Hello!

I'm a student and neophyte user of Linux. The distribution I use is Fedora 18 and I mostly work on it for academic purposes. I have to work on this via command line and I use gedit for file editing and filezilla for test purposes.

I had for objective to provide my machine with:
- FTP service
- Allowing anonymous access
- change the anonymous root directory for /srv/FTP
- make it so that a /srv/FTP/upload folder would allow the anonymous user to see its content, upload files to it, but not be able to download from the content of that folder afterwards.

The first three I think I've succeeded. I installed vsftpd via "yum install", created my /srv/FTP/upload directories using mkdir, and edited the /etc/vsftpd/vsftpd.conf file to make sure that...

anonymous_enable was set to yes and uncommented
wrote anon_root with "/srv/FTP"
anon_upload_enable=YES was uncommented

...I think that's about it.

The last part for me was giving permission for anonymous to upload a file to my /srv/FTP/upload folder, but I can't seem to get it right.

I was trying to use "chmod -R ??? upload" to do this (our documentation seems to indicate it's the way to go) but I can't seem to hit the right number values to get what I want. The culprit is probably me not quite grasping what the number actually change despite having read online help...

I get that it's read/write/execute values in a binary format for the root/group/others. But I don't seem to understand how this works together at all.

For example, I beleived that using : "chmod -R 776 upload" would work out for me because then my anonymous user would end up being able to read and write but not execute (which I hoped would be tied to accessing/downloading). Hasn't worked out.

Could someone kindly demystify this for me? I'm rather stumped and I'm not likely to learn much from typing numbers at random, which is what I seem to have been reduced to at this point.

It's been a LONG time since I've used VSFTPD. But here's a list of what I had for allowed commands.

cmds_allowed=ABOR,CWD,LIST,MDTM,NLST,PASV,PASS,PORT,PWD,QUIT,RETR,RNFR,RNTO,SIZE,STOR,USER,CDUP,MODE ,STAT,STOU,SYST,PROT,PBSZ,TYPE,EPSV,FEAT

I don't think, or at least didn't think at the time I used it last, there was a cmds_denied command.

Put the cmds_allowed in the config file and adjust to your needs.

Thanks for the reply!

Unfortunately, after researching cmds_allowed some and trying to implement it without the RETR, it doesn't seem to have any effect. Not to mention I'm rather unsure that it'd fulfill the needs of the task: it's the upload folder that's supposed to have those restrictions - cmds_allowed seems too broad.

Still haven't been able to make it work with chmod on my side, even though in my documentation it's strongly hinted that I should be resorting to it.

Resolved my issue.

First, I needed to assign my /upload folder to my ftp group, like so:
(from /srv/FTP) chgrp ftp upload

And then assign my permissions using chmod.
Like so: chmod -R 775 upload