LinuxQuestions.org - VSFTPD Virtual/Local local_root Permissions Problem (alllmost there)

Hi everybody,

I'm running a Gentoo virtual machine and I'm playing around with vsFTPd version 3.0.2, I have it pretty much working the way that I want, but I have just one problem that I'd like to see if I can resolve.

I have a virtual and local user setup. I have created the user 'virtual' in the group 'virtual'. Both virtual users and local users can log-in, virtual users can upload, but local users cannot. Clearly the problem is that all users, local and virtual, are acting as the user 'virtual' (guest_username=virtual) - I have the virtual users' local_roots owned by the user 'virtual', but local users' local_root is just their home directory, which is clearly not owned by 'virtual'.

Each virtual user has a configuration file (user_config_dir=/etc/vsftpd/user_conf) - in each of those files I specify the local_root for that user, which will be owned by 'virtual' - it works great. If I do not make a config file for each local user (also in /etc/vsftpd/user_conf/) the local user is directed to the home directory for the user 'virtual' when they log-in.

So, my questions:

1) How can I make it so that local users log-in as themselves, and not as the guest user 'virtual' - such that they have permission to write to their home directories.
2) Is there a better, more automated way of having vsFTPd determining the local_root of a local user than looking at that user's config file in user_config_dir? Such that if a local user logs-in that they are acting as themselves (thus they are able to write to their home directory).

I have tried setting local_root=/home/$USER in vsftpd.conf, which won't work, a) because the user 'virtual's home folder isn't at /home/virtual (just the way I set it up), b) and all users come in as the user 'virtual', so even if /home/virtual did exist I would still not be accomplishing what I want.

My vsftp.conf:

Code:

#GENERAL

#------

listen=YES

dirmessage_enable=YES

# banner_file=/etc/vsftpd/vsftpd.banner # edit banner first

chown_uploads=YES

xferlog_enable=YES

idle_session_timeout=600

data_connection_timeout=120

#ascii_upload_enable=YES

#ascii_download_enable=YES

ls_recurse_enable=NO

pam_service_name=ftp

file_open_mode=0666

local_umask=0002



#LOCAL

#----

local_enable=YES

write_enable=YES



#the next 3 settings make it such that only users listed in user_list have access

userlist_file=/etc/vsftpd/user_list

userlist_enable=YES

userlist_deny=NO



#ANON

#----

anonymous_enable=NO

anon_upload_enable=NO

anon_mkdir_write_enable=NO



#CHROOT

#------

allow_writeable_chroot=YES

chroot_list_enable=YES

virtual_use_local_privs=YES

chroot_local_user=YES

chroot_list_file=/etc/vsftpd/vsftpd.chroot



#VIRTUAL

#------

guest_enable=YES

guest_username=virtual

user_config_dir=/etc/vsftpd/user_conf

anon_upload_enable=YES

My /etc/pam.d/ftp file:

Code:

auth    sufficient      /lib/security/pam_unix.so

account sufficient      /lib/security/pam_unix.so



auth    sufficient      /lib/security/pam_userdb.so db=/etc/vsftpd/virtual_users

account sufficient      /lib/security/pam_userdb.so db=/etc/vsftpd/virtual_users

A typical file in /etc/vsftpd/user_conf (/etc/vsftpd/user_conf/queen here):

Code:

local_root=/var/www/virtual/queen

Any ideas? I would greatly appreciate any help!

Thanks a lot!

:)