Proftpd: disable identity switch

Question

So, I'm running proFTPD (latest),on Ubuntu 14.04.3 LTS Server 64.

Once a client has successfully authenticated, Proftpd (running as root) switches the new process to the identity/privileges of the authenticated user: all disk operations (read/writes) occurs under than privileges.

I'm looking for a way to perform disk operations as root user.

Thnaks

Danny P.

Are your clients using FTP/FTPS, or SFTP? I ask because the necessary configurations are slightly different for the two protocols. — Castaglia, May 06 '16 at 22:47

Castaglia · Accepted Answer · 2016-05-08T15:00:13.623

Two ways of accomplishing this come to mind.

First, you could construct/use a separate AuthUserFile, and in that file, you define an entry for your user, and that user the UID of 0. This will effectively make your user a root user -- but only for FTP logins. Note that if you use this approach, you will also need to allow root logins (which ProFTPD rejects by default) using:

RootLogin on

in your proftpd.conf.

Alternatively, you could use the UserOwner directive, and specify that user "root" should be used, but only in designated directories. For example:

<Directory /path/to/some/dir>
  # In this directory, file uploads/writes happen as the root user
  UserOwner root
</Directory>

This second approach can be used with all of your FTP clients, rather than just specific users, but can be restricted to specific users if need be.

Hope this helps!

Works like a charm. RootLogin parameter must be set to "On" in the configuration file. — user3262353, May 08 '16 at 04:31

Proftpd: disable identity switch

1 Answers1