Not logged in - Login
< back

FTP Retrieval System

Overview

This page documents the configuration and process for allowing warehouse data requesters to retrieve their data over ftp.

The goals of this system are as follows:

  • Allow users to retrieve their requested data over the internet.
  • Limit users to retrieving only the data they have requested
  • Disallow shell access for users - File retrieval only
  • Require that users provide a username and password when retrieving their data.
  • Require users to retrieve their data within a specified time frame.
  • Avoid duplicating data on the server.
  • Prevent users from changing data housed on the server.
  • Maintain the directory structure of requested data.
  • Automate the system configuration as much as possible.

Preliminary Configuration

  • configure main data store for read-only access
  • vsfptd configured for chroot to home
  • ftponly shell
    • /etc/ftponlyshell - .shshell script that echos a warning and existsexits
      • Added to /etc/shells

Automated configuration

Setup

Per User

  • Create user account on viking (if not existing)
    • make a home directory
    • specify expiration
    • set users shell to /etc/ftponlyshell
  • Update existing user account
    • extend expiration?
    • ensure shell is /etc/ftponlyshell

Per Request

  • Build matching directory structure for requested data in /home/user/
  • mount
  • Generate wget retrieval script with user credentials

Tear Down

Per User (?)

  • Delete user account and home directory

Per Request

  • Unmount relevant directories