Creating a chroot ftpd
This article shows how to create a chroot’d ftpd which has a
self-contained ls command.
Background
The original article which referenced chroot and ftpd is installing an alternative ftp daemon – proftpd. In
that article you will read about a problem I was having with ftpd which was associated
with chroot. If I placed a user in /etc/ftpchroot, they were unable to
use the ls command. I understand this is because the ls executable
must be placed within the chroot tree.
The instructions in the next section show you how
to create ftpd so it does not need an external ls command.
Instructions
CT Johnson and Kanji T Bates each
wrote in with instructions. Thank you.
The following steps will create an ftpd
which contains a built in ls. Note that these instructions are for
FreeBSD 3.1 through FreeBSD 3.4. For FreeBSD 4.0, these steps are not required as
this ftpd has the ls command built in.
Note that you will need /usr/src/bin to exist before you do these
steps. To install the source code, do this as root:
# /stand/sysinstall Configure Distributions src bin
Once you have /usr/src/bin, you can do this:
# cd /usr/src/libexec/ftpd # make clean # make -DFTPD_INTERNAL_LS # make install
You now have an ftpd that does not require access to /bin/ls.
With this in place, you can set up our webserver so that each of your users logs
into a chrooted enviornment that contains ONLY their files. And you don’t have to have a
zillion hard links to /bin/ls and a bin dir in each users home
directory.