Prev topicNext topicHelp

Topic 28 of 29: Help fo authors and administrators at Spring Websites

Sun, Jan 5, 2003 (05:39) | Paul Terry Walhus (terry)
These days, if you're an author or a system admin here you may have a hard life. This topic is here to make your life more pleasurable. So, please share your frustrations and ask questions and pitch in. I'm her to help and we have other help resources.
7 responses total. 

 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 1 of 7: Paul Terry Walhus (terry) * Sun, Jan  5, 2003 (05:41) * 62 lines
I'll lead off with an email I got from WX5U - Mickey McInnis - this morning.

OK, I think I understand the FTP stuff now.

You're using ProFTPD. The config file is /usr/local/etc/proftpd.conf.
You have directives in there of

DefaultRoot ~/../ siteadmin
DefaultRoot ~ !wheel ## May need a change. See below.

This uses "chroot" to "jail" all FTP users not in the "wheel" group or
in "siteadmin" in their own home directory and not let them cd to any
higher directories. I think members of the "siteadmin" group will also
end up in their respective www.SITENAME.TLD directory (Actually the
parent of their home directory.)

If I understand the structure correctly, wx5u needs to be in the
"siteadmin" group. That way, ftp will chroot me into
/usr/home/sites/www.tcares.org. Then I can go under there via ftp, but
can't access any other web site files via ftp.

I read something that makes me think this configuration may do some
wierd things if a user is in siteadmin, but not in wheel.

See http://proftpd.linux.co.uk/docs/faq/faq_full.html
It says " If two DefaultRoot directives apply to the same user, ProFTPD
arbitrarily chooses one (based on how the configuration file was parsed)."


If I understand correctly, this means that a user in "siteadmin", but
not in "wheel" may end up in ~/../ or in ~ with the configuration you
have currently.


If I understand correctly, this needs to be


DefaultRoot ~/../ siteadmin
DefaultRoot ~ !wheel,!siteadmin

This way siteadmin FTP users end up reliably in the parent of their home
directory. Wheel ends up in root, and anyone else ends up in their home
directory.


So, I think if you add wx5u to siteadmin group, and change the
/usr/local/etc/proftpd.conf file, no files need to be moved.

You still need to

chmod -R wx5u /usr/home/sites/www.tcares.org/web
chgrp -R site35 /usr/home/sites/www.tcares.org/web



You know, this is actually sort of fun.

Thanks again,

73 de WX5U
.


 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 2 of 7: Paul Terry Walhus (terry) * Sun, Jan  5, 2003 (06:21) * 33 lines
Here's and example site I just created for wolf

www# pwd
/usr/home/sites/www.midnightwolf.com
www# ls
Merchant2 email web wolf
cgi-bin logs web2
www# ls -l
total 14
drwxr-xr-x 3 wolf site24 512 Dec 30 09:47 Merchant2
drwxr-xr-x 2 nobody nogroup 512 Jan 5 06:15 cgi-bin
drwxr-xr-x 3 vpopmail site24 512 Dec 30 09:47 email
drwxr-xr-x 2 root nogroup 512 Jan 2 13:49 logs
drwxr-xr-x 9 wolf site24 512 Jan 5 06:16 web
drwxr-xr-x 10 root site24 512 Dec 31 07:07 web2
drwxr-xr-x 4 wolf site24 512 Jan 5 06:18 wolf
www# cd web
www# ls -l
total 24
-rw-r--r-- 1 wolf site24 383 Jan 5 06:16 .htaccess
drwx------ 2 wolf site24 512 Jan 5 06:16 _private
drwxr-xr-x 4 wolf site24 512 Jan 5 06:16 _vti_bin
drwxr-xr-x 2 wolf site24 512 Jan 5 06:16 _vti_cnf
-rw-r--r-- 1 wolf site24 1754 Jan 5 06:16 _vti_inf.html
drwxr-xr-x 2 wolf site24 512 Jan 5 06:16 _vti_log
drwxr-xr-x 2 wolf site24 512 Jan 5 06:16 _vti_pvt
drwxr-xr-x 2 wolf site24 512 Jan 5 06:16 _vti_txt
drwxr-xr-x 2 wolf site24 512 Dec 30 09:47 images
-rw-r--r-- 1 wolf site24 72 Dec 31 07:23 index.html
-rw-r--r-- 1 wolf site24 2453 Jan 5 06:16 postinfo.html
www#

If Ias in the wolf directory I would have to cd ../web to get to the website general files.

 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 3 of 7: Moon Dreams  (Moon) * Sun, Jan  5, 2003 (13:25) * 4 lines
What is the IP (numerical) address for the message board at the DWG?

This problem is three days old and I am not the only one who has it. Can someone help? 


 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 4 of 7: Paul Terry Walhus (terry) * Sun, Jan  5, 2003 (13:32) * 3 lines
Ann Haker is the one to ask.

The ip address returned from a ping is 63.119.175.10.

 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 5 of 7: Moon Dreams  (Moon) * Sun, Jan  5, 2003 (14:51) * 5 lines
I did ask Ann and this is her response:

I don't know it. The only IP number I have leads to Spring.net, not Austen.com. 



 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 6 of 7: Karen Rosenberg  (KarenR) * Sun, Jan  5, 2003 (14:59) * 3 lines
Evidently, Terry has set up this new server has having "virtual" domains, which is why the numeric address plus the conference stuff didn't work.

I don't particularly like that setup and don't see any advantages to anyone, whether at spring.net., austen.com or firth.com. It's nice to have unique IP addresses, in case the DNSes go haywire, as backup. This way, everyone is stuck at spring.net's main page.

 Topic 28 of 29 [unix]: Help fo authors and administrators at Spring Websites
 Response 7 of 7: Paul Terry Walhus (terry) * Wed, Jan  8, 2003 (17:47) * 1 lines
We had virtual domains on the old server also. The only exception to this was the the austen.com which had a unique ip address. We only get 5 ip addresses and two of them have to be used for our name servers. One if for all our virtual domains (64.106.200.50). That only leaves two spare ip addresses which I need to use for another name server for backup purposes. We woul d have to pay a lot more for a large block of ip addresses
Prev topicNext topicHelp

unix conference Main Menu