Find the answer to your Linux question:
Results 1 to 3 of 3
FTPserver setup I tried searching but it seems to be broken. It only returns: Code: The page you are trying to access does not exist. Please select a page from ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! Jonas Axelsson's Avatar
    Join Date
    May 2006
    Location
    Borås, Sweden
    Posts
    3

    FTPserver setup


    FTPserver setup

    I tried searching but it seems to be broken. It only returns:
    Code:
    The page you are trying to access does not exist.
    Please select a page from the main menu.
    I thought I'd post my "problem" while the search is broken and hope for someone with enough knowledge to strol by and tell me wether it's possible or not. A detailed explanation of how to do it is of course appreciated but right now all I want is to find out if I can do it.

    I run Fedora Core 5 with vsftpd that come with the package. I am an experienced user but a novice to linux.

    What I want done is this.

    1. I need a user who has readonly access to a directory and everything in it.
    Lets call that directory /media/ftp/events/.
    2. I need users who has full access to subdirectories to the one above.
    Example: /media/ftp/events/user1, /media/ftp/events/user2 ...

    I have managed to chroot jail local users to their homedirectories.
    Code:
    setsebool -P ftp_home_dir 1
    setsebool -P ftpd_is_daemon 1
    chmod 0775 /home/user1/
    service vsftpd restart
    I do not want users to wander around where they do not belong.

    I have created a user and set its homedir to /media/ftp/events/user1. It has been chmoded like the one above. I guess it has something to do with SELinux but I'm out of both clues and guesses. All I get from the server is:
    Code:
    500 OOPS: cannot change directory:/media/ftp/events/user1
    Any help, hints or even guesses in any direction is appreciated.

    (I'm including vsftpd.conf)

    EDIT:
    I have now confirmed that this caused by SELinux. I ran a test where I disabled SELinux. I had the same problem with the users homedirectories in /home before I set up the chroot jail (desribed above). Is there a way to do the same thing with another directory?
    Attached Files Attached Files

  2. #2
    Just Joined!
    Join Date
    Apr 2005
    Posts
    88

    FTP Server Setup

    Greetings,

    Can you disable the chroot and then try to accessthe directory with that particular specific user just to make sure that the ftp server is working fine and the user is able to access the directory and then move forward with the same.

    Regards

  3. #3
    Just Joined! Jonas Axelsson's Avatar
    Join Date
    May 2006
    Location
    Borås, Sweden
    Posts
    3
    Thank you for your reply. I am really close abandoning all hope and setting up WindowsXP instead. God forbid but I have never before experienced problems like this one.

    Here we go...

    I removed the user from /etc/vsftpd/chroot_list/, restarted vsftpd and tried to log in with the same result as before. Other users can log in to their respective homedirectories (chroot jail'ed or not). I have disabled chroot by commenting it out in vsftpd.conf.

    The only way I can set homedirs outside /home is if I disable SELinux.

    I figured that the user can have its homedir in /home IF I can put a link to the other dir in it. I put a
    Code:
    ln -s /media/ftp/events/user1 media
    in /home/user1 but with SELinux active I can not change dir
    Code:
    [R] CWD media
    [R] 550 Failed to change directory.
    There must be more out there who experience this, or similar, problem. I've googled for information on how to build new rules/policies. The only fairly userfriendly solution I've found is audit2allow which transforms policy violations into new policies. Just take the line from /var/log/messages and run it through audit2allow. My problem here is that I can not find any policy violations in messages to run through audit2allow.

    I hope I make some sense with what I'm saying and to sum it all up,
    I want users to be able to access directories outside /home. Some of them need to write and some just read. I have absolutely no problem doing this with SELinux disabled but can not run the machine without it.
    Last edited by Jonas Axelsson; 05-29-2006 at 01:35 PM. Reason: typo

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •