Find the answer to your Linux question:
Results 1 to 10 of 10
Fairly new at my job and we have a RedHat FTP server. All I would like to do is add a user and for that user to have a dedicated ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2011
    Location
    Long Island
    Posts
    5

    FTP help for a total linux noob


    Fairly new at my job and we have a RedHat FTP server. All I would like to do is add a user and for that user to have a dedicated home directory. I found an old post on this forum and it led me to run the 'useradd' command and I was able made a user with a home directory.

    I cannot find a clear guide to explain what the next steps are. I was able to log in with my new account but it looks like I don't have write permission. Whomever setup this server did not install any GUI either. Coming from the Windows world, this has frustrated me.

    Any help would be really appreciated - thanks everyone!
    Cheers

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,318
    I assume you are using vsftpd - can you confirm? try:
    Code:
    ps auxww|grep ftpd
    If so, do you have write_enable=YES in your config file?
    Code:
    grep ^write_enable /etc/vsftpd/vsftpd.conf
    If not, change it and restart the daemon:
    Code:
    service vsftpd restart
    Is SELinux enabled? Check it with:
    Code:
    getenforce
    If so, temporarily disable it and see if ftp works:
    Code:
    setenforce 0
    If that works, then re-enabled SELinux:
    Code:
    setenforce 1
    and try this SELinux command to allow FTP writes to user's homedir:
    Code:
    setsebool -P ftp_home_dir 1
    NOTE: Run all the above commands as root.

  3. #3
    Just Joined!
    Join Date
    Sep 2011
    Location
    Long Island
    Posts
    5

    So Far So Good...

    Thank you very much for the quick reply. Unfortunately I was busy all day and it is finally quiet enough for me to look at this.

    I got to the point where I can confirm vsftp is running and when I ran getenforce I got a reply of disabled.

    I am reluctant to make any more changes because (if I understand correctly) it was supposed to be enabled? This server already has active accounts and I'm concerned with causing a problem with them.

    Thanks again & Cheers!

  4. #4
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,318
    Do you mean SELinux was supposed to be enabled? anyway, if it is currently disabled and FTP writes still don't work, then SELinux is not your problem.

    Did you run the command to check if write_enable was YES in vsftpd.conf? That will be key.

  5. #5
    Just Joined!
    Join Date
    Sep 2011
    Location
    Long Island
    Posts
    5
    To make it easier I have attached what I did and what the results were. Yes, write_enable=YES was confirmed. Thank you again...
    Attached Images Attached Images

  6. #6
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,318
    Okay, so we can cross those two things off the list. Let's check some other things. In the commands below, substitute your ftp account name with $USER.

    Check the user's homedir, according to /etc/passwd, e.g.:
    Code:
    awk -F: '$1 ~ /$USER/{print $6}' /etc/passwd
    Check on the user's home directory (whatever was returned in the above command) ownership and permissions, e.g.:
    Code:
    ls -ld /home/$USER
    To be on the safe side, restart the FTP server:
    Code:
    service vsftpd restart
    Check the FTP log:
    Code:
    tail /var/log/xferlog
    Check the other system logs:
    Code:
    tail /var/log/secure
    tail /var/log/messages
    Can you post the exact errors you are getting, when you attempt your ftp write?

    What file are you trying to 'put'? Does your FTP user have sufficient rights to it?

    BTW, you are trying to do this locally, right? You're just doing 'ftp localhost', etc.?

    EDIT: I forgot - to install a GUI (graphical desktop environment), try this:
    Code:
    yum groupinstall 'GNOME Desktop Environment'
    (I assume yum is up and running...)
    Last edited by atreyu; 09-22-2011 at 01:29 PM. Reason: GUI

  7. #7
    Just Joined!
    Join Date
    Sep 2011
    Location
    Long Island
    Posts
    5
    Thank you once again for the assistance...

    I ran the commands and it looks like the user does not have access to the home directory. If I am understanding correctly everything should be good once access is given, no?

    Cheers


    *** CuteFTP 8.3 - build May 19 2010 ***

    STATUS:> [9/26/2011 11:25:15 AM] Transferring file "/home/ils/iCATVision [Archive].lnk"...
    STATUS:> [9/26/2011 11:25:15 AM] Checking directory existence: "/home/ils".
    STATUS:> [9/26/2011 11:25:15 AM] Remote directory already exists: "/home/ils".
    COMMAND:> [9/26/2011 11:25:15 AM] TYPE I
    [9/26/2011 11:25:15 AM] 200 Switching to Binary mode.
    COMMAND:> [9/26/2011 11:25:15 AM] SIZE iCATVision [Archive].lnk
    [9/26/2011 11:25:15 AM] 550 Could not get file size.
    STATUS:> [9/26/2011 11:25:15 AM] Requested action not taken (e.g., file or directory not found, no access).
    COMMAND:> [9/26/2011 11:25:15 AM] CWD /home/ils/iCATVision [Archive].lnk
    [9/26/2011 11:25:15 AM] 550 Failed to change directory.
    STATUS:> [9/26/2011 11:25:15 AM] Requested action not taken (e.g., file or directory not found, no access).
    COMMAND:> [9/26/2011 11:25:15 AM] CWD /home/ils
    [9/26/2011 11:25:15 AM] 250 Directory successfully changed.
    STATUS:> [9/26/2011 11:25:15 AM] PWD skipped. Current folder: "/home/ils".
    COMMAND:> [9/26/2011 11:25:15 AM] PASV
    [9/26/2011 11:25:15 AM] 227 Entering Passive Mode (10,10,2,179,42,254)
    COMMAND:> [9/26/2011 11:25:15 AM] STOR iCATVision [Archive].lnk
    STATUS:> [9/26/2011 11:25:15 AM] Connecting FTP data socket... 10.10.2.179:11006...
    [9/26/2011 11:25:15 AM] 553 Could not create file.
    ERROR:> [9/26/2011 11:25:15 AM] Access denied.
    Attached Images Attached Images

  8. #8
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,318
    It should fix your problem, yes. I assume the username is ils - try this command:
    Code:
    chown -R ils /home/ils
    You should really change the group ownership of the dir, too. Get the group id with:
    Code:
    id -ng ils
    Say the group command returned "users". You could modify the chown command to be:
    Code:
    chown -R ils:users /home/ils
    You should also change the permissions on it:
    Code:
    chmod 0700 /home/ils

  9. #9
    Just Joined!
    Join Date
    Sep 2011
    Location
    Long Island
    Posts
    5
    Excellent progress! I was able to read/write+delete files and folders! The only problem now is I noticed I am able to browse "up" to other folders. While the account does not have access to these folders, I would "prefer" if this was disabled. If not, I'll accept it...

    Cheers!
    Attached Images Attached Images

  10. #10
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,318
    Try setting chroot_local_user=YES in your /etc/vsftpd/vsftpd.conf and then restart the daemon: service vsftpd restart

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •