Setting up chroot for the stock FTPD
In order implement chroot into the stock ftpd in FreeBSD, you need to re-compile the ftpd source to include ftpd_internal_ls. Follow these steps and you'll be on
your way to chroot'ing your users in no time!
1. Kill the inetd process
2. vi /etc/make.conf
3. Insert FTPD_INTERNAL_LS=YES at the bottom of the file
4. cd /usr/src/libexec/ftpd
5. make clean
6. make all
7. make install
You're done! Now ... to implement the chroot, you must have a /etc/ftpchroot file. This is where you mark which users/groups will be chroot'ed to their login
directories. If you want to add an entire group, do so by putting a "@" in front of the group name (ie @users). If you want to add a single user, simply add their login name into the list.
Example/Explanation of the /etc/ftpchroot file
(DO NOT COPY THE ARROWS OR EXPLANATIONS).
@users<--- Would chroot the
*entire* "users" group to their respective login directories.
@temp <--- Ditto above, this time for the "temp" group.
@group1 <--- Ditto above, this time for the "group1" group.
login1 <--- This would only chroot the user "login1" to their login directory.
login2 <--- Same as above for user "login2".
login3 <--- Same as above for user "login3".
I think you get the idea as to what is going on in the /etc/ftpchroot file.
Don't forget to restart inetd.