Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
FTPCHROOT(5)              FreeBSD File Formats Manual             FTPCHROOT(5)

NAME
     ftpchroot - list users and groups subject to FTP access restrictions

DESCRIPTION
     The file ftpchroot is read by ftpd(8) at the beginning of an FTP session,
     after having authenticated the user.  Each line in ftpchroot corresponds
     to a user or group.  If a line in ftpchroot matches the current user or a
     group he is a member of, access restrictions will be applied to this
     session by changing its root directory with chroot(2) to that specified
     on the line or to the user's login directory.

     The order of records in ftpchroot is important because the first match
     will be used.  Fields on each line are separated by tabs or spaces.

     The first field specifies a user or group name.  If it is prefixed by an
     ``at'' sign, `@', it specifies a group name; the line will match each
     user who is a member of this group.  As a special case, a single `@' in
     this field will match any user.  A username is specified otherwise.

     The optional second field describes the directory for the user or each
     member of the group to be locked up in using chroot(2).  Be it omitted,
     the user's login directory will be used.  If it is not an absolute
     pathname, then it will be relative to the user's login directory.  If it
     contains the /./ separator, ftpd(8) will treat its left-hand side as the
     name of the directory to do chroot(2) to, and its right-hand side to
     change the current directory to afterwards.

FILES
     /etc/ftpchroot

EXAMPLES
     These lines in ftpchroot will lock up the user ``webuser'' and each
     member of the group ``hostee'' in their respective login directories:

           webuser
           @hostee

     And this line will tell ftpd(8) to lock up the user ``joe'' in
     /var/spool/ftp and then to change the current directory to /joe, which is
     relative to the session's new root:

           joe  /var/spool/ftp/./joe

     And finally the following line will lock up every user connecting through
     FTP in his respective ~/public_html, thus lowering possible impact on the
     system from intrinsic insecurity of FTP:

           @    public_html

SEE ALSO
     chroot(2), group(5), passwd(5), ftpd(8)

FreeBSD 11.0-PRERELEASE        January 26, 2003        FreeBSD 11.0-PRERELEASE

NAME | DESCRIPTION | FILES | EXAMPLES | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ftpchroot&sektion=5&manpath=FreeBSD+11.0-RELEASE+and+Ports>

home | help