vsftp, yes again
I can't figure out what is going on with my VSFTP. I have searched and searched and only found that I have to add "chroot_local_users=YES" I have done this and I have tried the other method of adding users to the chroot list. Neither of them has worked. Any help will be appreicated.
|
have you restarted vsftp?
|
Hi Funny Enough I have the same problem.
I downloaded the VSFTPD1.2.1 and compiled it following the INSTALL documents on RH8. I have created a vsftpd config file and enbled chroot. I have tested the anonymous ftp and other part and all is ok, the only thing that does not seam to work the chroot jail. Also I should mention that its running from xinetd. Included is the config file, any help would be really appreciated. ############################################################### # Anonymous FTP Control. ###################################### ############################################################### # Anonymous control # Enable / Disable Anonymous FTP anonymous_enable=YES # This is the name of the user we use for handling anonymous FTP ftp_username=ftp # All Anonmyous Logins Are treated as Guests guest_enable=YES # Guest Username guest_username=ftp # User Control # anonymous user will log straight in no password required no_anon_password=NO # File Access # Anonymous Files to Be owned by username chown_username=ftp # Set Anonymous File uploads to be owned by username chown_uploads=YES # Upload files - providing write permissions on upload dir anon_upload_enable=NO # create Directories anon_mkdir_write_enable=NO # write operations, such as rename and delete anon_other_write_enable=NO # Only allowed to download files which are world readable anon_world_readable_only=NO # Enable /disabled ascii upload / downloads ascii_download_enable=YES ascii_upload_enable=NO # list of anonymous password mail responses which cause login to be denied deny_email_enable=NO banned_email_file=/etc/vsftpd/banned_emails # Set to YES if you want only a specified list of email passwords secure_email_list_enable=YES ############################################################### # Process Control. ############################################ ############################################################### # Overriden by Below. ftpd_banner="Authorised Access ONLY !" # Banner Message banner_file=/etc/issue # Run in background background=NO # Only ill advised FTP clients will use this feature. async_abor_enable=NO # Secure Choot dir. secure_chroot_dir=/usr/share/empty # Non Priv user used by ftpd nopriv_user=ftp # Set vfstpd status in process list setproctitle_enable=YES # Internal Settings. use_sendfile=YES # Use local time to display time in FTP dir listing. use_localtime=NO # Use TCP wrapper Support. tcp_wrappers=NO # System Session Logging. session_support=YES ############################################################### # Logging Control. ############################################ ############################################################### # Write to Xferlog Log. xferlog_enable=YES # wuftp style logging. xferlog_std_format=YES # Write to Syslog syslog_enable=NO # Log FTP protocol - debug. log_ftp_protocol=NO # Log to Both Files dual_log_enable=YES vsftpd_log_file=/var/log/vsftpd.log xferlog_file=/var/log/xferlog ############################################################### # Connection Control. ######################################### ############################################################### # Timeouts # timeout in seconds for client response. connect_timeout=60 # Max data connection timeout (stalled). data_connection_timeout=300 idle_session_timeout=120 # Data Transfer size. trans_chunk_size=8192 # PASV # Pasv connection pasv_enable=YES # Disable Pasv security checks. pasv_promiscuous=NO # Timeout for PASV connection. accept_timeout=60 # PASV Port Max pasv_max_port=2028 # PASV Port Min pasv_min_port=2021 # PORT connection # Disable PORT data method. port_enable=NO # PASV security checks. port_promiscuous=NO # The port from which PORT style connections originate ftp_data_port=20 # This controls whether PORT style data connections use port 20 connect_from_port_20=NO # Speed # Max Speed of Anonymous in Bytes/sec. anon_max_rate=0 # Max Speed of Local Users in Bytes/sec. local_max_rate=0 ############################################################### # User Access Control. (not Including Anonymous) ############## ############################################################### # Local users i.e those in /etc/passwd local_enable=YES # Check local users valid /etc/shell # check_shell=NO # Enable User File List userlist_enable=YES # Deny Access to users listed in this file. userlist_deny=YES userlist_file=/etc/vsftpd/user_list # Place Local Users in CHROOT in there Home Directory. chroot_local_user=YES # Each users CHROOT is got from the /etc/passwd file. passwd_chroot_enable=YES # List of Local Users in CHROOT JAIL or NO = Not Placed in CHROOT. chroot_list_enable=NO chroot_list_file=/etc/vsftpd/chroot_list # Virtual Users Have the same privileges local users virtual_use_local_privs=NO ############################################################### # File Access Control. ######################################## ############################################################### # SITE CHMOD command - Allow users to change file permissions. chmod_enable=YES # Enable Dir messages. dirmessage_enable=NO # Message file name. message_file=.message # Permissions with which uploads are created. file_open_mode=0666 # file creation is set to for local users. local_umask=077 # The value that the umask for file creation is set to for anonymous users. anon_umask=077 # This controls whether any FTP commands which change the filesystem write_enable=NO # Allow Directory Listing. dirlist_enable=YES # If set to NO, all download requests will give permission denied. download_enable=YES # Show files starting with a . force_dot_files=NO # All user and Group information is disabled as FTP hide_ids=YES # Show usernames and Groupnames instead of UID and GID. text_userdb_names=YES # Allow ls -lR ls_recurse_enable=YES Thanks. Keith |
All times are GMT -5. The time now is 02:32 PM. |