I've searched Google and trawled threads for a couple days now and followed probably 10 different tutorials, none of which seem to work... I haven't been able to find anything that seems to fit my use case anyway.

Here's the issue.

I am trying to set up an in-house development environment for Drupal 7. I have to use Redhat 5. I was able to get MySQL working and Drupal 7 installed and all that (in /var/www/html --> might change that, would love recommendations).

Now, I'm trying to get an FTP server working so the other members of my team can access the site. VSFTPD seems the logical choice but I've not been able to get it to work right.

Here's the requirements:
1. Single FTP user - don't need each user to use a separate login.
2. User must have full control over the files, be able to create directories, upload/download files, change files, etc.
3. User should see their home directory as / -- so not /home/user or whatever.
4. Anon user should be disabled.

At this point, I have a fresh vanilla install of vsftpd.

I'm not a total linux noob, but for some reason I'm completely unable to make this work so I feel like one about now...

Thanks!

If you want, you could use my guide

good luck.

Interestingly, that was one of the pages I found and tried to follow without any luck... I followed the steps exactly, but in the end I was unable to authenticate any of the users I created. I *think* vsftpd started though. I figured there must have been some small difference with CentOS that caused it to fail.

I'd love to try again though if you'd be willing to help me troubleshoot since frankly managing with MySQL would be vastly preferable to local users anyway for a number of administrative and security reasons.

I tried again after removing the database and reinstalling vsftpd fresh. I went through the whole process and the only thing that seemed to be wrong was the following. I downloaded a RH5 build of pam_mysql from pbone, no problem. I installed it, seemingly no problem. But when I checked the ls, it's not there (bold and red below).


[mlangford@us-pghwwwstg1 ~]$ wget ftp://ftp.pbone.net/mirror/download....5.2.x86_64.rpm
--2011-08-17 11:15:24-- ftp://ftp.pbone.net/mirror/download....5.2.x86_64.rpm
=> `pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm'
Resolving ftp.pbone.net... 85.14.85.4
Connecting to ftp.pbone.net|85.14.85.4|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD /mirror/download.fedora.redhat.com/pub/fedora/epel/5/x86_64 ... done.
==> SIZE pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm ... 39533
==> PASV ... done. ==> RETR pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm ... done.
Length: 39533 (39K)

100%[==================================================================================================== =========================>] 39,533 68.3K/s in 0.6s

2011-08-17 11:15:27 (68.3 KB/s) - `pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm' saved [39533]

[mlangford@us-pghwwwstg1 ~]$ rpm -Uvh pam_mysql-0.7-0.5.rc1.el5.kb.2.i386.rpm
[mlangford@us-pghwwwstg1 ~]$ pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm
[mlangford@us-pghwwwstg1 ~]$ rpm -Uvh pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm
error: can't create transaction lock on /var/lib/rpm/__db.000
[mlangford@us-pghwwwstg1 ~]$ sudo rpm -Uvh /home/mlangford/pam_mysql-0.7-0.4.rc1.el5.2.x86_64.rpm
Preparing... ########################################### [100%]
1:pam_mysql ########################################### [100%]
[mlangford@us-pghwwwstg1 ~]$ sudo ls -al /lib/security/pam_m*
-rwxr-xr-x 1 root root 10240 Oct 21 2010 /lib/security/pam_mail.so
-rwxr-xr-x 1 root root 15880 Oct 21 2010 /lib/security/pam_mkhomedir.so
-rwxr-xr-x 1 root root 3892 Oct 21 2010 /lib/security/pam_motd.so


As a result, when I try to connect via FTP (using FileZilla):
Response: 220 (vsFTPd 2.0.5)
Command: USER drupal
Response: 331 Please specify the password.
Command: PASS *******
Response: 530 Login incorrect.
Error: Critical error
Error: Could not connect to server

Found it - this is a 64-bit machine, so.. duh.

[mlangford@us-pghwwwstg1 /]$ sudo ls -al /lib64/security/pam_m*
-rwxr-xr-x 1 root root 11120 Oct 21 2010 /lib64/security/pam_mail.so
-rwxr-xr-x 1 root root 17208 Oct 21 2010 /lib64/security/pam_mkhomedir.so
-rwxr-xr-x 1 root root 5024 Oct 21 2010 /lib64/security/pam_motd.so
-rwxr-xr-x 1 root root 41600 Jan 23 2008 /lib64/security/pam_mysql.so

So, it's installed and not working... any ideas?

Is there a reason you can't customize the one available in the yum repository?

Do any customization from that point, could be a lot easier.

Didn't realize there was a yum-able drupal version (what version is it anyway? it just says drupal.noarch without indication of the drupal version itself) but anyway we're using the Acquia Drupal 7 distribution. This issue isn't Drupal, I have that up and running fine, the issue is FTP. I need them to have FTP access to the site so they can upload and download files, pretty straight forward I think.

