If you set chroot_local_user=YES in vsftpd.conf, the directory vsftpd puts him in when he connects will be his standard local login home directory. Since that directory is writable by the user, the connection will fail because vsftp does not allow the root of the chroot jail to be writable by the user. That is why you get the "500 OOPS: vsftpd: refusing to run with writable root inside chroot ()" error message.
The solution is to make the root of his chroot jail something other than his normal login directory. You use the local_root directive to do that. For example, if user1 has a home directory at /home/user1, then if you could tell vsftpd to make /home his local root provided he does not have write access to /home. He'd have to change directory into his home directory after connecting.
You could also set up an entirely different directory structure separate from the user's normal login directory, and bind mount his normal home directory on a writable subdirectory of his chrooted local root.
For example, you could create a /home/ftpuser/<username> directory for each user. For user1, create /home/ftpuser/user1. In vsftpd for user1, set local_root=/home/ftpuser/user1. Grant user1 read and execute access, but not write access, to /home/ftpuser/user1 to satisfy the vsftpd local root restriction. Create a directory under /home/ftpuser/user1 called home (i.e., /home/ftpuser/user1/home), and set permissions to 700 to make it writable by user1. Then bind mount the user's normal login home directory on this one.
vsftpd.conf would need to include something like the following:
The effect of the above is that only users listed in the userlist_file can login, all users are chrooted except for those listed as exceptions in the chroot_list_file, and the chroot home for each user is specified in the user's config file under the user_config_dir directory.
/etc/vsftpd/vsftpd.user_list is a list of all the ftp users allowed to login.
# cat /etc/vsftpd/vsftpd.user_list
Directory listing of /etc/vsftpd/vsftpd_user_conf shows the config file for each allowed user.
# ls -l vsftpd_user_conf
-rw-r--r-- 1 root root 29 Dec 5 11:20 user1
-rw-r--r-- 1 root root 24 Dec 5 11:07 user2
-rw-r--r-- 1 root root 27 Dec 4 23:32 user3
The contents of /etc/vsftpd/vsftpd_user_conf/user1, user2, user3 files show the chroot home directory for each.
# cat vsftpd_user_conf/user1
# cat vsftpd_user_conf/user2
# cat vsftpd_user_conf/user3
These commands mount the normal login /home/<username> directory on top of the "home" subdirectory under the user's ftp local root.
mount --bind /home/user1 /home/ftpuser/user1/home
mount --bind /home/user2 /home/ftpuser/user2/home
mount --bind /home/user3 /home/ftpuser/user3/home
Or you could put it in /etc/fstab:
/home/user1 /home/ftpuser/user1/home none defaults,bind 0 0
/home/user2 /home/ftpuser/user2/home none defaults,bind 0 0
/home/user3 /home/ftpuser/user3/home none defaults,bind 0 0
Now when user1 connects via ftp, his local root will be /home/ftpuser/user1. It is non-writable for him. There will be a home subdirectory that he can cd into, and that will have his normal login home directory bind mounted on it.
I hope that is helpful.