Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'SWEEEEEET!!!!' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
SWEEEEEET!!!!
Authored by: babbage on May 09, '01 03:12:03PM
Create a symbolic link ("symlink") from the old directory to the new one. If you want to keep
the name, the format is "ln -s /other/directory /new/location/", and if you want to change the
name then the format is "ln -s /other/directory /new/location/new_name". Example:

/Users/chris% ln -s /usr/local/apache ~/
/Users/chris% ln -s /usr/local/apache ~/httpd
/Users/chris% ls -la apache
lrwxr-xr-x 1 chris staff 17 May 9 14:53 apache -> /usr/local/apache
/Users/chris% ls -la httpd
lrwxr-xr-x 1 chris staff 17 May 9 14:53 httpd -> /usr/local/apache

Play around for a minute and you'll get the idea. The trailing slash can be significant
and can change the behavior of the command, so make sure that you're doing what you mean to
be doing. It's generally better to use the full name of the directory in the ln command --
that is, not just the directory name itself, but the full path to it. That way, if you decide
to move the link later (since after all you can move it around just as you can any other file)
then you can be more sure that the reference will still work. For example:


# shorter, easier, and more brittle way
ln -s ../susie/Documents ~/susies_easy_documents

# longer but safer way
ln -s /Users/susie/Documents ~/susies_longer_documents

# note that the names are different, but the contents of these will be the same!

mkdir everyones_documents
mv susies_easy_documents everyones_documents # breaks!
mv susies_longer_documents everyones_documents # works!
ls everyones_documents/susies_easy_documents # broken!
ls everyones_documents/susies_longer_documents # still works!

Etc. This is of course assuming you have permissions to be accessing other users'
Documents directories. If you can't then you won't be allowed in, any more than you
would be allowed to "cd /Users/someone_else/Documents". File & directory permissions
get inherited from the file or directory being referenced.

Note! If it isn't already obvious, it's really dumb to make a link such as this:

ln -s / ~/ftp/root

The whole point of this ftpusers restriction file is to control what parts of your
file system you want to allow to the outside world. If you don't want people to be able
to reach parts of your directory tree, then don't let them! If you link in some other
directory, and that directory in turn has a link to the root of the file system,
then it's just as bad as if you had put that root symlink there yourself. Make sure you
trust that the contents of any directory you're linking in are safe & secure, of you'll
end up defeating the whole purpose of this access control mechanism.

[ Reply to This | # ]

Doesn't work
Authored by: Tablespork on Jun 15, '01 06:29:23PM

The symbolic links dont seem to work via ftp. I can get to regular directories with my ftp user, but when I try a symlink it tells me "No such file or directory". Is there any way around this?



[ Reply to This | # ]
here's how it works....
Authored by: aaronfaby on Sep 06, '02 12:58:16PM

Symlinks will not work because the whole purpose of chroot is so that the user cannot see directories outside the scope of their "root" directory. This means that any directory that you have symlinked to that is outside the scope of the user's "root" is not visible. In which case, if you attempt to access that directory, you will get the "file not found" message.

There really is no way around it. Otherwise, you would be defeating the purpose of chroot in the first place.

Aaron



[ Reply to This | # ]