Not logged in - Login
< back

FTP Retrieval System


This page documents the configuration and process for allowing warehouse data requesters to retrieve their data over ftp.

The goals of this system are as follows:

  • Allow users to retrieve their requested data over the internet.
  • Limit users to retrieving only the data they have requested
  • Disallow shell access for users - File retrieval only
  • Require that users provide a username and password when retrieving their data.
  • Require users to retrieve their data within a specified time frame.
  • Avoid duplicating data on the server.
  • Prevent users from changing data housed on the server.
  • Maintain the directory structure of requested data.
  • Automate the system configuration as much as possible.

Preliminary Configuration

  • configure main data store for read-only access
  • vsfptd configured for chroot to home
  • ftponly shell
    • /etc/ftponlyshell - shell script that echos a warning and exits
      • Added to /etc/shells

Automated configuration


Per User

  • Create user account on viking (if not existing)
    • -m make a home directory
    • -e YYYY-MM-DD specify expiration
    • -s /etc/ftponlyshell set users shell to the warning shell
      useradd -m -e 2012-02-25 -s /etc/ftponlyshell username

  • Update existing user account
    • extend expiration?
    • ensure shell is /etc/ftponlyshell
      usermod -e 2012-02-25 -s /etc/ftponlyshell username

Per Request

  • Build matching directory structure for requested data in /home/user/
  • mount --bind main data store directory to parallel directory in /home/user/
  • Generate wget retrieval script with user credentials and correct path

Tear Down

Per User (?)

  • Delete user account and home directory

Per Request

  • Un-mount relevant directories in /home/user/