Writing permission with VSFTPD and Centos 6.2

vsftpd centos6.2 ftp httpd upload

11,166

What are the rights on /var/www/site2?

User2 will need write access to this directory at the file system level. For instance /var/www/site2 needs to be something like:

ls /var/www
<snip>
drxwr-xr-x user2  www-data     site2/

Make sure SELinux is disabled as well

 setsebool -P allow_ftpd_full_access 1

11,166

Mikaele

Updated on September 18, 2022

Comments

Mikaele almost 2 years
I have a server with centos 6.2 with httpd and vsftpd.

I have few web site in /var/www and i want to add a ftp user for each site.

My user1 home directory is /home/user1 and can read/write to it folder from ftp. (it's the user i use to ssh and almost everything)

I made user2 which home is /var/www/site2 and bash setting /bin/nologin (because i want it to be just a ftp user)

I can log in the FTP with the user2 and download file, but i can't upload file or mkdir...

The permission are :

for /var/www :

drwxrwxr-x. 13 root root 4096 Aug 21 14:08 .

for /var/www/site2 :

drwxrwxrwx. 2 user2 user2 4096 Aug 21 14:35 site2

(the 777 was just for testing...)

My vsftpd.conf is :
```
 anonymous_enable=NO 
 local_enable=YES
 write_enable=YES 
 local_umask=022
 dirmessage_enable=YES
 xferlog_enable=YES
 connect_from_port_20=YES
 xferlog_std_format=NO
 log_ftp_protocol=YES
 chroot_local_user=YES
 listen=YES
 pam_service_name=vsftpd
 userlist_enable=YES
 tcp_wrappers=YES
 banner_file=/etc/vsftpd/banner
```
My iptables is currently stop for testing, so the problem is not my firewall either...

SELinux is enabled :
```
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
```
When i disabled it, it's working! :) How can I enabled it and keep my vsftpd working?

Thank in advance for your help
- Satanicpuppy almost 11 years
  
  Ug. Doesn't matter what your problem is, it's probably the fault of selinux. I disable it whenever I add anything new, so that I get the brief experience of it working before I re-enable selinux and it kills it.
Mikaele almost 11 years

/var/www drwxrwxr-x. 13 root root 4096 Aug 21 14:08 . /var/www/site2 drwxrwxrwx. 2 user2 user2 4096 Aug 21 14:35 site2
TheFiddlerWins almost 11 years

Do you have SELinux enabled?
Mikaele almost 11 years

yes SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targeted
TheFiddlerWins almost 11 years

Please try disabling SELinux for (just to verify that is/is not the problem).
Mikaele almost 11 years

You did it! If SELinux is disable, it's working :) but how can i enable SELinux and having my vsftpd working?
TheFiddlerWins almost 11 years

Please mark the question as answered. To modify your SELinux policy take a look at wiki.centos.org/HowTos/… but I can't answer, I use Debian :D
Mikaele almost 11 years

FYI, I had to set the bool allow_ftpd_full_access to 1 with the command : setsebool -P allow_ftpd_full_access 1