"500 OOPS: vsftpd: refusing to run with writable root inside chroot()" - login failed on Debian
Solution 1
I searched for it toooooooooo much, and I really mixed up, so I decided to change vsFTPd to SFTP or something else, till I found a link about this bug.
Then I found out this problem was solved in vsFTPd version 3. So I searched how to upgrade it and could find to add the jessie repository to my Debian 7.3 installation and upgrade it so:
echo "deb http://ftp.us.debian.org/debian jessie main contrib non-free" >> /etc/apt/sources.list
aptitude update
aptitude upgrade vsftpd
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
service vsftpd restart
Now it works correctly for me.
Solution 2
Just add
seccomp_sandbox=NO
to the configuration and restart the service with service vsftpd restart
Then "allow_writeable_chroot=YES" will work also with newer vsFTPd versions (found in 500 OOPS: vsftpd: refusing to run with writable root inside chroot() Keep user jailed).
shgnInc
Updated on September 18, 2022Comments
-
shgnInc over 1 year
I installed vsFTPd for running an FTP server on Debian 7.3 (Wheezy). I checked the vsFTPd version was 2.3.5, and I configured it like so:
listen=YES local_enable=YES write_enable=YES chroot_local_user=YES pasv_min_port=15000 pasv_max_port=15200 allow_writeable_chroot=YES
I followed these articles for solving this problem:
And many others on Google and forums, but my problem was not solved.
NOTE: I have solved this problem on Ubuntu 12.04 (Precise Pangolin), but that solution does not work on Debian 7.3.
I really mixed up on it?!
-
John over 8 yearsYou are right about the Jessie thing but I would not suggest people to just add a Jessie repository to Wheezy. It also wants to update libc and there is a good chance to destroy your disitribution that way.
-
Black over 4 yearsFor me it was enough to just add
allow_writeable_chroot=YES
to /etc/vsftpd.conf -
Valerio Bozzolan almost 4 yearsNote that the
vsftpd
package is Free as in Freedom software, so the first command adding thecontrib
andnon-free
repositories is completely unrelated. Just anapt update
andapt upgrade
and enabling that option is enough.