odd files in my media folder

Status
Not open for further replies.

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
In one (only one) of my media folders a list of files showed up four days ago (I just saw them now but the date says four days ago) they are.

.cshrc
.login
.login_conf
.mail_aliases
.mailrc
.profile
.rhosts
.shrc

How and why did they end up in there I have no idea. a little note is that I thought I had an intrusion of some kind last week.

Can I just delete them? what should I do. I'm a BSD illiterate.
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
I removed the files from my media library. Now they appear in my ftpserver root folder instead. What's up with that? What are they for? Why can my useres download them? >.<
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
Those files are usually found in every Unix/Linux users home directory and are used to set different variables and paths for your shell (the command prompt). They could be getting created there if you set your home directory or some user on you system has that folder as the login/home folder. It's also possible if you are ftp'ing from another Unix system and using a wildcard to transfer files, like .*, they could be getting copied from the system you are connecting from. If you do an 'ls -l .cshrc' for example you should be able to see the owner & group they belong to and that should give you a clue where they are coming from. If you don't see an owner & group like admin/wheel for example, but only see uid/gid numbers then they are probably coming from the system you are connecting from, or if your firewall is open and someone else is ftp'ing to your system, it could come from them too.

In the screenshot below, the user is Admin, and the group is None. If those are numbers instead, then the files *probably* came from another system.

user-group.jpg <- This is a screenshot, click to enlarge
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
I added a user with the ftproot as home directory so that should explain it. Also my first users stuff also ended up in the media library (before I had an ftp root folder). It sems wrong to have them end up there? Or what am I doing wrong?
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
Ok, yes that explains what happened, but why did you choose to make your FTP folder the home directory?

It's actually a security risk because if an FTP user is able to modify any of those .whatever files, they could add some code that would be executed when that user logs in and hack your system.

The main thing you're doing wrong is making the FTP folder the home directory of that user. If you can explain why you did that, maybe I can suggest another idea.
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
I have misunderstood the "home directory" for something else. I thought it was where the user would "land" when logging in on the ftp. That's the only reason, but I realize now that you don't control that through that. Where would the conventional place be?

Thank you for helping me
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
With FreeNAS the conventional place is not possible, but you can make any folder on your storage pool a home folder, for example /mnt/tank/home/user. From the command prompt you need to gain root privileges by typing 'su' and then entering the 'admin' password which should be 'freenas' unless you changed it. Then you would type 'mkdir -p /mnt/tank/home/user'. After you do that, then you would go to Account -> Users -> View All Users and click the 'Modify User' button, and then in the pop-up window change the Home Directory to the folder you created on your storage pool. You also need to change the ownership of the folder you created (at the command line again). Then for example you would type 'cd /mnt/tank/home/user', then you would type 'chown user .' (user = the user you created). You should also set the permissions so only the user can make changes by typing 'chmod 700 .'

That is the long answer ;-) but, you really only need to do all that if you want your user to login with ssh or using the console. It really depends on how you want to access your files, nfs/CIFS/AFS etc., and if you are going to have other people accessing the files also. If it's just you on your local network, it can be easier. Sorry I don't mean to make it confusing, I just want to present different possibilities.

Happy to help you. I hope that all made sense.
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
Oh awesome. My users are not going to have any ssh access and if I remember correctly there is a path for "no login"?
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
hmm, I just tried making a new users with the standard settings with the home folder of /nonexistent instead of /mnt/tank/ftp/ and I can not login, I get an error logging in. I then tried changing the home directory to just /mnt/tank/ftp/ and no problem logging in. the "odd files" did not end up in the ftp root though, I don't know where they ended up.

After login worked, I tried to change the homedir back to /nonexistent and I cannot login. Soo, does the home directory actually need to exist?
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
/nonexistent is intended to prevent users from logging in, it doesn't exist! ;-)

If you want your users to login, they need to have a home directory.
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
Alright I get it, there needs to be an actual path, but it's not the path the ftp logins to. Now I made home/users directories just for the heck of it with no shell login.

Thank you so much for your help. I'm such a novice with file permissions etc.
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
Now I'm getting really confused. Now when my users login on my ftp the directory is empty. I bet they are logged in to the home directories. How am I really going to do this?

If I create users and set their home directory to /mnt/tank/ftp their user config files end up in the ftp root, if set their home folder to /home/user/ they appearntly ftp login to that?

So what I want is every person (for now) to have them login to /mnt/tank/ftp/ without their user config files ending up there with them. what am I doing wrong?
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
I guess the question is, is there a certain reason you need to use FTP?
If you have ssh setup/enabled for your users to login, then they could use 'scp' to push and pull files from their accounts. I think putty even has built in support for transferring with ssh. If you want the users to get files from each other, then you could add a 'group', put your users in that group, and create a 'common' folder for them to take and leave files for each other. FTP is ok, but ssh offers a lot more flexability (and encryption). Does that sound like it would do what you are trying to do?
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
I'm really thankful that you are helping me.

I'm use to FTP and some of my users are computer illiterates so I "must" use ftp.

Did I do wrong in the way I handled this or is this is a flaw in the freenas system that I can't get all users to end up in the same place when they log in without exposing their config files? I've used a bunch of ftp servers through the years.
 

ProtoSD

MVP
Joined
Jul 1, 2011
Messages
3,348
Hi Creepwood, I'm glad to try and help you. I think I just need to confirm what you want to happen.

You want all of your users to end up in the same folder when using FTP?
Is FTP the only way you want them to login, or will they also use ssh and have separate personal folders?


I don't think there is a flaw with FreeNAS and FTP, it's only a problem understanding how you expect things to work so we can make the settings correct.

FreeNAS uses Proftp, so here is a link that might help you understand some of the details a little better:

http://www.proftpd.org/docs/howto/Chroot.html
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
Alright, to break it down. all my users (except me) should end up in /mnt/tank/ftp my users should end up in /mnt/tank/ (which it does atm)

No users except me shall have shell access. :)
 

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,856
Setting up the FTP is a piece of cake. I just had to read what you desired.

1. Under the Services tab, FTP settings, just set the path to where any anonymous user would end up.
2. Enable the FTP service.
3. You must setup users for every account you want to have access and it's destination. Example:
Capture.JPG

For the Admin, or your own account enter the path you desire.

Note: All paths must start with "/mnt/" or you will not be able to log in. Remember that /home/user is trying to access the read only boot device (flash drive) and that is why it needs to be on the storage drive "/mnt/"

Let me know if this explains it enough. I'm willing to help if I missed something.

-Mark
 

creepwood

Explorer
Joined
Jul 12, 2011
Messages
86
Joe: I'm sorry I wasn't clear about the home/user. it's actually /mnt/tank/home/user/ path for the users. As someone told earlier in the thread, I had to have a user folder for each users.

The reason for this is from what I understand that the user config files. the files I found that started the thread ended up where users can ftp-browse. I was told that that was bad (ofc it is) so I made user folders at /mnt/tank/home/ folder, and added that path as the home folder for my users. Turns out they end up their as well when they login through ftp.

I think everyone that responded to this thread is confused on what I'm trying to do here.

I want all users but me to end up in /mnt/tank/ftp/ when they login through ftp.
I don't want the "users config files" to end up in /mnt/tank/ftp/ which they do if you don't use an existing path

If I add a users and choose home directory as /mnt/tank/ftp/ the "strange files" ends up in /mnt/tank/ftp/
If I add a user with the standard /nonexistent folder as home directory I cannot login through ftp
If I add a user with /mnt/home/user/testuser/ as home folder, the "strange files" end up in that directory and also, I end up there when I login through ftp.

Soo. problem is. I want the "strange files" to end up in one place (I don't care really where, as long as it's safe) and the user when they login through ftp to end up in /mnt/tank/ftp/

How do I do this? I'm sorry if I come off as repetitive, but someone it seems to be a lot of confusion.
 
T

thomasdk81

Guest
I am at the same problem as creepwood

I dont know if Creepwood noticed it, but when a new user gets the ftp folder as homedir, the new user gets owner.
 
T

thomasdk81

Guest
This might help others: http://www.proftpd.org/docs/howto/Chroot.html

Specially the part:
DefaultRoot ~ !ftp-special
This says to chroot() every user who is not a member of group ftp-special to their respective home directory, and:

DefaultRoot /path/to/dir group1,group2
will chroot() users who are members of both group1 and group2 into /path/to/dir. More complex group-expressions can be used as needed.

Note that the execute bit (--x) must be on in order to chroot() a user into that directory. This bit is also needed for a user to be able to chdir into that directory.
 
Status
Not open for further replies.
Top