>Number: 181157
>Category: bin
>Synopsis: [ftpd] [patch] New login.conf(5) capability "ftp-chdir" for
>ftpd(8)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Aug 09 07:20:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Eugene Grosbein
>Release: FreeBSD 9.2-BETA2 amd64
>Organization:
RDTC JSC
>Environment:
System: FreeBSD k-45-monitor 9.2-BETA2 FreeBSD 9.2-BETA2 #10 r253755M: Mon Jul
29 12:39:55 NOVT 2013 root@k-45-monitor:/usr/obj/usr/local/src/sys/K-45-MONITOR
amd64
>Description:
ftpd(8) allows us to have chrooted users having initial working
directory
distinct from its home directory with "/home/user/./subdir" syntax in
the passwd(5) file.
This way changes notion of user's home directory for all other system
utilities
and may be undesirable. Let's make it possible for ftpd(8) to change
user's
initial working directory without messing with its home directory.
The following patch introduces new string "ftp-chdir" capability in
login.conf(5).
For users having this capability ftpd(8) will change current directory
to it
instead of user's home directory upon successful authorization (and
chroot(8), if needed).
Thus, user's home directory may be kept intact in passwd(5), without
"/./" hack.
>How-To-Repeat:
See above.
>Fix:
--- libexec/ftpd/ftpd.8.orig 2013-06-18 14:52:20.000000000 +0700
+++ libexec/ftpd/ftpd.8 2013-08-09 13:35:24.000000000 +0700
@@ -472,6 +472,13 @@
can fill the drive with unwanted files.
.El
.Pp
+Initial working directory may be automatically changed from user's
+home directory to another one with the string "ftp-chdir" capability
+in login.conf(5), unless user's home directory pathname contains the
+.Pa /./
+separator, as described above (that setting has higher priority).
+For chrooted users, "ftp-chdir" points to the directory below new root.
+.Pp
If the system has multiple IP addresses,
.Nm
supports the idea of virtual hosts, which provides the ability to
--- libexec/ftpd/ftpd.c.orig 2013-06-18 14:52:20.000000000 +0700
+++ libexec/ftpd/ftpd.c 2013-08-08 14:25:12.000000000 +0700
@@ -1553,7 +1553,11 @@ skip:
* the old current directory will be accessible as "."
* outside the new root!
*/
+#ifdef LOGIN_CAP
+ homedir = (char *) login_getcapstr(lc, "ftp-chdir",
"/", "/");
+#else
homedir = "/";
+#endif
}
/*
* Finally, do chroot()
--- lib/libutil/login.conf.5.orig 2013-08-09 13:36:01.000000000 +0700
+++ lib/libutil/login.conf.5 2013-08-09 13:37:33.000000000 +0700
@@ -225,6 +225,9 @@
See
.Xr ftpd 8
for details.
+.It "ftp-chdir string Initial working directory for FTP user. See
+.Xr ftpd 8
+for details.
.It "label string Default MAC policy; see
.Xr maclabel 7 .
.It "lang string Set $LANG environment variable to the specified
value.
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
