VSFTPd problem

Paul Howarth paul at city-fan.org
Wed Sep 7 07:14:07 UTC 2005


On Wed, 2005-09-07 at 07:50 +0100, Paul wrote:
> Hi,
> 
> I have a problem with vsftpd. While users can login and download, they
> cannot upload to their home directories. What I've done is this.
> 
> 1. Clean install of FC4 then updated. 
> 2. Edited the vsftpd.conf file to disallow all anon attempts
> 3. Created a new test account and wrote a test file for that account
> (hello world in a text file!)
> 4. Restarted vsftpd
> 5. From another machine, logged in.
> 6. Downloaded a test file.
> 7. Attempt to delete test file on the server, no go
> 8. Attempt to write a file to the the server, no go
> 
> I've never had this problem before with vsftpd and am using the default
> security settings (firewall on, set for ftp, www, ssh and ntp ports to
> be open and SELinux to be nice).

"man ftpd_selinux" says:

   SELinux ftp daemon policy is customizable based on least access
   required. So by default SElinux does not allow users to login and
   read their home directories. If you are setting up this machine as
   a ftpd server and wish to allow users to access their home
   directorories, you need to set the ftp_home_dir boolean.

   setsebool -P ftp_home_dir 1

I guess you've already done this since downloads are working.

Are you getting any AVC messages in /var/log/audit/audit.log when trying
to write to this area? Are the home directories on a local filesystem or
are you using NFS/samba etc.?

> Second to this, how do I get it to allow passive transfers? proftpd
> seemed to do this by default (IIRC), but I can't get vsftpd to do it.

Pass; I'm also a proftpd user and haven't tried vsftpd.

> Any help would be appreciated and if you're in the Salford area of
> Manchester, beer provided :-)

Given the Shanks quote common in your sigs, it would appear you're deep
in enemy territory ;-) I'm in Sale.

Paul.
-- 
Paul Howarth <paul at city-fan.org>




More information about the fedora-list mailing list