Restrict Permissions Based on Group IDs

The guestgroup line assigns a given group name or group names to behave exactly like the anonymous user. Here is the command:

guestgroup <groupname> [<groupname>]

This command confines the user to a specific directory structure in the same way anonymous users are confined to /var/ftp . This command also limits these users to access files for which their assigned group has permissions.

The groupname parameter can be the name of a group or that group's corresponding GID (Group ID). If you use a GID as the groupname parameter, put a percentage symbol (% ) in front of it. You can use this command to assign permissions to a range of group IDs, as in this example:

guestgroup %500-550

This entry would restrict all users with the group IDs 500550 to be treated as a guest group, rather than individual users. In order for guestgroup to work, you must set up the user's home directories with the correct permissions, exactly like the anonymous FTP user.

Was this article helpful?

0 0

Post a comment