Initial commit

config/grequalizer-ftp.conf

@@ -0,0 +1,36 @@
+# Variables: $u: login name, $h: users home, $g: users primary group name
+[main]
+home_path = /backups/ftp/$u
+simulate = no
+limit_to_primary_group = yes
+primary_group_name = ftpusers
+minimum_users_count = 1
+
+[home_existence]
+check = yes
+correct = yes
+
+[home_permissions]
+check = yes
+correct = yes 
+octal_permissions = 750
+
+[home_owner]
+check = yes
+correct = yes
+owner = $u
+
+[home_group]
+check = yes
+correct = yes
+group = root
+
+[user_home]
+check = yes
+correct = yes
+home_path = /
+
+[user_shell]
+check = yes
+correct = yes
+shell = /usr/bin/ftponly 

config/grequalizer-sftp.conf

@@ -0,0 +1,47 @@
+# Variables: $u: login name, $h: users home, $g: users primary group name
+
+[main]
+home_path = /backups/sftp/$u
+simulate = no
+limit_to_primary_group = yes
+primary_group_name = sftpusers
+minimum_users_count = 1
+
+[home_existence]
+check = yes
+correct = yes
+
+#[home_permissions]
+#check = yes
+#correct = yes 
+#octal_permissions = 755
+
+[home_owner]
+check = yes
+correct = yes
+owner = root
+
+[home_group]
+check = yes
+correct = yes
+group = root
+
+[user_home]
+check = yes
+correct = yes
+home_path = /home
+
+[user_shell]
+check = yes
+correct = yes
+shell = /usr/bin/rssh
+
+[home_files]
+check = yes
+correct = yes
+file_list = /opt/grequalizer/conf/files_to_chroots.txt
+
+[home_binaries_with_libs]
+check = yes
+correct = yes
+file_list = /opt/grequalizer/conf/binaries_to_chroots.txt 

config/rssh_append.conf

@@ -0,0 +1,3 @@
+allowscp
+allowsftp
+allowrsync

config/sshd_append.conf

@@ -0,0 +1,14 @@
+DenyGroups ftpusers
+
+Match group sftpusers
+  ChrootDirectory /backups/sftp/%u
+  AuthorizedKeysFile /backups/sftp/%u/%h/.ssh/authorized_keys
+  X11Forwarding no
+  AllowTcpForwarding no
+  
+Match Group BCKviewer
+  ChrootDirectory /vhome/%u
+  AuthorizedKeysFile /vhome/%u/.ssh/authorized_keys
+  ForceCommand internal-sftp
+  AllowTcpForwarding no
+  X11Forwarding no

config/sudo.conf

@@ -0,0 +1 @@
+%BCKadmin ALL=(root) /tools/adduserutil, /tools/deluserutil, /tools/aclutil, /tools/ez-aclutil

config/vsftpd.conf

@@ -0,0 +1,25 @@
+listen=NO
+listen_ipv6=YES
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+dirmessage_enable=YES
+use_localtime=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+chroot_local_user=YES
+chroot_local_user=YES
+secure_chroot_dir=/var/run/vsftpd/empty
+allow_writeable_chroot=YES
+pam_service_name=ftp
+user_sub_token=$USER
+local_root=/backups/ftp/$USER
+userlist_enable=YES
+userlist_file=/etc/vsftpd.user_list
+userlist_deny=NO
+pasv_min_port=30000
+pasv_max_port=31000
+#Certificate/SSL
+rsa_cert_file=/etc/ssl/private/vsftpd.pem
+rsa_private_key_file=/etc/ssl/private/vsftpd.pem
+ssl_enable=yes