Re: [Proftpd-user] Virtual File System

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

At 03:46 PM 7/30/2010, Allen Firstenberg wrote:
>We have been using proftpd for a while now to support "virtual 
>users" that are authenticated via a database module we tailored and 
>determine a home directory based on that users settings.
>We are looking to improve this a little bit, so that instead of 
>being permitted to just one directory, they will be able to access 
>several subdirectories of a common directory, but they will not be 
>permitted to other subdirectories.  Which directories they can and 
>can't access must be determined at runtime - we can't just put 
>people into groups and permit the directory to that group only.
>
>Is there a "virtual file system" module currently available that I 
>don't see on the module list?  Are there hooks that we can easily 
>tap into to implement something along these lines?

Hmm, I re-read your query above, and it sounds like you mean that the 
subdirectories accessible are completely dynamic, being determined 
only when the user logs in.  Wow.  You really do want 'virtual'.  I'm 
not sure the stuff I originally typed below will be of any help...

As another line of investigation, there is the possibility of using 
*nix features to accomplish things like this.  You might want to read
     http://www.proftpd.org/docs/howto/Chroot.html
which mentions both hard links and mount --bind

When I think of "this is same as that" I always get tripped up by the 
possibilities for 'file' vs. 'directory'.

Hard links work only on files.  It is impractical to hard link all 
the (current) files in one directory into another, though one or two 
'specials' is reasonable.
     sudo 
ln  /var/opt/sftp/chroot/dev/log  /var/opt/sftp/chroot/sftponly2/dev/log

To do the equivalent with whole directories or directory trees you 
need to use something like Linux's mount bind feature.  This truly 
makes one directory really refer to another.
     sudo mount --bind /ftpmount/group_me/Inbound 
/var/opt/sftp/chroot/budg_me/Inbound
Problem with this is the total number of bound mount points is I think limited.

>Appreciated, as always.
>
>------------------------------------------------------------------------------
>The Palm PDK Hot Apps Program offers developers who use the
>Plug-In Development Kit to bring their C/C++ apps to Palm for a share
>of $1 Million in cash or HP Products. Visit us here for more details:
>http://p.sf.net/sfu/dev2dev-palm
>_______________________________________________
>ProFTPD Users List   <pro...@pr...>
>Unsubscribe problems?
>http://www.proftpd.org/list-unsub.html