Once I get FTP going correctly, I'll reinstall Drupal in this home directory instead of /var/www/html -- Apache isn't my problem, MySQL isn't the issue and Drupal isn't the issue: it's vsftpd that giving me problems.

thanks!

EDIT: ignore the version question -- I listed drupal not drupal7. duh me. Still, that won't suffice since as I said, it's FTP I'm having a problem with not Drupal.

Another clarification: I can log into mysql as vsftpd and select the users table, so that's not the issue.

I think the issue must be in the PAM stuff... should I try installing the i386 version too?

ok. I installed the i386 version too -- had to also install libmysqlclient.so.15 as a dependency but that's simple enough:


$ sudo ls -al /lib/security/pam_m*
-rwxr-xr-x 1 root root 10240 Oct 21 2010 /lib/security/pam_mail.so
-rwxr-xr-x 1 root root 15880 Oct 21 2010 /lib/security/pam_mkhomedir.so
-rwxr-xr-x 1 root root 3892 Oct 21 2010 /lib/security/pam_motd.so
-rwxr-xr-x 1 root root 36920 Jan 23 2008 /lib/security/pam_mysql.so

$ sudo ls -al /lib64/security/pam_m*
-rwxr-xr-x 1 root root 11120 Oct 21 2010 /lib64/security/pam_mail.so
-rwxr-xr-x 1 root root 17208 Oct 21 2010 /lib64/security/pam_mkhomedir.so
-rwxr-xr-x 1 root root 5024 Oct 21 2010 /lib64/security/pam_motd.so
-rwxr-xr-x 1 root root 41600 Jan 23 2008 /lib64/security/pam_mysql.so


So. at this point, I've followed the guide to a T... Any suggestions?

just a step to check - the file /etc/pam.d/vsftpd contents:
were giving me a whole lot of trouble until properly configured.

There could be other things in this pam.d/vsftpd, like:
host=localhost could be 127.0.0.1 at your server (maybe MySQL doesn't allow localhost connections)
db=vsftpd <- the name of your database with usernames/pw stored in mysql - you could have "vsftpdusers" or something else


And with "user's" homedirs:
For example if the user name is "user1" then the homedir is '/home/vsftpd/user1' ,
but unfortunately vsftpd doesn't create that directory automatically if it doesn't exist.
Therefore create it manually now and make it owned by the vsftpd user and group 'users'

in your case I see:
and I assume you have made appropriate steps:
- create user's homedir ? (like "/var/www/drupalsite" which I assume you want to have access, because of the website for users to access it ) and give the right permissions (chmod 755, chown vsftpd.users )
- make vsftpd PER USER configuration file for user 'drupal' with it's homedir:
I hope it will get you successfully to login.

The mysql server is on the same machine and is configured to allow only vsftpd@localhost the database and table names are set as outlined in the guide.

I did use the per user configuration, but I set the homedir to /home/users/drupal rather than /var/www/drupal. I did NOT create a local user called drupal though, it's my understanding that with this setup, local users are not necessary, but rather FTP user logins are virutal only and therefore only present in the mySQL database.


From the vsftpd.conf:


Ok, I changed localhost to 127.0.0.1 in the pam file:

So, I made sure of the following:

That gives me this (from users director):
(note, I tried to chmod to 777 without any change in the result)

So, I'm getting logged in now, but can't change directories...

Correct! Only is necessary.

but I think (I'm not sure) that vsftpd (service) cannot chdir to /home/users/drupal because of directory privileges (try /home/users with 755 maybe), I can only think of /home/users (and all subdirs) is not available to vsftpd user.

What If you try "su vsftpd" and then "chdir /home/users/drupal", what is the result? Please try this to establish the right permissions, then it should work ok (and maybe restart vsftpd sometimes :-).

You're certainly on the right way to make it work.

I'm just guessing: maybe you have "selinux" enabled ?

Er. my last post didn't actually post.

So, I got it to work. It was, in fact, the selinux thing. I found some other pages about FTP being disallowed on home directories and whatever, although none of them actually help to fix the problem. So, I changed the virtual user's home directory to /var/www/html and chmod 775 -R (the only way I was able to make it work) and it worked!! I've already set up my team with individual logins and it all works great.

That was earlier this morning, like maybe 11ish Eastern. It's 3pm eastern now, and I just got off the phone with an IT guy who noticed I'd brought up an FTP server. Even though this is an internal-only server, that's still a big no-no so I have to remove it... GAAAAAAH!!!!!!!!!

The plus side is, now, IT said they'd help me out and will configure SFTP (which is what IT requires) on it so I'll still be able to do what I need on it... oh well.

Thanks for your help though, at least I now know how to do it!

Thank you for your reply.

It might be maybe possible you keep it if you change the port FTP uses (Listen...) to some well known ports like 22 (SSH) or maybe 443 (https) or just some other random port to make it not so obvious?

Nice to see it worked, so this could be marked as Solved ?

Actually, vsftpd can support TLS, so it can be made secure ...