VSFTPD Configuration Help

dsheller · 07-17-2004, 12:09 AM

Alright well I fixed that, MTU problem =/

Anyway, after hour its on i see this in the out put of "netstat -a | grep ftp"

tcp 0 0 192.168.123.101:ftp user-10lfbu1.cable:3653 FIN_WAIT2

Should this be something I am to be concerned of? I haven't given a UN/PASS to anyone yet... =/

padonker · 07-17-2004, 04:59 AM

Looks like you have a guest

You DID turn off anonymous access, right?

dsheller · 07-17-2004, 11:26 AM

Yea anonymous access is off. I have the router before it gets to the box setting up the box as DMZ, but shouldnt the linux firewall deny everything but 20 and 21?

padonker · 07-17-2004, 06:16 PM

if the only thing behind your firewall is ftp then 20 and 21 is the only ports you need to have opened

alexr186 · 07-17-2004, 10:24 PM

i just setup vsftpd myself today, but it looks like u guys have it undercontrol. Yes i need port 20 and 21 open on my firewall and forwarded.

I don't know if this could but u could have one user that it's home dir is the music file.

padonker · 07-18-2004, 05:28 AM

Quote:

I don't know if this could but u could have one user that it's home dir is the music file.

sorry, but I dont understand your question. Or is it a remark?

mjenkins · 07-23-2004, 11:56 AM

mybox# mount --bind /var/ftp/music /home/userA/music

this is a dangerous way to do this because all users have the capability
to delete files from your /var/ftp/music folder.

mount --bind can only be issued by root so the folder is not ro, it has full access...

i am searching for a way to do this also.

i think that this effect has been submitted and is actually considered a bug in the current
kernel?

i wish there was a way to enable symlinks but still use the user jail or do a
mybox# mount --bind -ro /var/ftp/music /home/userA/music

but when you issue this command i get:
mount: can't find /home/userA/music in /etc/fstab or /etc/mtab

gd2shoe · 08-10-2004, 12:25 PM

Pardon my lack of understanding (still new), could you do a hard link as appossed to mount --bind ? I believe this should work so long as they're on the same file system (lack of experience here). On the other hand, if they are on different filesystems, you could have the true music dirrectory located at /home/music, do hard links to it, and mount that on top of /var/ftp/music or whatever.

Besides, why are you saying that mounting into the users home dirrectory means you cannot restrict read/write access. Couldn't you have a folder inside their dirrectory that they don't own or have full access to?

Once again, I've bassed this on how I belive the system is set up, not necisarily upon truth. If you tear my post to shreads, then I'll just be happy to have learned better

toejam · 10-13-2004, 01:11 PM

hopefully this will help you dsheller although I would imagine by now you've found a solution.

http://www.linuxquestions.org/questi...ghlight=vsftpd

I too would like to get this properly setup on my server.

mdm102 · 03-01-2006, 10:48 AM

Quote:

Originally Posted by mjenkins

mybox#
i wish there was a way to enable symlinks but still use the user jail or do a
mybox# mount --bind -ro /var/ftp/music /home/userA/music

but when you issue this command i get:
mount: can't find /home/userA/music in /etc/fstab or /etc/mtab

try so.. it completely works!

mount --bind -r /var/ftp/music /home/userA/music

mjenkins · 03-01-2006, 12:52 PM

Quote:

Originally Posted by mdm102

try so.. it completely works!

mount --bind -r /var/ftp/music /home/userA/music

thanks! that worked great!

gattler · 11-06-2010, 11:06 PM

I sorry to revive this thread but I looked for an answer and found this thread. I think it's important to note that you can jail root a user to a specific directory with vsftp's directive local_root.

Code:

local_root=/var/www/html/websiteName

I wrote about this here.