How do ProFTPD/centOS handle directory permissions for virtual ftp users?

7,172

Your homedir has permissions 755 which mean owner (root in this case) can read,write,execute (rwx) but the group (ftp) can only read,execute (rx).

Either change the owner of the directory to ftp or add group write permissions to the home directory (ie: 775).

Share:
7,172

Related videos on Youtube

Sara
Author by

Sara

Updated on September 18, 2022

Comments

  • Sara
    Sara over 1 year

    On proftpd/centos I configure the use of virtual user. I can login as a virtual user but I do not have write permission for this users.

    The proftpd.conf looks like:

    ServerName                      "ftp01"
    DefaultServer                   on
    DefaultRoot                     ~
    AuthPAMConfig                   proftpd
    AuthOrder                       mod_auth_file.c  mod_auth_unix.c
    RequireValidShell  off
    AuthUserFile  /etc/proftpd/ftpd.passwd
    AuthGroupFile /etc/proftpd/ftpd.group
    AuthPAM off
    User                            nobody
    Group                           nobody
    MaxInstances                    20
    UseSendfile                     off
    

    Here is the content of ftpd.passwd:

    user1:hashfrompasswd:50:50::/var/ftp/user1:/bin/false
    

    and ftpd.group:

    ftp:x:50:user1
    

    The output of ls -lah from the home dir (set permission to 755):

    # ls -lah
    insgesamt 44K
    drwxr-xr-x. 10 root ftp      4,0K 27. Dez 11:19 .
    drwxr-xr-x. 21 root root     4,0K  8. Jul 2013  ..
    drwxr-xr-x.  3 ftp  user1    4,0K  7. Jan 15:04 user1
    

    But when I connect to ftp Server as user1 I can connect and login but when I try to put a file or make a directory I get access denied from server. How can I solve this problem?

    • Castaglia
      Castaglia over 8 years
      What does ls -aldn on that home directory show? Keep in mind that the normal /bin/ls command reads the user/group names to display from /etc/passwd, not from your AuthUserFile. So the key thing to look for is the user/group IDs for the directory, and match those up with the user/group IDs from your AuthUserFile.
  • Sara
    Sara over 10 years
    I change the permission to 775 but its the same issue.