VSFTPD nightmare

greengold · 2010-05-22 16:12:22

Hi all...
Its about vsftpd with virtual users with their own configuration.
I was follow tutorials, google it for two days but nothing works, so here I am.

this is my vsftpd.conf :

download_enable=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
hide_ids=YES
chroot_local_user=YES
guest_enable=YES
guest_username=vsftpd
xferlog_enable=YES
hide_file={*,.*}

chown_uploads=YES
chown_username=root

user_config_dir=/etc/vsftpd-user/

I have created file log with usernames and passwords :

uusseerr
123456

than I have created a database issuing :

db_load -T -t hash -f log /etc/vsftpd.passwd.db

I have created file /etc/pam.d/ftp to tell pam to use that database.
/etc/pam.d/ftp content :

auth required /lib/security/pam_userdb.so db=/etc/vsftpd.passwd.db
account required /lib/security/pam_userdb.so db=/etc/vsftpd.passwd.db

I have created virtual user to run sessions as:

useradd -d /home/uusseerr/ vsftpd

this user config from /etc/vsftpd-user/uusseerr :

anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_upload_enable=YES
local_root=/home/uusseerr
write_enable=YES

and this is output from filezilla trying to login as uusseerr and 123456

Status:    Resolving address of localhost
Status:    Connecting to 127.0.0.1:21...
Status:    Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error:    Could not connect to server
Status:    Waiting to retry...
Status:    Resolving address of localhost
Status:    Connecting to 127.0.0.1:21...
Status:    Connection attempt failed with "ECONNREFUSED - Connection refused by server".
Error:    Could not connect to server

this makes me sad

Last edited by greengold (2010-05-22 16:14:02)

greengold · 2010-05-22 23:33:04

Im curious... why is this http://wiki.archlinux.org/index.php/Vsf … simpler.29 listed in our wiki even through it doesn't work?

Army · 2010-05-23 08:51:08

greengold wrote:

Im curious... why is this http://wiki.archlinux.org/index.php/Vsf … simpler.29 listed in our wiki even through it doesn't work?

Well, this worked for me when I used vsftpd. Maybe it was a little bit different or maybe this only works for earlier versions. Don't know, but I had a running and working vsftpd without xinetd

panosk · 2010-05-23 09:02:56

Hi,

When I set up a vsftp server a year ago or so, I used this guide as a basis http://alien2thisworld.net/sitePages/tu … setup.html but on a Debian system. Maybe you should try it. And this is my conf file.

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES 
local_umask=000
file_open_mode=0777
anon_upload_enable=YES
anon_umask=0000
anon_mkdir_write_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd_login.db
virtual_use_local_privs=YES
pam_service_name=vsftpd
guest_enable=YES
guest_username=virtual
user_sub_token=$USER
local_root=/media/files/FTP/$USER

What was a pain for me was to find the right permissions. Also, for each user you have to create a home folder with the actual username of the user. That means, if you add a user to the database with the name foouser, you have to create his home folder with exactly the same name (in my configuration above, this should be /media/files/FTP/foouser).

Good luck

greengold · 2010-05-25 16:29:36

Thanks, this guide helped me a lot!
I think, problem was that I wasn't using db version 4.6
also interesting woas that when I logged ito localhost ,login was successfull ,but a was not able to read content of user_local folder, when I logged into msi (I had two rows in my /etc/hosts with same loopback address) everything went fine...

greengold · 2010-05-26 23:38:51

just one more question..
If I want virtual users to have access to "data store" from their home folders via mounted data dtore partition to some directory in this home folder --what permissions this folder should have?
I tryed

chown virtualftp:ftp data

,but virtual user can see any content of this folder even throught data store filesystem is mounted correctly.

Last edited by greengold (2010-05-26 23:39:09)

panosk · 2010-05-27 13:13:34

greengold wrote:

just one more question..
If I want virtual users to have access to "data store" from their home folders via mounted data dtore partition to some directory in this home folder --what permissions this folder should have?
I tryed
chown virtualftp:ftp data
,but virtual user can see any content of this folder even throught data store filesystem is mounted correctly.

I am not really sure what you are trying to achieve. The usual configuration is a root folder, say FTP, which contains the home folders of virtual users. With my configuration file, all I have to do is to chown -R virtual Virtual_User's_Home_Folder so the virtual user can write and delete. My root folder (FTP) has 755 rights and belongs to my standard system user.

oiad · 2010-06-16 03:10:52

On a side note, I just followed the archwiki guide that was claimed above not to work and mine works fine. I setup both xine and pam. I have users private directories setup and they work locally and remotely.

Arch Linux

#1 2010-05-22 16:12:22

VSFTPD nightmare

#2 2010-05-22 23:33:04

Re: VSFTPD nightmare

#3 2010-05-23 08:51:08

Re: VSFTPD nightmare

#4 2010-05-23 09:02:56

Re: VSFTPD nightmare

#5 2010-05-25 16:29:36

Re: VSFTPD nightmare

#6 2010-05-26 23:38:51

Re: VSFTPD nightmare

#7 2010-05-27 13:13:34

Re: VSFTPD nightmare

#8 2010-06-16 03:10:52

Re: VSFTPD nightmare

Board footer