-7

I have this Linux script I found and I'm trying to understand it. Could someone please help me to understand it.

The script

if [ ! -d "/home/ftp/$PAM_USER" ]; then
  /bin/su - ftp -s /bin/sh -c "/usr/bin/env mkdir /home/ftp/$PAM_USER"
  /bin/su - ftp -s /bin/sh -c "/usr/bin/env chmod 751 /home/ftp/$PAM_USER"
fi

Things I don't understand

if [ ! -d "/home/vsftpd/$PAM_USER" ]; then

I'm assuming the script above is a condition check to see if the pam user directory exist

what does the /bin/su mean

what does the ftp mean

What does -s /bin/sh mean

What does the -c /usr/bin/env mean

  /bin/su - ftp -s /bin/sh -c "/usr/bin/env chmod 751 /home/vsftpd/$PAM_USER"

fi

Lastly how can I test to be sure this script is even working?

I apologize if the answer seems basic or incomplete. Unfortunately do to my current knowledge level, I'm not sure what questions to be asking.

George
  • 145
  • 1
  • 8
  • Have you tried calling these things a piece at a time? – wlraider70 Feb 01 '15 at 04:34
  • @wlraider707 I've been struggling with this stuff for hours. Unfortunately I don't know how to log any of this to know if it's even working. I'm not even sure if the script is being fired. I'm using pam and I think it should be fired with this line within my pam config auth required pam_script.so onerr=success dir=/etc/pam-script but I'm not sure if it's even working. There is no errors in the logs – George Feb 01 '15 at 04:45
  • 4
    I'm voting to close this question as off-topic because the poster needs to study basic unix usage and administration. While I understand the poster's frustration and desire to learn, this isn't the place for it. There are plenty of web sites and books that teach 101-level unix skills. Serverfault is not one of them. – Jenny D Feb 01 '15 at 08:19
  • @JennyD The only bad question is the one not asked. I've have been working on this for 4 days. I think I did my work before asking. – George Feb 01 '15 at 08:27
  • 3
    @George I did not say that the question was bad. I said that this is not the place for it. This is stuff that a unix administrator should know, or know how to find out, before getting root on a server. – Jenny D Feb 01 '15 at 09:07
  • @JennyD please explain to me what this site is for? Last I knew it was a QA site? Am I missing something? – George Feb 01 '15 at 09:19
  • 2
    @George It is a QA site with a specific audience. I think maybe you missed reading the [help]. Your question is a beginner's question, and this is not a site for beginners. I don't know how to put it more clearly than that. Again, this is not a reflection on you as a person. Saying that "sorry, you're in the wrong room" is not an attack or being rude. – Jenny D Feb 01 '15 at 09:26

1 Answers1

2
 /bin/su - ftp -s /bin/sh -c "/usr/bin/env mkdir /home/ftp/$PAM_USER"

Means run the following command

 /usr/bin/env mkdir /home/ftp/$PAM_USER

As the ftp user. You'd need to be root to run the command.

/bin/su will change to a new user ftp and that user is running the command via -c using a /bin/sh shell as referenced by -s

Mike
  • 22,310
  • 7
  • 56
  • 79
  • does ftp user have anything to do with the ftp directory in home/ I found the script here http://t3chnick.blogspot.com/2011/12/vsftp-mysql-virtual-with-auto-create.html My biggest issue is my directory structure is /home/vsftpd/ and his was /opt/ftp/ My script doesn't appear to be working, but I'm also not sure if there is an issue with pam_script. – George Feb 01 '15 at 05:07
  • seems like $PAM_USER is the user you use to ftp in so /home/ftp dir would need to be writable by the ftp user – Mike Feb 01 '15 at 05:10
  • I think your starting to put me on the right track. Thanks. So a couple more quick questions if you have the time. He seems to have provided a more complete answer here http://askubuntu.com/questions/406486/vsftpd-hanging-when-using-pam-exec-or-pam-script I'm seeing a guest_username=ftp Would it be fair to assume that user would be the one writing the directory? or do you think I'm wrong? – George Feb 01 '15 at 05:15
  • @George Please, **please** don't just take a script off of the internet and run it unless you have the prerequisite knowledge to know what it does. This is dangerous. If you don't understand the script, how can you know that it doesn't cause a security hole or enable an attack on your server? – Jenny D Feb 01 '15 at 09:11
  • @JennyD I do believe this is why I posted my question asking what the script did **before** using it. Unlike you, Mike was able to provide me with a useful answer that enabled me to dig deep enough to realize this wasn't the way I wanted to go. – George Feb 01 '15 at 09:15
  • @George If you don't have the ability to figure the basics out, how can you know if the answer you're given is at all correct? This is the point I'm trying to make. You need a solid foundation in how unix works - this is stuff that you should be able to figure out using the `man` command, **before** you get root on a system. – Jenny D Feb 01 '15 at 14:50