Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
FTPCHROOT(5)		  FreeBSD File Formats Manual		  FTPCHROOT(5)

NAME
     ftpchroot -- list users and groups	subject	to FTP access restrictions

DESCRIPTION
     The file ftpchroot	is read	by ftpd(8) at the beginning of an FTP session,
     after having authenticated	the user.  Each	line in	ftpchroot corresponds
     to	a user or group.  If a line in ftpchroot matches the current user or a
     group he is a member of, access restrictions will be applied to this ses-
     sion by changing its root directory with chroot(2)	to that	specified on
     the line or to the	user's login directory.

     The order of records in ftpchroot is important because the	first match
     will be used.  Fields on each line	are separated by tabs or spaces.

     The first field specifies a user or group name.  If it is prefixed	by an
     ``at'' sign, `@', it specifies a group name; the line will	match each
     user who is a member of this group.  As a special case, a single `@' in
     this field	will match any user.  A	username is specified otherwise.

     The optional second field describes the directory for the user or each
     member of the group to be locked up in using chroot(2).  Be it omitted,
     the user's	login directory	will be	used.  If it is	not an absolute	path-
     name, then	it will	be relative to the user's login	directory.  If it con-
     tains the /./ separator, ftpd(8) will treat its left-hand side as the
     name of the directory to do chroot(2) to, and its right-hand side to
     change the	current	directory to afterwards.

FILES
     /etc/ftpchroot

EXAMPLES
     These lines in ftpchroot will lock	up the user ``webuser''	and each mem-
     ber of the	group ``hostee'' in their respective login directories:

	   webuser
	   @hostee

     And this line will	tell ftpd(8) to	lock up	the user ``joe'' in
     /var/spool/ftp and	then to	change the current directory to	/joe, which is
     relative to the session's new root:

	   joe	/var/spool/ftp/./joe

     And finally the following line will lock up every user connecting through
     FTP in his	respective ~/public_html, thus lowering	possible impact	on the
     system from intrinsic insecurity of FTP:

	   @	public_html

SEE ALSO
     chroot(2),	group(5), passwd(5), ftpd(8)

FreeBSD	9.2		       January 26, 2003			   FreeBSD 9.2

NAME | DESCRIPTION | FILES | EXAMPLES | SEE ALSO

Want to link to this manual page? Use this URL:
<http://www.freebsd.org/cgi/man.cgi?query=ftpchroot&manpath=FreeBSD+9.2-RELEASE>

home | help