Hey folks,
To give some fun background info: our FTP service was ancient software on a windows box. It had some major problems last week, so I jumped ship and installed proftpd on CentOS minimal. I created around 760 users, with their home directories mounted on an iSCSI LUN. (/home/ftpusers/).
I ran into a few issues getting it setup; including having to relabel the directories to honor SELinux. I also resisted the temptation to enable allow_ftpd_full_access or disable the chroot in the ftp conf. Everything is working quite well now. iSCSI mounts on boot, users are jailed to their homedir, and they are able to upload/delete content. I do have one more thing to tackle though... creating a user that can access all of the directories.
Can I (and is it safe) to create a user that has the parent folder as its home (/home/ftpusers)? The reason I ask to do it this way is b/c I would like to leave the chroot settings intact. I figured if the parent can be its home and it could have access to the subdirectories via group permission (ftpadmin), it would technically be jailed but also able to access the homes of the ftpusers.
Is my thinking on this way off? Is there a better approach? Basically, I need an FTP account that can manage the data of all ftp accounts. Another alternative would be sharing out /home/ftpusers so it could be accessed from a Windows machine, but I haven't navigated sharing XFS to Windows.
TIA!
[link][10 comments]