chroot-symlinks
A typical scenario is one where “DefaultRoot ~” is used to restrict users to their home directories, and where the administrator would like to have a shared upload directory, say /var/ftp/incoming, in each user’s home directory. Symbolic links would normally be used to provide an arrangement like this. As mentioned above, though, when chroot(2) is used (which is what the DefaultRoot directive does), symlinks that point outside the new root (the user’s home directory in this case) will not work. To get around this apparent limitation, it is possible on modern operating systems to mount directories at several locations in the filesystem.
To have an exact duplicate of the /var/ftp/incoming directory available in /home/bob/incoming and /home/dave/incoming, use one of these commands:
* Linux (as of the 2.4.0 kernel):
mount --bind /var/ftp/incoming /home/bob/incoming
mount --bind /var/ftp/incoming /home/dave/incoming
* BSD (as of 4.4BSD):
mount_null /var/ftp/incoming /home/bob/incoming
mount_null /var/ftp/incoming /home/dave/incoming
* Solaris:
mount -F lofs /var/ftp/incoming /home/bob/incoming
mount -F lofs /var/ftp/incoming /home/dave/incoming
The same technique can be used for <Anonymous> directories, which also operate in a chroot()ed environment.
As usual, more information can be found by consulting the man pages for the appropriate command for your platform. The commands for other flavors of Unix will be added as needed.
In order to have these tricks persist, to survive a system reboot, the /etc/fstab (or /etc/vfstab) file may need to have these mounts added. Consult your local fstab(5) (or vfstab(4) for Solaris) man pages for more information.
http://www.proftpd.org/localsite/Userguide/linked/chroot-symlinks.html
最新评论