LinuxQuestions.org - [SOLVED] chroot virtual users in vsftpd

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - chroot virtual users in vsftpd (https://www.linuxquestions.org/questions/linux-server-73/chroot-virtual-users-in-vsftpd-929195/)

chroot virtual users in vsftpd

HI
problem: i cannot chroot virtual users in vsftpd
i have checked many links but steel not working
her's the config

Code:

guest_enable=YES

virtual_use_local_privs=YES

local_max_rate=1024000

pam_service_name=vsftpd

user_sub_token=$USER

local_enable=yes

local_root=/var/www/ftp/$USER

guest_username=virtualftp

chroot_local_user=YES

it's apear at the / directory and not chrooted.

i tryed diffrent tye of config like this but not working right

Code:

guest_enable=YES

virtual_use_local_privs=YES

local_max_rate=1024000

pam_service_name=vsftpd

#user_sub_token=$USER

local_enable=yes

#local_root=/var/www/ftp/$USER

guest_username=virtualftp

#chroot_local_user=YES

user_config_dir=/etc/vsftpd

etc/vsftpd/virtualftp :

Code:

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

user_sub_token=$USER

guest_username=virtualftp

check the syntax used in vsftpd.conf

Code:

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list

Code:

user_config_dir=/etc/vsftpd_user_conf

Code:

#vi /etc/vsftpd/chroot_list

virtualftp

#mkdir /etc/vsftpd_user_conf

Code:

#vi /etc/vsftpd_user_conf/virtualftp

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

now make virtualftp user log in and check

thanks for replying.
still not working . its just chroot to virtualftp's home directory(/home/virtualftp) and not to user's home directory(/var/www/ftp/USER-NAME) and it's able to change directory to every where.

here's the config

Code:

uest_enable=YES

virtual_use_local_privs=YES

local_max_rate=1024000

pam_service_name=vsftpd

local_enable=yes

guest_username=virtualftp

chroot_local_user=NO

user_config_dir=/etc/vsftpd

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list

/etc/vsftpd/virtualftp

Code:

root@debian:/etc/vsftpd# cat  virtualftp 

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

user_sub_token=$USER

Suppose you want to chroot user1 in his home directory

Code:

#vi vsftpd.conf



user_config_dir=/etc/vsftpd_user_conf

anonymous_enable=NO

chroot_list_enable=YES

Code:

#mkdir /etc/vsftpd_user_conf



#vi /etc/vsftpd_user_conf/user1

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

thanks for reply . its steel not working . i put all the configs. lili is a virtual user and virtualftp is a local user.
its not chrooted and it appear in / directory . it cant goto any directory except var/www/ftp/lili .

/etc/vsftpd.conf

Code:

guest_enable=YES

virtual_use_local_privs=YES

local_max_rate=1024000

pam_service_name=vsftpd

#user_sub_token=$USER

#local_enable=yes

#local_root=/var/www/ftp/$USER

guest_username=virtualftp

chroot_local_user=NO

user_config_dir=/etc/vsftpd

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list

/etc/vsftpd/chroot_list

Code:

virtualftp

lili

/etc/vsftpd/lili

Code:

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

user_sub_token=$USER

I don't think you read my post correctly :o

Code:

user_config_dir=/etc/vsftpd_user_conf

i changed vsftpd directory to vsftpd_chroot_con
but nothing changed .
all configs are same as before just
user_config_dir=/etc/vsftpd
changed to
user_config_dir=/etc/vsftpd_user_conf
and lili moved to user_config_dir=/etc/vsftpd_user_conf from /etc/vsftpd

that's weird according to the config file

virtualftp user should log in to the localroot directory i.e.

/var/www/ftp/

Code:

local_root=/var/www/ftp/

and should be chroot there as I did the same in my test machine and everything is working fine

thank you a lot . it's finally working.

marked as solved.

fore next person reach this thread. here is my configuration.
virtualftp is a local user and lili and sisi are virtual user.

fore adding new user to /etc/vsftpd/passwd you should use " htpasswd " command.

Code:



cat /etc/vsftpd.conf

guest_enable=YES

virtual_use_local_privs=YES

local_max_rate=1024000

pam_service_name=vsftpd

user_sub_token=$USER

#local_enable=yes

local_root=/var/www/ftp/$USER

guest_username=virtualftp

chroot_local_user=NO

user_config_dir=/etc/vsftpd_user_conf

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/chroot_list

------------------------------------------------------

root@debian:~# cat /etc/vsftpd_user_conf/lili

write_enable=YES

chroot_local_user=YES

local_root=/var/www/ftp/$USER

user_sub_token=$USER

root@debian:~# 

--------------------------------------------------------

root@debian:~# cat /etc/pam.d/vsftpd 

# Standard behaviour for ftpd(8).

#auth    required    

#pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed



# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.



# Standard pam includes

#@include common-account

#@include common-session

#@include common-auth

#auth    required    pam_shells.so



# Login using a htpasswd file

auth    required pam_pwdfile.so pwdfile /etc/vsftpd/passwd

account required pam_permit.so

----------------------------------------------------------

root@debian:/etc# cat  vsftpd/chroot_list 

virtualftp

lili

----------------------------------------------------------

root@debian:/etc# cat  /etc/vsftpd/passwd 

sisi:so1xO1RfrmgMo

lili:kxHHyX.xt3POU