vsFTPd question(s)

username17 · 05-18-2005, 12:54 PM

Hello,
I recently setup a slackware 10.1 box to be a ftp server among other things.

I have added two accounts "ftp-ro" and "ftp-rw". My intention is to set these up for ftp access, the rw account having read/write permissions and the ro having read only.
Both of those accounts have /usr/bin/false as the shell, so you cannot login as them to gain access to the shell.
Both accounts are a member of the "users" groups.

The permissions on /ftp are drwxr--r-- ftp-rw users, this sets full permissions to the user "ftp-rw" and read only to the group "users" and to other.

My /etc/vsftpd.conf file chroots each account (ftp-rw and ftp-ro), I edited /etc/passwd and set the home directory for each account to /ftp.
This allowed each account to be jailed into /ftp.

With my permissions, I can login as "ftp-rw" and read/write files.
I looked at the permissions of the file that I uploaded, it has the same permissions of /ftp, so that is good.

When I try to login as "ftp-ro" it says an error, "cannot change directory into /ftp".
To the extent of my knowledge, my file permissions and vsftpd.conf is correct.
I'm running vsFTPd 2.0.1 on Slackware 10.1 with Kernel 2.4.29 (all stock).

I'm learning a lot with UNIX file permissions but it seems like I don't have a full grasp on it.
What permissions are required for a user to cd into the directory, read only, correct?
If my settings are right, then any idea what might cause the issue?
Thanks in advance,
-Jason

PS: Here's the key settings in my /etc/vsftpd.conf

Code:

local_enable=YES
write_enable=YES
userlist_enable=YES
#this file contains "ftp-ro" and "ftp-rw" as a list of valid ftp users
userlist_file=/etc/vsftp.user_list 
userlist_deny=NO
chroot_list_enable=YES
# this file is empty, since it's a list of users NOT to chroot
chroot_list_file=/etc/vsftp.chroot_list

username17 · 05-18-2005, 03:18 PM

Just a shameless bump because of the activity of the forum.
Any suggestions/ideas are appreciated, thanks.

username17 · 05-18-2005, 08:21 PM

Anyone have any ideas?
I apologize for the bump but this keeps moving onto other pages in the list.

KimVette · 05-18-2005, 08:32 PM

Actually, the chances of your getting a useful reply today are slimmer than Saddam Hussein walking free. Why? Because when you signed up for an account here you agreed not to bump a thread until a minimum of 24 hours has passed since the previous post - and most users here ignore squeaky wheels who insist on "me first, me first" whining.

username17 · 05-19-2005, 02:13 AM

Ahh...

See I did look but it seems that I did not look well enough about the policies.
I apologize, I do not mean to be a squeaky wheel, I'm used to forums that have dead posts on page 2.
That's just an excuse, but that's my reasoning. I wasn't 100% sure if I should bump, I should've taken that is a no.

Thanks for informing me,
-Jason

EDIT: I see that I did not completely read the "Read this first" in Linux - General, now I know.
Thanks for your patience.

username17 · 05-19-2005, 11:31 PM

Hello again,

This NOT a bump, but rather a "what I did to fix the problem".

My whole issue was the user not being able to cd into the dir which he only had read access to.
For directories, you need +x to CD into it.
I set /ftp to drwxr-xr-x ftp-rw users, works great now!

(Credit goes to NeoSadist of ##slackware on irc.freenode.net for pointing this out)
Thanks again for your patience and I hope this helps someone else!
-Jason