Sempre que fa\u00e7o a instala\u00e7\u00e3o de um servidor PureFTPD, quando vou testar o acesso, noto que o diret\u00f3rio inicial do cliente est\u00e1 com o path f\u00edsico real sendo mostrado.. assim:<\/p>\n
\r\nConnected to servidor.\r\n220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\r\n220-You are user number 1 of 50 allowed.\r\n220-Local time is now 10:42. Server port: 21.\r\n220-This is a private system - No anonymous login\r\n220-IPv6 connections are also welcome on this server.\r\n220 You will be disconnected after 15 minutes of inactivity.\r\nName (servidor:user): usuario\r\n331 User usuario OK. Password required\r\nPassword:\r\n230 OK. Current directory is \/home\/usuario\r\nRemote system type is UNIX.\r\n<\/pre>\nComo n\u00e3o quero isso, vou atr\u00e1s de fechar esse acesso…<\/p>\n
o Pureftpd (pelo menos no Debian) cria a seguinte estrutura para os arquivos de configura\u00e7\u00e3o:<\/p>\n
\r\ncd \/etc\/pure-ftpd\/conf\r\nroot@servidor:\/etc\/pure-ftpd\/conf# ls -l\r\ntotal 40\r\n-rw-r--r-- 1 root root 36 Feb 25 2015 AltLog\r\n-rw-r--r-- 1 root root 6 Feb 25 2015 FSCharset\r\n-rw-r--r-- 1 root root 5 Feb 25 2015 MinUID\r\n-rw-r--r-- 1 root root 29 Feb 25 2015 MySQLConfigFile\r\n-rw-r--r-- 1 root root 4 Feb 25 2015 NoAnonymous\r\n-rw-r--r-- 1 root root 4 Feb 25 2015 PAMAuthentication\r\n-rw-r--r-- 1 root root 28 Feb 25 2015 PureDB\r\n-rw-r--r-- 1 root root 18 Feb 25 2015 TLSCipherSuite\r\n-rw-r--r-- 1 root root 3 Feb 25 2015 UnixAuthentication\r\nroot@servidor:\/etc\/pure-ftpd\/conf#\r\n<\/pre>\nNote que cada arquivo, representa o nome de um ‘wrapper’ (pacote), que nesse caso, representa uma configura\u00e7\u00e3o opcional espec\u00edfica. A lista completa dos wrappers pode ser vista nas man pages (sim, elas ainda existem! – menos Google e mais man):<\/p>\n
man pure-ftpd-wrapper<\/pre>\nOs wrappers s\u00e3o divididos por tipos com valores, como Boleanos, Num\u00e9ricos, String, etc..<\/p>\n
Enfim, na lista, vamos procurar o whapper: ‘ChrootEveryone’, que possui valor boleano.<\/p>\n
Nesse caso, podemos usar: “Yes”,1,”On” para habilitar ou “No”,0 or “Off” para desativar.<\/p>\n
Vamos criar ele dentro do nosso diret\u00f3rio de configura\u00e7\u00e3o:<\/p>\n
\r\n\r\ncd \/etc\/pure-ftpd\/conf\r\ncat Yes > ChrootEveryone\r\nls -l\r\ntotal 40\r\n-rw-r--r-- 1 root root 36 Feb 25 2015 AltLog\r\n-rw-r--r-- 1 root root 4 Mar 31 10:46 ChrootEveryone\r\n-rw-r--r-- 1 root root 6 Feb 25 2015 FSCharset\r\n-rw-r--r-- 1 root root 5 Feb 25 2015 MinUID\r\n-rw-r--r-- 1 root root 29 Feb 25 2015 MySQLConfigFile\r\n-rw-r--r-- 1 root root 4 Feb 25 2015 NoAnonymous\r\n-rw-r--r-- 1 root root 4 Feb 25 2015 PAMAuthentication\r\n-rw-r--r-- 1 root root 28 Feb 25 2015 PureDB\r\n-rw-r--r-- 1 root root 18 Feb 25 2015 TLSCipherSuite\r\n-rw-r--r-- 1 root root 3 Feb 25 2015 UnixAuthentication\r\n<\/pre>\nPronto, fazemos um “restart” no servi\u00e7o e vamos testar:<\/p>\n
\r\n\r\n# systemctl restart pure-ftpd-mysql\r\n\r\n:~# ftp servidor\r\nConnected to servidor.\r\n220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\r\n220-You are user number 1 of 50 allowed.\r\n220-Local time is now 10:46. Server port: 21.\r\n220-This is a private system - No anonymous login\r\n220-IPv6 connections are also welcome on this server.\r\n220 You will be disconnected after 15 minutes of inactivity.\r\nName (servidor:user): usuario\r\n331 User usuario OK. Password required\r\nPassword:\r\n230 OK. Current restricted directory is \/\r\nRemote system type is UNIX.\r\nUsing binary mode to transfer files.\r\nftp> pwd\r\n257 "\/" is your current location\r\nquit\r\n\r\n<\/pre>\nOk, agora o usu\u00e1rio vai ficar limitado ao diret\u00f3rio espec\u00edfico configurado para ele.<\/p>\n
<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Sempre que fa\u00e7o a instala\u00e7\u00e3o de um servidor PureFTPD, quando vou testar o acesso, noto que o diret\u00f3rio inicial do cliente est\u00e1 com o path f\u00edsico real sendo mostrado.. assim: Connected to servidor. 220———- Welcome to Pure-FTPd [privsep] [TLS] ———- 220-You are user number 1 of 50 allowed. 220-Local time is now 10:42. Server port:… ler mais »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[28,27,17,26,25,29],"class_list":["post-144","post","type-post","status-publish","format-standard","hentry","category-linux","tag-configuracoes","tag-ftp","tag-linux","tag-pure-ftpd","tag-pureftpd","tag-wrapper"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/posts\/144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/comments?post=144"}],"version-history":[{"count":5,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/posts\/144\/revisions"}],"predecessor-version":[{"id":152,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/posts\/144\/revisions\/152"}],"wp:attachment":[{"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/media?parent=144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/categories?post=144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tia-go.net\/wordpress\/wp-json\/wp\/v2\/tags?post=144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}