Environment
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Novell Open Enterprise Server 2015 (OES 2015) Linux
Situation
A system administrator has configured OES FTP (novell-oes-pure-ftpd) to place users in an NCP home directory (usually on, but not limited to, an NSS volume). This is set in /etc/pure-ftpd/pure-ftpd.conf with:
remote_server yes
EnableRemoteHomeDirectory yes
The configuration has also been set to enforce a chroot jail for all (or some) users so the home directory appears to be the root directory. This is set in /etc/pure-ftpd/pure-ftpd.conf with either:
ChrootEveryone yes
or
TrustedGID xxx
(where the user is NOT a member of the GID xxx)
After staring (or restarting) pure-ftpd, the user will reach the remote NCP home directory in the first 2 or 3 FTP sessions attempted, but after that they will instead get put and chrooted into their posix home directory, such as /home/user1.
Resolution
Update the novell-oes-pure-ftpd package to with November 2015 public maintenance. Specifically:
For OES 11 SP2:
novell-oes-pure-ftpd 1.0.22-33.52.56
(which also may appear in some views as 1.0.22-33.52.56.1)
For OES 2015:
novell-oes-pure-ftpd 1.0.22-33.63
(which also may appear in some views as 1.0.22-33.63.1)
Cause
An earlier fix to remote server access, made public in late 2014, caused a potential side effect in the way novell-oes-pure-ftpd tracks NCP logins. In a chrooted environment, pure-ftpd might lose track of whether the user in question is already logged into an NCP server or not. As such, a necessary NCP login operation (nwlogin) might not be performed.
Note that a chrooted user will not be able to CD to other remote servers / volumes after their FTP session is underway. But they should be able to reach a remote home directory initially, since they are placed in the home directory before the chroot is enforced.