Nochmal zu Berechtigung der User...

[MoD2004]

nö... ich geh kaputt. es funzt immernoch net.

aber das stimmt ja oder?

# This is the ProFTPD configuration file

ServerName         "ProFTPD server"
ServerIdent         on "FTP Server ready."
ServerAdmin         root@localhost
ServerType         standalone
#ServerType         inetd
DefaultServer         on
AccessGrantMsg         "User %u logged in. Welcome!"
AllowForeignAddress      on
#DisplayConnect         /etc/ftpissue
#DisplayLogin         /etc/ftpmotd
#DisplayGoAway         /etc/ftpgoaway
DeferWelcome         off

# Use this to excude users from the chroot
DefaultRoot         ~ !adm

# Use pam to authenticate by default
AuthPAMAuthoritative      on

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups         off
UseReverseDNS         off

# Port 21 is the standard FTP port.
Port            9009

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask            022

# Default to show dot files in directory listings
ListOptions         "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228      off
#RootLogin         off
#LoginPasswordPrompt      on
#MaxLoginAttempts      3
#MaxClientsPerHost      none
#AllowForeignAddress      on   # For FXP


# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart      on
AllowStoreRestart      on

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances         20

# Set the user and group that the server normally runs at.
User            nobody
Group            nobody

# This is where we want to put the pid file
ScoreboardFile         /var/run/proftpd.score

# Normally, we want users to do a few things.

<Directory ~>

<Limit WRITE DELE>
DenyAll
</Limit>

<Limit READ DIRS>
IgnoreHidden On
AllowAll
</Limit>

</Directory>

<Directory ~/upload>

<Limit SITE_CHMOD DELE>
DenyAll
</Limit>

<Limit WRITE READ DIRS>
AllowAll
DenyAll
</Limit>
</Directory>


# Define the log formats
LogFormat         default   "%h %l %u %t \"%r\" %s %b"
LogFormat         auth   "%v [%P] %h %t \"%r\" %s"

# TLS
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
#TLSEngine         on
#TLSRequired         on
#TLSRSACertificateFile      /usr/share/ssl/certs/proftpd.pem
#TLSRSACertificateKeyFile   /usr/share/ssl/certs/proftpd.pem
#TLSCipherSuite         ALL:!ADH:!DES
#TLSOptions         NoCertRequest
#TLSVerifyClient      off
##TLSRenegotiate      ctrl 3600 data 512000 required off timeout 300
#TLSLog            /var/log/proftpd/tls.log

# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
#  User            ftp
#  Group            ftp
#  AccessGrantMsg      "Anonymous login ok, restrictions apply."
#
#  # We want clients to be able to login with "anonymous" as well as "ftp"
#  UserAlias         anonymous ftp
#
#  # Limit the maximum number of anonymous logins
#  MaxClients         0 "Sorry, max %m users -- try again later"
#
#  # Put the user into /pub right after login
#  #DefaultChdir         /pub
#
#  # We want 'welcome.msg' displayed at login, '.message' displayed in
#  # each newly chdired directory and tell users to read README* files.
#  DisplayLogin         /welcome.msg
#  DisplayFirstChdir      .message
#  DisplayReadme         README*
#
#  # Some more cosmetic and not vital stuff
#  DirFakeUser         on ftpadm
#  DirFakeGroup         on ftpadm
#
#  # Limit WRITE everywhere in the anonymous chroot
#  <Limit WRITE SITE_CHMOD>
#    DenyAll
#  </Limit>
#
#  # An upload directory that allows storing files but not retrieving
#  # or creating directories.
#  <Directory uploads/*>
#    AllowOverwrite      no
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>
#
#  # Don't write anonymous accesses to the system wtmp file (good idea!)
#  WtmpLog         off
#
#  # Logging for the anonymous transfers
#  ExtendedLog      /var/log/proftpd/access.log WRITE,READ default
#  ExtendedLog      /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>

[Wörsty]

Japp. Stimmt. Neustart gemacht?

1. killall proftpd
2. proftpd

Wenn nicht okay:

3. killall proftpd
4. proftpd -nd9

Und es geht weiter :wait)

[MoD2004]

cheffe es geht!!!! dangäääää . der restart hats gebracht! bestens.. nich ganz einfach das ganze aber das hat schonma geklappt... besten dank

[Wörsty]

Siehste. Wieder was gelernt.

[MoD2004]

neue probleme

und zwar möchte ich jetz flashen nur für einen user erlauben und für den rest nicht.

bsp.: im ordner /home/upload/ENTER befindet sich user upload, download, und karlheinz.

nun ist es ja schon so eingestellt das upload der einzige is der uploaden kann... die anderen können nur downloaden. jetz möchte ich aber auch noch verhindern, das download und karlheinz flashen können. wie kann ich das bewerkstelligen?

ach ja und upload soll nur noch uploaden/drauf flashen können aber nicht downloaden/weg flashen


Also: user upload in ordner /home/upload/ENTER soll nicht wie bisher up und downloaden können... nur noch uploaden und drauf flashen. sonst aber rechte wie gehabt. also schreiben lesen aber nix löschen

user download und karlheinz im ordner /home/upload/ENTER sollen nicht wie bisher downloaden und flashen können sondern nur noch dwonloaden. alle anderen rechte wie gehabt. kein upload und nichts löschen.


info: /home/upload/ENTER is das home verzeichniss aller user

hier nochma aktuelle config

# This is the ProFTPD configuration file

ServerName "ProFTPD server"
ServerIdent on "FTP Server ready."
ServerAdmin root@localhost
ServerType standalone
#ServerType inetd
DefaultServer on
AccessGrantMsg "User %u logged in. Welcome!"
AllowForeignAddress on
#DisplayConnect /etc/ftpissue
#DisplayLogin /etc/ftpmotd
#DisplayGoAway /etc/ftpgoaway
DeferWelcome off

# Use this to excude users from the chroot
DefaultRoot /home/upload/ENTER

# Use pam to authenticate by default
AuthPAMAuthoritative on

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups off
UseReverseDNS off

# Port 21 is the standard FTP port.
Port 9009

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# Default to show dot files in directory listings
ListOptions "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228 off
#RootLogin off
#LoginPasswordPrompt on
#MaxLoginAttempts 3
#MaxClientsPerHost none
#AllowForeignAddress on # For FXP


# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart on
AllowStoreRestart on

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 20

# Set the user and group that the server normally runs at.
User nobody
Group nobody

# This is where we want to put the pid file
ScoreboardFile /var/run/proftpd.score

# Normally, we want users to do a few things.

<Directory ~>

<Limit WRITE DELE>
DenyAll
</Limit>

<Limit READ DIRS>
IgnoreHidden On
AllowAll
</Limit>

</Directory>

<Directory ~/ENTER>

<Limit DELE>
DenyAll
</Limit>

<Limit WRITE READ DIRS>
AllowAll
DenyAll
</Limit>
</Directory>


# Define the log formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"

# TLS
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
#TLSEngine on
#TLSRequired on
#TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem
#TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem
#TLSCipherSuite ALL:!ADH:!DES
#TLSOptions NoCertRequest
#TLSVerifyClient off
##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
#TLSLog /var/log/proftpd/tls.log

# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
# User ftp
# Group ftp
# AccessGrantMsg "Anonymous login ok, restrictions apply."
#
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
#
# # Limit the maximum number of anonymous logins
# MaxClients 0 "Sorry, max %m users -- try again later"
#
# # Put the user into /pub right after login
# #DefaultChdir /pub
#
# # We want 'welcome.msg' displayed at login, '.message' displayed in
# # each newly chdired directory and tell users to read README* files.
# DisplayLogin /welcome.msg
# DisplayFirstChdir .message
# DisplayReadme README*
#
# # Some more cosmetic and not vital stuff
# DirFakeUser on ftpadm
# DirFakeGroup on ftpadm
#
# # Limit WRITE everywhere in the anonymous chroot
# <Limit WRITE SITE_CHMOD>
# DenyAll
# </Limit>
#
# # An upload directory that allows storing files but not retrieving
# # or creating directories.
# <Directory uploads/*>
# AllowOverwrite no
# <Limit READ>
# DenyAll
# </Limit>
#
# <Limit STOR>
# AllowAll
# </Limit>
# </Directory>
#
# # Don't write anonymous accesses to the system wtmp file (good idea!)
# WtmpLog off
#
# # Logging for the anonymous transfers
# ExtendedLog /var/log/proftpd/access.log WRITE,READ default
# ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>