqA'ug5qwU&rF|1E%I$%]!'3AFD/;Ck_`9 v!ٴtPV;x`'*bQa w I$Ix5 FC3D_~A_#O݆DvV?<qw+I$I{=Z8".#RIYyjǪ=fDl9%M,a8$I$Ywi[7ݍFe$s1ՋBVA?`]#!oz4zjLJo8$I$%@3jAa4(o ;p,,dya=F9ً[LSPH$IJYЉ+3> 5"39aZ<ñh!{TpBGkj}Sp $IlvF.F$I z< '\K*qq.f<2Y!S"-\I$IYwčjF$ w9 \ߪB.1v!Ʊ?+r:^!I$BϹB H"B;L'G[ 4U#5>੐)|#o0aڱ$I>}k&1`U#V?YsV x>{t1[I~D&(I$I/{H0fw"q"y%4 IXyE~M3 8XψL}qE$I[> nD?~sf ]o΁ cT6"?'_Ἣ $I>~.f|'!N?⟩0G KkXZE]ޡ;/&?k OۘH$IRۀwXӨ<7@PnS04aӶp.:@\IWQJ6sS%I$e5ڑv`3:x';wq_vpgHyXZ 3gЂ7{{EuԹn±}$I$8t;b|591nءQ"P6O5i }iR̈́%Q̄p!I䮢]O{H$IRϻ9s֧ a=`- aB\X0"+5"C1Hb?߮3x3&gşggl_hZ^,`5?ߎvĸ%̀M!OZC2#0x LJ0 Gw$I$I}<{Eb+y;iI,`ܚF:5ܛA8-O-|8K7s|#Z8a&><a&/VtbtLʌI$I$I$I$I$I$IRjDD%tEXtdate:create2022-05-31T04:40:26+00:00!Î%tEXtdate:modify2022-05-31T04:40:26+00:00|{2IENDB`Mini Shell

HOME


Mini Shell 1.0
DIR:/proc/self/root/proc/thread-self/root/usr/share/doc/proftpd/howto/
Upload File :
Current File : //proc/self/root/proc/thread-self/root/usr/share/doc/proftpd/howto/Chroot.html
<!DOCTYPE html>
<html>
<head>
<title>ProFTPD: Symlinks and chroot()</title>
</head>

<body bgcolor=white>

<hr>
<center><h2><b><i><code>DefaultRoot</code>, Symlinks and <code>chroot()</code></i></b></h2></center>
<hr>

<p>
<b>Restricting Users' Directories</b><br>
One of the most common questions for new users of ProFTPD is &quot;How do I
restrict my users to only certain directories?&quot; or, phrased another
way, &quot;How can I put my users in a chroot jail?&quot;  As a common
question, it definitely has a place in the
<a href="http://www.proftpd.org/docs/faq/linked/faq-ch5.html#AEN524">FAQ</a>.
Many users, I fear, do not read the FAQ carefully, and so miss that section.
The answer is ProFTPD's <a href="../modules/mod_auth.html#DefaultRoot"><code>DefaultRoot</code></a> configuration
directive, which accomplishes this functionality by using the
<code>chroot(2)</code> function.

<p><a name="GroupExpressions"></a>
This configuration directive may appear in the <code>&lt;VirtualHost&gt;</code>,
<code>&lt;Global&gt;</code>, and the &quot;server config&quot; (meaning
not in any <code>&lt;VirtualHost&gt;</code> or <code>&lt;Global&gt;</code>
sections) configuration contexts.  The most common configuration requested
is to restrict users to their home directories, which can be done simply
by adding the following line to your <code>proftpd.conf</code>:
<pre>
  DefaultRoot ~
</pre>
The <code>~</code> (tilde) is a Unix-ism that is expanded to the logging-in
user's home directory.  For slightly more complex setups, administrators
may want to restrict only a subset of their users into home directories
(or some other directory), but leave some privileged users unrestricted.
For example, say you have your privileged users all as members of a group
called <code>ftp-special</code>.  The <code>DefaultRoot</code>'s optional
second parameter, a <i>group-expression</i>, can then be used, like so:
<pre>
  DefaultRoot ~ !ftp-special
</pre>
This says to <code>chroot()</code> every user who is <b>not</b> a member of
group <code>ftp-special</code> to their respective home directory, and:
<pre>
  DefaultRoot /path/to/dir group1,group2
</pre>
will <code>chroot()</code> users who are members of <b>both</b>
<code>group1</code> <b>and</b> <code>group2</code> into
<code>/path/to/dir</code>.  More complex <i>group-expressions</i> can be used
as needed.

