Find the answer to your Linux question:
Results 1 to 3 of 3
Here is my goal - to make vsftpd allow several ftp domains (i.e. ftp.me.org; ftp.you.org, etc) to reside on one IP. I also need to allow virtual users. Basically I ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84

    SOLVED - vsftpd v-users and v-hosting


    Here is my goal - to make vsftpd allow several ftp domains (i.e. ftp.me.org; ftp.you.org, etc) to reside on one IP. I also need to allow virtual users. Basically I am good to go, only problem is when I login to the machine it automaticly places me in the home dir of the user that is specified in the vsftpd.conf file. From what vsftpd's site said, in order to user the v-hosting I need a seperate vsftpd.conf file for each domain, and I do. I also have a seperate file that lies within my xinetd.d directory, which xinetd references. The server starts fine and lets any of my v-users login, but places me in the home dir of my original user.

    I have two users setup with two sites. Both sites reside on my internal IP for now, and it will be this way until the server is ready for deployment.


    Here is my vsftpd.conf and /xinetd.d/vsftp files for user and domain#1


    vsftpd.conf:

    # Access rights
    anonymous_enable=NO
    local_enable=YES
    write_enable=NO
    anon_upload_enable=NO
    anon_mkdir_write_enable=NO
    anon_other_write_enable=NO
    # Security
    anon_world_readable_only=NO
    connect_from_port_20=YES
    hide_ids=YES
    pasv_min_port=50000
    pasv_max_port=60000
    # Features
    xferlog_enable=YES
    ls_recurse_enable=NO
    ascii_download_enable=NO
    async_abor_enable=YES
    # Performance
    #one_process_model=YES
    idle_session_timeout=300
    data_connection_timeout=300
    accept_timeout=60
    connect_timeout=60
    chroot_local_user=YES
    guest_enable=YES
    guest_username=****

    ftpd_banner=This is the **** site.

    and for /xinetd.d/vsftp for user and domain#1

    # default: on
    # description:
    # The vsftpd FTP server serves FTP connections. It uses
    # normal, unencrypted usernames and passwords for authentication.
    # vsftpd is designed to be secure.
    service ftp
    {
    socket_type = stream
    wait = no
    user = root
    server = /usr/sbin/vsftpd
    # log_on_success += DURATION USERID
    # log_on_failure += USERID
    nice = 10
    disable = no
    }




    Now for user and domain#2

    vsftpd2.conf:

    # Access rights
    anonymous_enable=NO
    local_enable=YES
    write_enable=NO
    anon_upload_enable=NO
    anon_mkdir_write_enable=NO
    anon_other_write_enable=NO
    # Security
    anon_world_readable_only=NO
    connect_from_port_20=YES
    hide_ids=YES
    pasv_min_port=50000
    pasv_max_port=60000
    # Features
    xferlog_enable=YES
    ls_recurse_enable=NO
    ascii_download_enable=NO
    async_abor_enable=YES
    # Performance
    #one_process_model=YES
    idle_session_timeout=300
    data_connection_timeout=300
    accept_timeout=60
    connect_timeout=60
    chroot_local_user=YES
    guest_enable=YES
    guest_username=****

    ftpd_banner=This is the ****site.

    and for /xinetd.d/vsftpd2:

    # default: on
    # description:
    # The vsftpd FTP server serves FTP connections. It uses
    # normal, unencrypted usernames and passwords for authentication.
    # vsftpd is designed to be secure.
    service ftp
    {
    socket_type = stream
    wait = no
    user = root
    server = /usr/sbin/vsftpd
    # server_args =
    # log_on_success += DURATION USERID
    # log_on_failure += USERID
    nice = 10
    disable = no
    bind =xxx.xxx.xxx.xxx
    server_args = /etc/vsftpd2.conf
    }

    As I said, the server starts fine, and when I connect it automatically takes me to ftp domain#1, no matter what. Even though it does this, I can still login as user#2 into domain #1 which is weird. The server then places user#2 into user#1's home dir. What gives?

    EDIT: When I added these users, I specified the adduser --home [DIR] switch, so they each have their own home directories, and should be jailed there based on the vsftpd.conf entries. I also have vsftpd.pam residing inside the pam.d dir, and referencing the logins.txt appropriatly. So logging in isn't a problem, the problem is the server knowing what to do with any user other than user#1.

    I had the 'one_process_model' tag in my vsftpd.conf files specified at one time, but all it did was give me this error when I tried to access the server

    500 OOPS: vsftpd: security: 'one_process_model' is anonymous only

    So I removed it, not sure if this means anything or not.

  2. #2
    Just Joined!
    Join Date
    Jul 2005
    Posts
    84
    Ok, I got it working using virtual IP's. This is not a good solution, as my boss does not want to have to assign a diff IP for each ftp site. It kind of defeats the point of V-hosting, and it's a waste. Is there an alternative?

  3. #3
    Linux User
    Join Date
    Jul 2005
    Posts
    369
    Quote Originally Posted by durty_nacho
    Ok, I got it working using virtual IP's. This is not a good solution, as my boss does not want to have to assign a diff IP for each ftp site. It kind of defeats the point of V-hosting, and it's a waste. Is there an alternative?
    what about a dns based virtual hosting
    All i want for christmas is a new liver....a second chance to get afflicted with Cirrhosis

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •