Hi all,
just thought i would throw this out there as a google search doesnt even come back with what i need.
I have setup proftp with a mysql auth on a debian box.
When i save files or try to modify them i get an error. Ie i dont have permission.
When i look at the permissions for the files, it has a 2001 user permission and a ftpgroup as the group permission.

I want it to be ftpuser and ftpgroup with readable and writable permissions for the user and group.
Would anyone know why this is happening and what i have done wrong please?
This is my second proftp box and i basiclly copied the config files over from the old box.
I can post config files etc if needed.

DJ

Basically...

FIRST...
the GID...set whatever group ID...is marked. In other words, that first number...from left...in '2001' means that the ftpgroup runs it, because if ftpgroup is considered the 'owner' of the file, then that's who gets it. (the '2' in '2001'...: 2001 )

SECOND...
the second and third numbers...from left...in '2001' mean that NEITHER OWNER NOR GROUP HAVE ANY PERMISSIONS AT ALL on the file. The second and third refer to the owner...actual or whatever...and the group members, respectively. (the '00' in '2001'...: 2001 )

THIRD...
the fourth number...from left...in '2001' means that others have execute or search permission for files or directories, respectively. (the '1' in '2001'...: 2001 )
(...refer to the FreeBSD web page, look up the man page for 'chmod')

RECOMMENDATION...
Uncertain. I would...as root command...chown or chmod or whatever, if necessary. I honestly do not know what to say. Also, please read the man pages dealing with permissions, because I may be in error. I hope this helps

Thanks heaps, that makes things make clearer,
In my proftd.conf file i have
Umask 022 022
I am assuming that what is going on is probably dependent on this line.
I understand what you are saying but have no idea on how to modify/fix it so that it works the way i want.
I run a personal website of this box and wish to be able to modify using ftp remotely without having to ssh into the box each time to chmod and chown things all the time.

Any more thoughts?
Thanks heaps though, what u have said makes the problem a bit more clearer for me, hope im not sounding like too much of an idiot, permissions is one thing i have always struggled with in linux and i (unfortunately) do most of my work in windows as thats what customers want.

hi,

the umask value of a ftp user can be changed in vsftpd.conf file by enabling the line

local_umask=022.

Are you sure the permissions are 2001 (------S--x) and not 200 (--w-------)?

Are you using anonymous FTP or non-anonymous - from what you have said, I would guess that you are using virtual users (you mentioned mysql auth)?

The permission of 200 are what you would expect to see if you were using anonymous FTP uploads. The files are set so that they can be overwritten but nothing else. The purpose of this is to allow people to upload files to your computer without a password, by giving them write-only permissions to the files they create. This prevents people from uploading files and then serving them from your computer. Typically (ISTR) the default configuration for an FTP server would be to allow anonymous downloads and anonymous uploads (if the relevant directory exists). It could be that there is a configuration directive leftover from this default config.

The title of the thread is 'Proftpd funny permissions'

Should that be 'Umask 022' ?

No, it definitely has 022 twice.
Could this be a part of my problem?

This is the full details of a file i have uploaded using ftp.
See attached picture.
Weird, isnt it.
And no, its not setup for anon usage, its setup so that each user has there own directory (which is common) but the auth is done using a mysql table for quota limits.

Attached Thumbnails

 

I thought it might be, because I couldn't quite understand syntax for proftpd's umask directive. However, all that it appears that proftpd will use the first umask for files and the second for directories - if only one is supplied it uses the first for both. So the second umask of 022 is redundant, but it won't cause any problems.

The picture makes everything much clearer, the permissions of the file are 0644 - which is fine and what you would expect. 2001 relates to user who owns file. Ownership and permissions are two separate things, though looking back at your post, it should have been obvious that you had ownership and permissions confused (it certainly is with hindsight).

Looking at your screen shot, the file is owned by the user 2001 and the group ftpgroup. 2001 is not a user name, but a user id (or uid). Normally the uid of a file is used to lookup the user name from '/etc/passwd' and then more friendly user name is shown (the same is done for group names using '/etc/group') - unless you specifically request numeric values (e.g. using 'ls -n').

The only reason why you would be seeing 2001 is that the files uid is 2001 and there is no user 2001 in your '/etc/passwd'. The fact that you are using a MySQL database for the authentication, is key here, as you will be using virtual users*. In this case, the mysql database is used for matching the username give to proftpd to a uid. So you will need to go into your mysql database and find all virtual users who have a uid of 2001 and replace that value with the uid of the ftpuser in you '/etc/passwd' - alternatively, if you don't already have a user called 'ftpuser' in your /etc/passwd, you could create one and give it the uid 2001.

* virtual users means that your ftp server is not using the system wide user and group information in '/etc/passwd', '/etc/shadow' and '/etc/group' - rather it is using the information from you MySQL database.

1 members found this post helpful.

Thank you, i now have a clear understanding of where i went wrong, thanks heaps. Will let u know how i fixed it.

I changed the user id using webmin from ftpuser being 3001 to being 2001.
I then uploaded another file to test and it had the proper username.

Please let me know if what i have done is wrong.
I really dont want to stuff this up.

DJ