allow-paths |
NcFTPd general.cf file configuration Don't forget to restart NcFTPd after modifying the general.cf file. |
This experimental option can be used to open additional areas of the filesystem to unprivileged (not root), but restricted users.
For example, let's say you have a restricted user named joeuser whose restricted directory is /home/joeuser. Normally joeuser cannot access any file outside of /home/joeuser, but you want him to be able to access his web document root which is at /usr/local/apache/users/joeuser.
If you use this option to allow /usr/local/apache/users/joeuser, you could then do the following:
# cd /home/joeuser # mkdir users # ln -s /usr/local/apache/users/joeuser users/joeuser
This would create a virtual graft where the users/joeuser path would now point to /usr/local/apache/users/joeuser, so joeuser could access his web documents by FTP. In this case the graft point is the symbolic link joeuser which is in /home/joeuser/users.
Note that there is a limitation where the graft point must be the same name as the last directory node in your allow-path, so unfortunately the following would not work, because the last node in your allow-path of /usr/local/apache/users is users while the graft point is named public_html.
# ln -s /usr/local/apache/users/joeuser /home/joeuser/public_html
Examples:
Recommendation: