Find the answer to your Linux question:
Results 1 to 9 of 9
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Can't see files in FTP nor access them from web


    I set up nginx on a VM somewhere and everything is working fine. Then I tried to build some directory structure under the nginx root HTML folder. I received 403 forbidden for a file so normally I assumed permissions. Using root I gave entire dir structure chmod -R a+r /usr/share/ngnix/html/myfolder. Still 403.
    Then I SFTP'd into this box using a didcated web FTP account. I am not that experienced to be able to tell how is this user set nor which permissions it has, but by default it can view all directories in the system. When navigating to the HTML root I could see myfolder but when going inside I was seeing nothing. No subfolder, no files. needless to say ls -al from bash on any of these is giving me rwxr--r-- for all files and directories.

    if I copy some arbitrary file from within the myfolder dir to html root and give it a+r it IS accessible from web and SFTP. If this were only a 403 I would assume something I am not configuring properly on nginx, but since SFTP is showing same behavior I am led to believe it is something in the directories themselves!? What else is there besides file permissions??


  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Western Kentucky
    is the system using selinux?
    linux user # 503963

  3. #3
    Hi Scathfire,

    I actually have no idea what it means or does, but I think not:

    [root@vps52808 /]# rpm -qa | grep selinux
    [root@vps52808 /]# /usr/sbin/getenforce
    [root@vps52808 /]#

  4. $spacer_open
  5. #4
    Just Joined!
    Join Date
    Sep 2010
    Dhaka, Bangladesh
    Try running the command to check which mode SELinux is in.


    You could also try the command system-config-securitylevel (for RHEL..dunno whether it works on other distributions..)

  6. #5

    Thumbs up

    Change the context of ftp dir
    chcon -R -t public_content_rw_t /usr/share/ngnix/html/myfolder
    change boolen of ftp share so that anyone can write into it
    setsebool -P allow_ftpd_anon_write=1
    and then check
    [root@station4 ~]# getsebool -a | grep -i ftp
    allow_ftpd_anon_write --> on
    allow_ftpd_full_access --> off
    allow_ftpd_use_cifs --> off
    allow_ftpd_use_nfs --> off
    allow_tftp_anon_write --> off
    ftp_home_dir --> off
    ftpd_connect_db --> off
    ftpd_disable_trans --> off
    ftpd_is_daemon --> on
    httpd_enable_ftp_server --> off
    tftpd_disable_trans --> off

    try with these options.......

  7. #6
    Guys, thanks for the responses, but don't the lines above:

    [root@vps52808 /]# /usr/sbin/getenforce
    mean that SELinux is disabled?
    crazypush, chcon and setsebool are selinux commands, but if it's disabled what's the point?


  8. #7
    crazypush, went ahead and tried you suggestions anyway... chcon gave me:

    chcon: can't apply partial context to unlabeled file /usr/share/nginx/html/myfolder

  9. #8


    sorry, i didn't see that ur selinux was disabled.........

  10. #9

    Resolved this. As expected this was a result of my ignorance. FTP user and web server users were different. FTP user needed execute on the directories to list them (which it didn't have). Fixed it all by adding FTP user to web server group, changing ownership for entire hierarchy to web server group and giving +x to directories and +r to all files.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts