Solved

Ftp permissions using vsftpd on FC4

Posted on 2006-06-12
16
2,948 Views
Last Modified: 2013-11-13
The permissions for a number of files ftped into our FC4 server are rwx------.   I know it is dangerous, but I want all files created by ftp to have read, write, execute.  I have changed local_umask=777 in /etc/vsftpd/vsftpd.conf and "service restart vsftpd".  But, I'm not getting files created with full permissions.  Any ideas?
0
Comment
Question by:shannon_adams
  • 8
  • 5
  • 3
16 Comments
 
LVL 16

Expert Comment

by:xDamox
ID: 16892681
Hi,

Redhat remove the ability to have execute in the fire permissions for security reasons, rwx is no longer acceptable.
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16920121
try "local_umask=000" - umask is meant to subtract (i.e. remove) permission bits set, not to add the bits.
0
 
LVL 16

Expert Comment

by:xDamox
ID: 16920273
DonConsolio, You cant have a umask of rwx execute has been removed for security pursoses
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16920807
for me (vsFTPd 2.0.3 on SUSE) this works:
-----------------------
local_umask=000
file_open_mode=0777
------------------------

Redhat may be different :-)
0
 
LVL 16

Expert Comment

by:xDamox
ID: 16920956
DonConsolio, you are able to get rwx on SuSE?
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16921298
"-rwxrwx---"  is what i got with local_umask=007 and file_open_mode=0777

SUSE 10.0 , vsftpd-2.0.3-6
0
 
LVL 16

Expert Comment

by:xDamox
ID: 16921437
Ok, thanks I didn't know SuSE allowed you to do this
0
 

Author Comment

by:shannon_adams
ID: 16921635
DonConsolio, I added the two lines to the /etc/vsftpd/vsftpd.conf file and restarted the service.  However I am getting -rw-rw-r-- when ftping files to the server.  I am almost positive I am running vsftp as the ftp server, but how can I be sure?
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 15

Expert Comment

by:DonConsolio
ID: 16921749
$  telnet 127.0.0.1 ftp
and read the banner

or

rpm -qa | grep -i ftp

0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16921758
type "quit<enter>" to leave the telnet session
0
 

Author Comment

by:shannon_adams
ID: 16921762
Here is what I see with the rpm command:
lftp-3.2.1-10_FC4  
ncftp-3.1.9-4.fc4  
ftp-0.17-26        
vsftpd-2.0.3-1    

Now, how can I tell which one is being used for ftp transfers?
0
 

Author Comment

by:shannon_adams
ID: 16921773
Okay, tried the telnet:
Connected to webserver (127.0.0.1).
Escape character is '^]'.          
220 (vsFTPd 2.0.3)                  
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16921802
> vsftpd-2.0.3-1    

> 220 (vsFTPd 2.0.3)                  


so you have vsftpd 2.0.3
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 16921898
do your SOURCE files havd 777 mode ?
0
 
LVL 15

Accepted Solution

by:
DonConsolio earned 250 total points
ID: 16922021
You might also want to check your SELinux settings

"Desktop" > "System Settings" > "Security Level"  >  "FTP" > "SELinux"
0
 
LVL 16

Expert Comment

by:xDamox
ID: 16924504
Fedora does not allow rwx files.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now