How to setup anonymous ftp on a NSS volume hosted on OES2 Linux.

Document ID:7001784
Creation Date:04-Nov-2008
Modified Date:10-Jul-2012
- Micro Focus Products:
  Open Enterprise Server

Environment

Novell Connectivity Products

Novell FTP Services

Novell Open Enterprise Server 2 (OES 2)

Novell Open Enterprise Server (Linux based)

Pure FTP (Pure-FTPd)

Situation

How to configure anonymous ftp access toward a directory hosted on a NSS volume on a Novell Open Enterprise 2 Linux server.

Resolution

This document is superceded by https://support.microfocus.com/kb/doc.php?id=7002984

The new document is more complete and more accurate. This older document might soon be modified, deleted, or archived.

If not already done during the installation, install the "Novell FTP" of the "OES Services Selections".

This can be accomplished by launching "yast oes-install" or if the GUI is preferred "yast2 oes-install". As soon as that YaST module is loaded, select "Novell FTP" in the left pane of the "OES Services" group.

This will install novell-pure-tfpd-config, this package configures Pure-FTPd for integration with Novell's eDirectory. To this end, it modifies the default '/etc/pam.d/pure-ftpd' file installed by the Pure-FTPd package.

Some additional steps are needed, to make a directory hosted on a NSS volume available trough anonymous ftp, since a NSS volume is only accessible by non-LUM enabled users over NCP.

1. Launch "yast users" or if the GUI version is preferred "yast2 users".

2. Set the filter to "System Users" by changing it via the "Set Filter" select button.

3. Find the current ftp user, and rename or delete this user. This can be done by selecting the user, then use the "Edit" or "Delete" button.

4. Create a eDirectory user account named ftp in the container where the LUM users of the OES2 Linux server resides, without a password.

5. LUM enable the ftp server for the OES2 Linux server that will host the anonymous ftp access to its NSS volumes..

6. Edit the "Linux Profile" of the LUM enabled ftp user and change the "Home Directory:" to the path of the NSS hosted directory. Remember to use the system path;/media/nss/[NSSVOL]/[PATH]

7. Optional: The "Login Shell:" in the "Linux Profile" can be set to "/bin/false" to prevent the user being used for a regular login.

Additional Information

As the current Linux ftp user is only used for anonymous ftp access and we are going to create a new one which basically replaces the current native linux user with a LUM enabled eDirectory equivalent, it is perfectly safe to delete the current native linux ftp user.