proftpd/vsftpd + LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm using the LDAP for auth users at FTP service. Want to create
configuration for users where everyone who connect need to be at LDAP
but can use any password (for developers who doesn't want left own
password at code). Thats make in PAM and it's working. Problem is when
I try auto create homedir's for FTP in different location then LDAP
homeDirectory. For example:

user: user1
password: any_password_he_likes
homeDirectory: /home/user1

Now I want when user connect use directory '/somedir/ftp/user1' (not
/home/user1) and autocreate it if doesn't exist.

Proftpd got native LDAP support for connection and there is option
'LDAPForceGeneratedHomedir' and 'LDAPGenerateHomedirPrefix' but it's
likely impossible to allow connect user without password check (any
password is correct).

My pam configuration for proftpd/vsftpd:

#v+
# cat /etc/pam.d/proftpd
#%PAM-1.0
auth		required	pam_env.so
auth		sufficient	pam_shells.so
auth		required	pam_stack.so service=system-auth
account		required	pam_stack.so service=system-auth
session		required	pam_env.so
session		required	pam_stack.so service=system-auth
#v-

I try pam_env with:

#v+
# tail /etc/security/pam_env.conf
#
# silly examples of escaped variables, just to show how they work.
#
#DOLLAR		DEFAULT=\$
#DOLLARDOLLAR	DEFAULT=	OVERRIDE=\$${DOLLAR}
#DOLLARPLUS	DEFAULT=\${REMOTEHOST}${REMOTEHOST}
#ATSIGN		DEFAULT=""	OVERRIDE=\@

HOME           DEFAULT="/d0/ftp/@{PAM_USER}" OVERRIDE="/d0/ftp/@{PAM_USER}"
homeDirectory  DEFAULT="/d0/ftp/@{PAM_USER}" OVERRIDE="/d0/ftp/@{PAM_USER}"
#v-

But didn't override HOME.


Regards
-- 
Łukasz Jagiełło
lukasz<at>jagiello<dot>org
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux