LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 10-14-2009, 03:52 PM   #1
bmccarty12
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Rep: Reputation: 1
ftp access to /var/www/html


Setup I am trying to accomplish:
We want to run a website that will be stored in /var/www/html. We have 1 account (webadmin) that needs to be able to use FTP to upload files to that directory. Currently that account is getting a permissions error.

In the vsftpd.conf I have the following:
# Uncomment this to allow local users to log in.
local_enable=YES
# lock down users to their home directories
chroot_local_user=YES

Also the home directory of webadmin is set to
[root@server vsftpd]# ~webadmin
-bash: /var/www/html: is a directory

The rights in this directory are:
[root@server vsftpd]# ls -alZ /var/www/html
drwxrwxr-x webadmin webadmin system_ubject_r:httpd_sys_content_t .
drwxr-xr-x root root system_ubject_r:httpd_sys_content_t ..
-rw------- webadmin webadmin system_ubject_r:httpd_sys_content_t .bash_history
-rwxr-Sr-x root root system_ubject_r:httpd_sys_content_t index.html
-rw------- webadmin webadmin system_ubject_r:httpd_sys_content_t .viminfo



Any thoughts on what I am doing incorrectly ? Another bit of info is that a second user gets the same permission error going to a different directory. This one has a home directory set to /home/user1.

Thanks,
Bill
 
Old 10-15-2009, 03:00 AM   #2
Forrest Coredump
Member
 
Registered: Oct 2009
Location: Southwestern United States
Distribution: Redhat Enterprise Linux 4-5 (Current RHCE), Fedora Core 11 (FC11), Arch Linux, BT3 (Current GCIH)
Posts: 42

Rep: Reputation: 16
You would need to add the appropriate selinux context to the directory you wish your user to have access to via vsftp, however; the directory can only have on context (httpd is already applied, and for good reason)- thus the only way I can see to accomplish this is via a boolean. I haven't tested, but seeing as you already set ~webman to /var/www/html, then the following may help.

getsebool -a|grep ftp
setsebool -P ftp_home_dir on

You'll probably need to set this as well
setsebool -P httpd_enable_homedirs on

Of course you could disable selinux, but I don't recommend that approach.
 
Old 10-16-2009, 12:21 PM   #3
bmccarty12
LQ Newbie
 
Registered: Oct 2009
Posts: 2

Original Poster
Rep: Reputation: 1
Thanks for the help. Here is the output from the commands you suggested. The webadmin account still has no access after these changes. But do these messages indicate that I have set this account up incorrectly ?



[root@server ~]# setsebool -P httpd_enable_homedirs on
webadmin homedir /var/www/html or its parent directory conflicts with a
defined context in /etc/selinux/targeted/contexts/files/file_contexts,
/usr/sbin/genhomedircon will not create a new context. This usually indicates an incorrectly defined system account. If it is a system account please make sure its login shell is /sbin/nologin.



[root@server ~]# setsebool -P ftp_home_dir on
webadmin homedir /var/www/html or its parent directory conflicts with a
defined context in /etc/selinux/targeted/contexts/files/file_contexts,
/usr/sbin/genhomedircon will not create a new context. This usually indicates an incorrectly defined system account. If it is a system account please make sure its login shell is /sbin/nologin.


[root@server ~]# getsebool -a| grep ftp
allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
allow_tftp_anon_write --> off
ftp_home_dir --> on
ftpd_disable_trans --> off
ftpd_is_daemon --> on
httpd_enable_ftp_server --> off
tftpd_disable_trans --> off
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP access to /var/www/html/web_folder jonaskellens Linux - Server 2 07-11-2009 08:23 AM
FTP client can't access files in /var/www/html (Apache ) dshap Linux - Newbie 8 06-03-2009 12:12 PM
Symbolic Link For FTP Access To /var/www/html ERRRRRRRRRRRR! JustinK101 Linux - Software 3 01-31-2007 11:32 AM
How do I give access to an ftp user to the var/www/html dir shootinstr8 Linux - Newbie 1 10-13-2006 03:32 AM
how to setup ftp user's diretory as /var/www/html lzyking Linux - Software 4 02-25-2003 12:58 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 12:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration