vsftpd very very secure, so secure i can't use it...

baronsam · 10-05-2003, 04:10 PM

I've been trying to set up vsftpd all day, and I'm calling out for help because the more i've done the worse it's been getting !

it started out fine, I tried to change the configuration so that I could chroot a user to a directory, and now vsftpd won't even run, I get "you must enable xinetd to use this service"

xinetd is running fine, and I believe all the rest of the configuration is as it should,
so i'm at my wit's end,

i've looked at the relevant posts here but i don't think i missed anything

any help would be greatly appreciated

all best,

--sam

redhat 9

david_ross · 10-05-2003, 04:19 PM

Welcome to LQ.

Are you trying to run vsftpd as stand alone or from xinetd?

Can you post vsftpd.conf

baronsam · 10-05-2003, 04:52 PM

thanks for answering, it's very kind because i'm really going crazy here..

it's /etc/vsftpd/vsftpd.conf
not directly etc/vsftpd.conf
and i don't know how to change that

# Access rights
anonymous_enable=YES
local_enable=NO
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=YES
connect_from_port_20=YES
hide_ids=YES
pasv_min_port=50000
pasv_max_port=60000
# Features
xferlog_enable=YES
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
# Performance
one_process_model=YES
idle_session_timeout=120
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
anon_max_rate=50000

this isn't at all what I want, but i read so many posts around here saying that changes made problems that i just loaded a plain one.
what i really want is a plain one with comments without anonymous and with chroot.

i'm running vsftpd from xinetd (or not, actually with the error i get, but at least i'd like to)

all best,

--sam

david_ross · 10-06-2003, 12:32 PM

Try this config file

Code:

#
# Allow anonymous FTP?
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=600
# Keep local users in their home dirs
chroot_local_user=yes
pam_service_name=vsftpd
#enable for standalone mode
#listen=YES
#tcp_wrappers=YES

I tend to use standalone mode but I think for xinetd the config file must be in /etc/

baronsam · 10-06-2003, 06:12 PM

thanks for your help, i solved the problem

i used standalone mode and my problems went away.

all best,

--sam