How do I set up an FTP user with access to web root using vsftpd?
FTP does not follow symlinks for good reasons. Instead, you should use a bind-mount.
# Create mount directory below ftp/files
mkdir /home/ftp_user/ftp/files/www
# Mount
mount -o bind /var/www/html /home/ftp_user/ftp/files/www
Try if it works.
To make it permanent add this to /etc/fstab
:
/var/www/html /home/ftp_user/ftp/files/www none defaults,bind 0 0
Be aware that unlike a symlink, if you delete the www
-folder you will remove all the files in /var/www/html
too.
Related videos on Youtube
![jost21](https://i.stack.imgur.com/Cg8Jy.png?s=256&g=1)
jost21
I'm an EE engineer, full stack web developer, open source advocate and tech enthusiast.
Updated on September 18, 2022Comments
-
jost21 almost 2 years
How do I set up an FTP user with access to web root using vsftpd?
I am currently setting up a website and I am trying to learn more about web servers on the way. I used shared hosting providers before, but this time I'd like to set up the server from scratch with a VPS. I installed a LAMP stack already and installed Wordpress. Everything works so far except for updating Wordpress automatically since it is asking for FTP access.
Therefore I installed
vsftpd
by following this tutorial. This also works accordingly.The problem is that in the tutorial the FTP user has it's dedicated files directory (
/home/ftp_user/ftp/files
), but I need to give the user access to the web root (/var/www/html/site
) for Wordpress performing the update.I tried having the
local_root
point to/var/www/html
and I tried setting up a symlink like this
ln -s /var/www/html /home/ftp_user/ftp/files
but both ways do not work. When I try to connect, it says
vsftpd: refusing to run with writable root inside chroot()
What is the proper way to achieve this? Or would it be better to not use the
/var/www/html
location at all? -
jost21 over 5 yearsThis solved one of my problems, but I still get the
vsftpd: refusing to run with writable root inside chroot()
error. However I could resolve that one by addingallow_writeable_chroot=YES
to thevsftpd.conf
file. I am not sure if it is secure to add that setting, but at least it works.