Sophie

Sophie

distrib > Mandriva > current > i586 > media > main-updates > by-pkgid > d6be4b6221ed0079f02ff7a69c44b50c > files > 4

proftpd-mod_vroot-1.3.3g-0.1mdv2010.2.i586.rpm

<!-- $Id: mod_vroot.html,v 1.12 2009/10/19 16:30:18 tj Exp tj $ -->
<!-- $Source: /home/tj/proftpd/modules/doc/RCS/mod_vroot.html,v $ -->

<html>
<head>
<title>ProFTPD module mod_vroot</title>
</head>

<body bgcolor=white>

<hr>
<center>
<h2><b>ProFTPD module <code>mod_vroot</code></b></h2>
</center>
<hr><br>

This module is contained in the <code>mod_vroot.c</code> file for
ProFTPD 1.3.<i>x</i>, and is not compiled by default.  Installation
instructions are discussed <a href="#Installation">here</a>.

<p>
The purpose of this module to is to implement a virtual chroot capability
that does not require root privileges.  The <code>mod_vroot</code> module
provides this capability by using ProFTPD's FS API, available as of 1.2.8rc1.

<p>
The most current version of <code>mod_vroot</code> can be found at:
<pre>
  <a href="http://www.castaglia.org/proftpd/">http://www.castaglia.org/proftpd/</a>
</pre>

<h2>Author</h2>
<p>
Please contact TJ Saunders &lt;tj <i>at</i> castaglia.org&gt; with any
questions, concerns, or suggestions regarding this module.

<h2>Thanks</h2>
<p>
<i>2003-08-26</i>: Thanks to Oskar Liljeblad for the elegant patch that added
symlink support.

<h2>Directives</h2>
<ul>
  <li><a href="#VRootAlias">VRootAlias</a>
  <li><a href="#VRootEngine">VRootEngine</a>
  <li><a href="#VRootLog">VRootLog</a>
  <li><a href="#VRootOptions">VRootOptions</a>
  <li><a href="#VRootServerRoot">VRootServerRoot</a>
</ul>

<hr>
<h2><a name="VRootAlias">VRootAlias</a></h2>
<strong>Syntax:</strong> VRootAlias <em>src-path dst-path</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_vroot<br>
<strong>Compatibility:</strong> 1.3.2 and later

<p>
The <code>VRootAlias</code> directive is used to create an "alias" of a
directory outside of the chroot area into the chroot.  The <em>dst-path</em>
parameter is a <b>relative</b> path, relative to the chroot area (<i>i.e.</i>
the directory in which the session starts).  The <em>src-path</em> parameter,
on the other hand, is an <b>absolute</b> path, and may be to a file or
directory.

<p>
For example, you might map a shared upload directory into a user's home
directory using:
<pre>
  &lt;IfModule mod_vroot.c&gt;
    VRootEngine on

    DefaultRoot ~
    VRootAlias /var/ftp/upload ~/upload
  &lt;/IfModule&gt;
</pre>
This will automatically create an "upload" directory to appear in the
chroot area (in this case, the user's home directory).

<p>
Note that this directive will <b>not</b> work if the
<code>VRootServerRoot</code> is used.

<p>
<hr>
<h2><a name="VRootEngine">VRootEngine</a></h2>
<strong>Syntax:</strong> VRootEngine <em>on|off</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_vroot<br>
<strong>Compatibility:</strong> 1.2.8rc1 and later

<p>
The <code>VRootEngine</code> directive enables the virtual chroot engine
implemented by <code>mod_vroot</code>.  If enabled, the virtual chroot will
be used in place of the operating system's <code>chroot(2)</code>.  This
directive affects any <code>DefaultRoot</code> directives and any
<code>&lt;Anonymous&gt;</code> contexts within the server context in which
the <code>VRootEngine</code> directive appears.

<p>
<hr>
<h2><a name="VRootLog">VRootLog</a></h2>
<strong>Syntax:</strong> VRootLog <em>file</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_vroot<br>
<strong>Compatibility:</strong> 1.3.0rc1 and later

<p>
The <code>VRootLog</code> directive is used to specify a log file for
<code>mod_vroot</code>'s reporting on a per-server basis.  The <em>file</em>
parameter given must be the full path to the file to use for logging.

<p>
<hr>
<h2><a name="VRootOptions">VRootOptions</a></h2>
<strong>Syntax:</strong> VRootOptions <em>opt1 ...</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> &quot;server config&quot; <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_vroot<br>
<strong>Compatibility:</strong> 1.2.9rc2 and later

<p>
The <code>VRootOptions</code> directive is used to configure various optional
behavior of <code>mod_vroot</code>.

<p>
Example:
<pre>
  VRootOptions allowSymlinks
</pre>

<p>
The currently implemented options are:
<ul>
  <li><code>allowSymlinks</code><br>
    <p>
    Normally, any symlinks that point outside of the vroot area simply do
    not work.  When the <code>allowSymlinks</code> option is enabled, these
    symlinks will be allowed.  Note that by enabling symlinks, the efficacy
    of the vroot &quot;jail&quot; is reduced.
  </li>
</ul>

<p>
<hr>
<h2><a name="VRootServerRoot">VRootServerRoot</a></h2>
<strong>Syntax:</strong> VRootServerRoot <em>path</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> &quot;server config&quot; <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_vroot<br>
<strong>Compatibility:</strong> 1.3.2rc1 and later

<p>
The <code>VRootServerRoot</code> directive is used to configure a directory
to which the <code>mod_vroot</code> module will perform a <i>real</i> chroot.
The idea is that each <code>&lt;VirtualHost&gt;</code> can have its own
directory to which a real <code>chroot(2)</code> system call is made;
the user-specific home directories will be virtual roots underneath this
directory.  Thus some measure of security, via the <code>chroot(2)</code>
system call, is provided by the kernel, while still allowing symlinked shared
folders among users of this <code>&lt;VirtualHost&gt;</code>.

<p>
For example:
<pre>
  &lt;VirtualHost a.b.c.d&gt;
    VRootEngine on
    VRootServerRoot /etc/ftpd/a.b.c.d/
    VRootOptions allowSymlinks
    DefaultRoot ~
    ...

  &lt;/VirtualHost&gt;
</pre>

<p>
See also: <a href="#VRootOptions"><code>VRootOptions</code></a>

<p>
<hr>
<h2><a name="Installation">Installation</a></h2>
After unpacking and patching the latest proftpd-1.3.<i>x</i> source code, copy
the <code>mod_vroot.c</code> file into:
<pre>
  <i>proftpd-dir</i>/contrib/
</pre>
Then follow the normal steps for using third-party modules in proftpd:
<pre>
  ./configure --with-modules=mod_vroot
  make
  make install
</pre>

<p>
<hr>
Author: <i>$Author: tj $</i><br>
Last Updated: <i>$Date: 2009/10/19 16:30:18 $</i><br>
<hr>

<font size=2><b><i>
&copy; Copyright 2000-2009 TJ Saunders<br>
 All Rights Reserved<br>
</i></b></font>

<hr>
</body>
</html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional