| Summary | jail for multiple homes |
| Queue | Gollem |
| Queue Version | HEAD |
| Type | Enhancement |
| State | Accepted |
| Priority | 1. Low |
| Owners | |
| Requester | horde-tr (at) metu (dot) edu (dot) tr |
| Created | 03/12/2008 (6272 days ago) |
| Due | |
| Updated | 04/04/2008 (6249 days ago) |
| Assigned | |
| Resolved | |
| Milestone | |
| Patch | No |
directory not below root."
Emre.
Priority ⇒ 1. Low
Patch ⇒ No
Milestone ⇒
Queue ⇒ Gollem
Summary ⇒ jail for multiple homes
Type ⇒ Enhancement
State ⇒ New
If you have multiple home directories on the ftp server like;
/home_1/user_a
/home_2/user_b
you cannot define a static 'root' => '/home' and a 'home' =>
Auth::getAuth() line to jail a user to the home (in conf/backends.php).
The only choice left (that I could figure out :) is to use something
like 'root' => '~' and 'home' => './' which seems to be working until
you try to "cd" to a sub-directory (error: ~/~/sub-directory not found).
This did the trick for me;
Added the lines below to horde/gollem/lib/Sessions.php just above the comment:
"Make sure the home parameter lives under root ...." on line 127;
if (!empty($ptr['multihomejail'])) {
if ($ptr['multihomejail'] == true) {
$ptr['home'] = $GLOBALS['gollem_vfs']->getCurrentDirectory();
$ptr['root'] = $ptr['home'];
}
}
and added the parameter 'multihomejail' => true to
horde/gollem/config/backends.php . A sample ftp entry looks like this;
$backends['hordeftp'] = array(
'name' => 'WebFTP',
'driver' => 'ftp',
'preferred' => '',
'hordeauth' => true,
'params' => array(
'hostspec' => 'servername',
'port' => 21,
'pasv' => true,
'vfsroot' => '',
'permissions' => '700'
),
'loginparams' => array(
),
'root' => '',
'home' => '',
'multihomejail' => true,
'clipboard' => true,
'attributes' => array('type', 'name', 'edit', 'download',
'modified', 'size', 'permission', 'owner', 'group')
);
Best regards,
Emre Sezginer
horde-tr team
horde-tr.at.metu.edu.tr