December 18, 200916 yr Hello, I understand that there is a FTP server built in with unraid. Where is the configuration file for the server? I'd like to be able to control the users and folder permissions. Thank you,
February 11, 201016 yr Author Hello I'm revisiting this as I need to get the FTP up and running. although it's working, I'd like to know where I can go set up permissions and configuration?
February 11, 201016 yr Hello I'm revisiting this as I need to get the FTP up and running. although it's working, I'd like to know where I can go set up permissions and configuration? The version of ftp supplied with unRAID is vsfptd version 2.0.5 Its configuration file is in /etc/vfstpd.conf You will need to edit it to suit you needs. (Copy it to the flash drive, edit as needed, copy back from the flash drive upon reboot, then re-start inet daemon) To re-start the inetd process, type: /etc/rc.d/rc.inetd restart It is a standard linux command. A manual page for it can be found here: http://vsftpd.beasts.org/vsftpd_conf.html One description of how to set it up is here (there are many on the web if you search for vsftpd configuration) http://www.basicconfig.com/linuxnetwork/ftp_server more detailed descriptions here https://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1-ftp-vsftpd-conf.html Joe L.
February 11, 201016 yr I edited the prior post to show how to re-start the process after putting into place an edited vsftpd.conf file in /etc/
February 11, 201016 yr Author I didn't realize unraid had all these odd permission problems. Seems like all the new shares and such get a drwx------ permission. I have a question about that. SMB Shares rely on the cfg file in tyhe config folder to determine user rights correct? Therefore, if I were to change everything to 755, it will not affect the network share?
February 11, 201016 yr I didn't realize unraid had all these odd permission problems. Seems like all the new shares and such get a drwx------ permission. I have a question about that. SMB Shares rely on the cfg file in tyhe config folder to determine user rights correct? Therefore, if I were to change everything to 755, it will not affect the network share? 755 should be fine for directories, I'd use 644 for files. (they do not need execute permission) Samba runs as root, but implements its own security. The permissions are one of the things that will change in unRAID 5.0 (according to this paragraph in the 4.5 release notes) What's next then? I've already started work on the 5.0 release, with two main goals: 1. Redesign of how unRAID manages share and file secruity. In the beginning, the only protocol supported was SMB (Windows Networking). Actually the entire design of unRAID OS is optimized to be a NAS in a Windows world. As a result, and to speed development, unRAID OS relies on Samba for most security purposes. The problem with this approach is that other protocols, especially AFP and NFS, do not integrate smoothly. This has turned out to be a big problem & so it will be addressed. His comments apply equally to "ftp" users. Joe L.
February 11, 201016 yr Author Thanks for clarifying. I found the smb-shares.conf and saw what you were referring to samba using it's own security. Now this should allow me to optimize the ftp server without worrying of breaking the shares.
February 11, 201016 yr Author Hi Joe, I'm going to steer the conversation to another direction if you don't mind. Mainly because I am working on opening the ftp server and some other ports to the server soon and security is my major concern. I investigated further andn oticed some accounts are open to a shell account. I did a search and noticed you brought it up here: http://lime-technology.com/forum/index.php?topic=962.0 apparently it was supposed ot be fixed, i'm using 4.4 beta13 and those same accounts are open. Changin the shell to /bin/false would not affect the server otherwise would it?
February 11, 201016 yr Hi Joe, I'm going to steer the conversation to another direction if you don't mind. Mainly because I am working on opening the ftp server and some other ports to the server soon and security is my major concern. I investigated further andn oticed some accounts are open to a shell account. I did a search and noticed you brought it up here: http://lime-technology.com/forum/index.php?topic=962.0 apparently it was supposed ot be fixed, i'm using 4.4 beta13 and those same accounts are open. Changin the shell to /bin/false would not affect the server otherwise would it? There are still accounts with no password in 4.5.1. It might have been fixed back when I made that post, but it sure looks broken again now for shutdown, halt, operator, mysql and gdm. :( Yes, changing the shell to /bin/false is one way to handle it, another is to add a password in the password field. You need to fix both the file in /etc/passwd and the one in /boot/config/passwd. Joe L.
Archived
This topic is now archived and is closed to further replies.