| | | | | | | | | | DescriptionAn FTP Guest User is a restricted Linux Account. The account is allowed to transfer files via FTP only. The account may
not be used for use as an email inbox. If the user logs into the server via SSH or telnet, they are allowed to change their
password and then they are immediately disconnected.
FTP Guest Users may only transfer files into and out of their home directories. By making the home directory of the user be
the /www/sitename/webapps directory, the account is effectively restricted to accessing and updating the
content of a single web site. Keep in mind, however, that the user may still upload
code that can access files outside the site.
AOSH Commands
add_username package username
add_linux_account username group full_name "" "" "" ftponly /usr/bin/ftppasswd
add_ftp_guest_user username
add_linux_server_account username server /www/sitename/webapps
wait_for_linux_account_rebuild server
set_linux_server_account_password username server password
Simple API
/**
* Adds a FTPGuestUser to the system.
*
* @param aoClient the SimpleAOClient to use
* @param packageName the name of the package to add the account to
* @param username the username to allocate
* @param fullName the full name of the user
* @param group the name of the Linux group they can access
* @param server the hostname of the server to add the database to
* @param home the directory the user has access to
* @param password the password for the new account
*/
public static void addFTPGuestuser(
SimpleAOClient aoClient,
String packageName,
String username,
String fullName,
String group,
String server,
String home,
String password
) throws IOException, SQLException {
// Allocate the username
aoClient.addUsername(packageName, username);
// Reserve the username for use as a Linux account
aoClient.addLinuxAccount(username, group, fullName, null, null, null, LinuxAccountType.FTPONLY, Shell.FTPPASSWD);
// Limit the FTP transfers to the users home directory
aoClient.addFTPGuestUser(username);
// Grant the user access to the server
aoClient.addLinuxServerAccount(username, server, home);
// Wait for rebuild
aoClient.waitForLinuxAccountRebuild(server);
// Set the password
aoClient.setLinuxServerAccountPassword(username, server, password);
}
Full API
/**
* Adds a FTPGuestUser to the system.
*
* @param conn the AOServConnector to use
* @param packageName the name of the package to add the account to
* @param username the username to allocate
* @param fullName the full name of the user
* @param group the name of the Linux group they can access
* @param server the hostname of the server to add the database to
* @param home the directory the user has access to
* @param password the password for the new account
*
* @return the new LinuxServerAccount
*/
public static LinuxServerAccount addFTPGuestuser(
AOServConnector conn,
String packageName,
String username,
String fullName,
String group,
String server,
String home,
String password
) throws IOException, SQLException {
// Resolve the Package
Package pk=conn.getPackageTable().getPackage(packageName);
// Allocate the username
pk.addUsername(username);
Username un=conn.getUsernameTable().getUsername(username);
// Reserve the username for use as a Linux account
un.addLinuxAccount(fullName, group, null, null, null, LinuxAccountType.FTPONLY, Shell.FTPPASSWD);
LinuxAccount la=un.getLinuxAccount();
// Limit the FTP transfers to the users home directory
la.addFTPGuestUser();
// Grant the user access to the server
int lsaPKey=la.addLinuxServerAccount(server, home);
LinuxServerAccount lsa=conn.getLinuxServerAccountTable().getLinuxServerAccount(lsaPKey);
// Wait for rebuild
conn.getServerTable().getServer(server).waitForLinuxAccountRebuild();
// Set the password
lsa.setPassword(password);
// Return the new object
return lsa;
}
| | | | | Copyright © 2000-2024 AO Industries, Inc. |
|