Author Topic: creating different virtual directories based on group (mod_ifsession+mod_vroot)  (Read 7034 times)

Offline michal

  • New user
  • *
  • Posts: 2
    • View Profile
Hello everyone,
my first post here. I am trying to achieve the following: I have many users and they belong to different groups. Based on group membership I want to create appropriate virtual directories (symlinks that would point out of jail) in the user's home (jail).

I made a script that checks users home directories and their groups and based on the groups creates those symlinks. Proftpd allows to follow those symlinks even if they are outside of the DefaultRoot (~). I would like, however, to do it differently.

With mod_vroot and mod_ifsession I can use IfGroup and VRootAlias:

<IfGroup camera>
        VRootEngine on
        VRootAlias /Data/camera ~/camera
</IfGroup>

What I want to achieve with this is to create a virtual directory "camera" within user's home directory (pointing to /Data/camera) if a user belongs to group "camera". Is it a good way to go? If not what's the solution here? Currently I get the following error:

proftpd - Fatal: VRootAlias: source path '~/camera' is not an absolute path on line 3 of '/etc/proftpd/virtuals.conf'.

And to tell truth I do not understand it, because that is exactly what they do in the manual (http://www.castaglia.org/proftpd/modules/mod_vroot.html#VRootAlias):

<IfModule mod_vroot.c>
    VRootEngine on

    DefaultRoot ~
    VRootAlias /var/ftp/upload ~/upload
  </IfModule>

Why doesn't this work for me?
Thank in advance for your response,
Michal.


Offline michal

  • New user
  • *
  • Posts: 2
    • View Profile
Okay, I was quite close. I figured it out myself and share it for others.

1. There is a mistake in the example in the manual. It should be:
VRootAlias ~/upload /var/ftp/upload
not:
VRootAlias /var/ftp/upload ~/upload
Moreover, if I specify ~ this also does not work. So the syntax that works for me is:
VRootAlias upload /var/ftp/upload
This one creates upload virtual directory in user's home directory pointing to /var/ftp/upload.

Cheers,
Michal.



Offline Sea-you

  • Regular User
  • **
  • Posts: 47
    • View Profile
This doesn't work for me, I tried several combinations so far, but none of them worked.

Should mod_vroot work together with mod_ifsession?

I have

LoadModule              mod_vroot.c
Include                 /path/to/virtual_folders.conf

in the Server config and I have

in virtual_folders.conf I have
<IfGroup ftponly>
    VRootEngine         On
    VRootAlias          /home/adminb /home/admina/upload
</IfGroup>

I tried as
    VRootAlias          /home/adminb upload
    VRootAlias          /home/adminb ~/upload
    VRootAlias          upload /home/adminb < as mentioned above

none of them worked. I can't even see anything in the tracelog, so it seems to be ignored totally.

Any idea?

Offline castaglia

  • Administrator
  • Support Hero
  • *****
  • Posts: 5373
    • View Profile
    • http://www.castaglia.org/
What versions of proftpd, and of mod_vroot, are being used?

Offline Sea-you

  • Regular User
  • **
  • Posts: 47
    • View Profile
It's 1.3.4c and the latest mod_vroot from github

 

sighted planning