<p>
Note that the execute bit (<code>--x</code>) must be on in order to
<code>chroot()</code> a user into that directory.  This bit is also needed
for a user to be able to <code>chdir</code> into that directory.

<p><a name="Symlinks"></a>
<b>Symlinks</b><br>
There have been many questions on the ProFTPD user mailing list about why
symlinked directories are not visible to <code>chroot</code>ed users (this
includes <code>&lt;Anonymous&gt;</code> users as well as users restricted using
<code>DefaultRoot</code>. This document is intended to clarify the issues and
discuss some ways of achieving what is commonly desired.

<p>
These issues are not specific to ProFTPD, but rather to the workings of a
Unix system.  First, a brief review of how links work, and why
<code>chroot(2)</code> poses such a problem.  Then a look at ways around
the issue.

<p>
<b>How Links Work</b><br>
There are two types of links in Unix: hard and symbolic.

<p>
A <i>hard</i> link is a file that is, for all intents and purposes, <i>the</i>
file to which it is linked.  The difference between a hardlink and the linked
file is one of placement in the filesystem.  Editing the hardlink edits the
linked file.  One limitation of hard links is that linked files cannot reside
on different filesystems.  This means that if <code>/var</code> and
<code>/home</code> are two different mount points in <code>/etc/fstab</code>
(or <code>/etc/vfstab</code>), then a file in <code>/var/tmp</code> cannot be
hardlinked with a file in <code>/home</code>:
<pre>
  <b># pwd</b>
  /var/tmp
  <b># ln /home/tj/tmp/tmpfile tmplink</b>
  ln: cannot create hard link `tmplink' to `/home/tj/tmp/tmpfile': Invalid cross-device link
</pre>
A <i>symbolic</i> link (also referred to as a &quot;symlink&quot;) is a file
whose contents contain the name of the file to which the symbolic link
points.  For example:
<pre>
  lrwxrwxrwx   1 root     root           11 Mar  2  2000 rmt -&gt; /sbin/rmt
</pre>
The file <code>rmt</code> contains the nine characters <code>/sbin/rmt</code>.
The reason symbolic links fail when <code>chroot(2)</code> is used to
change the position of the root (<code>/</code>)of the filesystem is that,
once <code>/</code> is moved, the pointed-to file path changes.  If, for
example, if <code>chroot(2)</code> is used to change the filesystem root
to <code>/ftp</code>, then the symlink above would be actually be pointing
to <code>/ftp/sbin/rmt</code>.  Chances that that link, if
<code>chroot(2)</code> is used, now points to a path that does not exist.
Symbolic links that point to nonexistent files are known as <i>dangling</i>
symbolic links.  Note that symbolic links to files underneath the new
root, such as symlinks to a file in the same directory:
<pre>
  <b># pwd</b>
  /var/ftp
  <b># ls -l</b>
  -rw-r--r--   1 root     root            0 Jan 16 11:50 tmpfile
  lrwxrwxrwx   1 root     root            7 Jan 16 11:50 tmplink -&gt; tmpfile
</pre>
will be unaffected; only paths that point outside/above the new root will be
affected.

<p>
<B>Link Creation Tricks</b><br>
Knowing the above, it is now possible to demonstrate how <i>some</i> symlinks
<i>can</i> work within a chrooted session, depending on how you create them.

<p>
Here is an example to demonstrate this point.  Assume the following
directory structure:
<pre>
  /path/to/ftp/
  /path/to/ftp/folders/
  /path/to/ftp/folders/incoming/
  /path/to/ftp/incoming --&gt; /path/to/ftp/folders/incoming/ (<i>symlink</i>)
</pre>
And assume that you have the following in your <code>proftpd.conf</code>:
<pre>
  DefaultRoot /path/to/ftp/
</pre>

<p>
If the symlink is created using:
<pre>
  # ln -s /path/to/ftp/folders/incoming /path/to/ftp/incoming
</pre>
then that symlink will <b>not</b> work in the chrooted session; the path you
gave ("/path/to/ftp/folders/incoming") is an absolute path, and will not exist
after the chroot.

<p>
Instead, if you create the symlink using:
<pre>
  # cd /path/to/ftp
  # ln -s folders/incoming incoming 
</pre>
then that symlink should work within the chroot; the key is to use relative
paths which <i>do not go above your <code>DefaultRoot</code> directory</i>.

<p>
If your symlink <i>does</i> need to go above the <code>DefaultRoot</code>
directory, then you need to use one of the other tricks described below.

<p>
<b>Filesystem Tricks</b><br>
A typical scenario is one where &quot;<code>DefaultRoot ~</code>&quot; is
used to restrict users to their home directories, and where the administrator
would like to have a shared upload directory, say
<code>/var/ftp/incoming</code>, in each user's home directory.  Symbolic
links would normally be used to provide an arrangement like this.  As
mentioned above, though, when <code>chroot(2)</code> is used (which is what
the <code>DefaultRoot</code> directive does), symlinks that point outside the
new root (the user's home directory in this case) will not work.  To get
around this apparent limitation, it is possible on modern operating systems to
mount directories at several locations in the filesystem.

<p>
To have an exact duplicate of the <code>/var/ftp/incoming directory</code>
available in <code>/home/bob/incoming</code> and
<code>/home/dave/incoming</code>, use one of these commands:
<ul>
  <li>Linux (as of the 2.4.0 kernel):
<pre>
  mount --bind /var/ftp/incoming /home/bob/incoming
  mount --bind /var/ftp/incoming /home/dave/incoming
</pre>
or, alternatively:
<pre>
  mount -o bind /var/ftp/incoming /home/bob/incoming
  mount -o bind /var/ftp/incoming /home/dave/incoming
</pre>
  </li>

  <li>BSD (as of 4.4BSD):
<pre>
  mount_null /var/ftp/incoming /home/bob/incoming
  mount_null /var/ftp/incoming /home/dave/incoming
</pre>
  </li>

  <li>Solaris:
<pre>
  mount -F lofs /var/ftp/incoming /home/bob/incoming
  mount -F lofs /var/ftp/incoming /home/dave/incoming
</pre>
  </li>
</ul>
The same technique can be used for <code>&lt;Anonymous&gt;</code> directories,
which also operate in a <code>chroot()</code>ed environment.  Also, it
should be possible to mount specific <i>files</i> this way, in addition to
directories, should you need to (a directory is just another file in Unix).

<p>
As usual, more information can be found by consulting the man pages for
the appropriate command for your platform.  The commands for other flavors
of Unix will be added as needed.

<p>
In order to have these tricks persist, to survive a system reboot, the
<code>/etc/fstab</code> (or <code>/etc/vfstab</code>) file may need to have
these mounts added.  Consult your local <code>fstab(5)</code> (or
<code>vfstab(4)</code> for Solaris) man pages for more information.

<p>
<b>Chroots and Remote Filesystems</b><br>
If the chroot directories for your users happen to reside on an NFS
partition, then you need to make sure that root privileges are <b>not</b>
blocked (<i>e.g.</i> often referred to as "root squash") by the NFS
mount.  Otherwise, the chroot will fail.

<p><a name="FAQ"></a>
<b>Frequently Asked Questions</b><br>

<p>
<font color=red>Question</font>: I am using the <code>DefaultRoot</code>
directive, but my logins are failing.  The debug logging shows the following:
<pre>
  USER <i>user</i>: Login successful.
  Preparing to chroot to directory '/home/users/<i>user</i>'
  <i>user</i> chroot("/home/users/<i>user</i>"): Permission denied
  error: unable to set default root directory
</pre>
I am starting <code>proftpd</code> with root privileges, so why is the
<code>chroot()</code> failing with "Permission denied"?<br>
<font color=blue>Answer</font>: The above situation can happen in cases
where even root privileges are insufficient.  There have been reports of
this happening for security-hardened systems (<i>e.g.</i> SELinux, OpenWall,
<i>etc</i>); it can <i>also</i> happen when NFS is involved.

<p>
If the <code>DefaultRoot</code> directory in question is mounted via NFS, make
sure that the NFS configuration mounts the directory with root privileges.  The
<code>chroot(2)</code> system call <i>requires</i> root privileges; a
no-root-privs mounted NFS directory does not allow the <code>chroot(2)</code>
to succeed.

<p>
Similarly, instead of "Permission denied", you might see "No such file or
directory":
<pre>
  <i>user</i> chroot("~"): No such file or directory
</pre>
The reasons for this error are explained
<a href="Authentication.html#homedir">here</a>.

<p><a name="MultipleRoots">
<font color=red>Question</font>: Is it possible to configure <code>DefaultRoot</code> for all users <i>except</i> some special users, which will have a different root directory?<br>
<font color=blue>Answer</font>: Yes, this is possible.  ProFTPD supports
having multiple <code>DefaultRoot</code> directives in the proftpd.conf at the
same time; <code>proftpd</code> checks all of them
<i>in the order they appear</i>.  The first one which matches the logging-in
user is applied.

<p>
To illustrate, here's an example.  Keep in mind that the optional parameters to
the <code>DefaultRoot</code> directive are <i>group</i> names, <b>not</b> user
names.
<pre>
  DefaultRoot /path/to/admin/dir admin-group
  DefaultRoot /path/to/special/dir special-group
  DefaultRoot ~  <font color=blue># everyone else</font>
</pre>

<p>
If the logging-in user is a member of group 'admin-group', then
<code>proftpd</code> will chroot to the <code>/path/to/admin/dir</code>
directory.  If the logging-in user is not a member of group 'admin-group' but
<b>is</b> a member of group 'special-group', then
<code>/path/to/special/dir</code> is used for the chroot.  And if the user
is not a member of either of these groups, then the normal home directory is
used for the chroot.  It's always a good idea of have a "applies to everyone"
<code>DefaultRoot</code> directive in your proftpd.conf, at the
<i>end of the list</i> of <code>DefaultRoot</code>s, as a catch-all.

<p><a name="SymlinksFAQ">
<font color=red>Question</font>: Does <code>DefaultRoot</code> work properly if
the path/home directory is a symlink?<br>
<font color=blue>Answer</font>: Yes.

<p>
Note that some sites consider this a security risk; if that home directory
can be deleted by remote users, and replaced with a symlink of their own
creation (<i>e.g.</i> via SSH or some other webapp), this can be a problem.
To help mitigate situations like this, you can use the <a href="../modules/mod_auth.html#AllowChrootSymlinks"><code>AllowChrootSymlinks</code></a> directive:
<pre>
  # Do not follow symlinks when chrooting
  AllowChrootSymlinks off
</pre>
As stated in the documentation, using <code>AllowChrootSymlinks</code> does
<b>not</b> prevent this problem entirely; it simply means that
<i><code>proftpd</code></i> cannot be used to get around the restrictions.

<p><a name="ChrootNotWorking">
<font color=red>Question</font>: I have configured <code>DefaultRoot</code> in my proftpd.conf, but my clients still see the root directory.  Is it a bug?<br>
<font color=blue>Answer</font>.  Usually not.

<p>
First, make sure that you have restarted <code>proftpd</code>, so that the
config changes you made (<i>e.g.</i> adding/modifying your
<code>DefaultRoot</code> settings) are picked up by the running daemon.

<p>
Second, make sure that you have cleared any client cache.  Many FTP clients
(especially browsers) will cache the directory listings that they have obtained
from an FTP server.  Thus once you have restarted <code>proftpd</code> and
you still see the root filesystem displayed by your client, you need to make
sure that that client is actually getting that listing from the FTP server,
rather than showing you a stale/cached copy.  The command-line
<code>ftp(1)</code> client is good for testing this situation, as it is very
simplistic and does not cache such things.

<p>
Last, double-check the proftpd <a href="Debugging.html">debug logging</a>.
It could be that <code>proftpd</code> is not using the configuration like you
assume it is.  Maybe a different config file is being used than the one you
edited, or maybe the <code>DefaultRoot</code> directive is not in a
<code>&lt;Global&gt;</code> section and you are using
<code>&lt;VirtualHost&gt;</code> sections, <i>etc</i>.

<p>
<hr>
<font size=2><b><i>
&copy; Copyright 2017 The ProFTPD Project<br>
 All Rights Reserved<br>
</i></b></font>
<hr>

</body>
</html>