Solved

Ftp permissions using vsftpd on FC4

Posted on 2006-06-12
16
2,943 Views
Last Modified: 2013-11-13
The permissions for a number of files ftped into our FC4 server are rwx------.   I know it is dangerous, but I want all files created by ftp to have read, write, execute.  I have changed local_umask=777 in /etc/vsftpd/vsftpd.conf and "service restart vsftpd".  But, I'm not getting files created with full permissions.  Any ideas?
0
Comment
Question by:shannon_adams
  • 8
  • 5
  • 3
16 Comments
 
LVL 16

Expert Comment

by:xDamox
Comment Utility
Hi,

Redhat remove the ability to have execute in the fire permissions for security reasons, rwx is no longer acceptable.
0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
try "local_umask=000" - umask is meant to subtract (i.e. remove) permission bits set, not to add the bits.
0
 
LVL 16

Expert Comment

by:xDamox
Comment Utility
DonConsolio, You cant have a umask of rwx execute has been removed for security pursoses
0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
for me (vsFTPd 2.0.3 on SUSE) this works:
-----------------------
local_umask=000
file_open_mode=0777
------------------------

Redhat may be different :-)
0
 
LVL 16

Expert Comment

by:xDamox
Comment Utility
DonConsolio, you are able to get rwx on SuSE?
0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
"-rwxrwx---"  is what i got with local_umask=007 and file_open_mode=0777

SUSE 10.0 , vsftpd-2.0.3-6
0
 
LVL 16

Expert Comment

by:xDamox
Comment Utility
Ok, thanks I didn't know SuSE allowed you to do this
0
 

Author Comment

by:shannon_adams
Comment Utility
DonConsolio, I added the two lines to the /etc/vsftpd/vsftpd.conf file and restarted the service.  However I am getting -rw-rw-r-- when ftping files to the server.  I am almost positive I am running vsftp as the ftp server, but how can I be sure?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
$  telnet 127.0.0.1 ftp
and read the banner

or

rpm -qa | grep -i ftp

0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
type "quit<enter>" to leave the telnet session
0
 

Author Comment

by:shannon_adams
Comment Utility
Here is what I see with the rpm command:
lftp-3.2.1-10_FC4  
ncftp-3.1.9-4.fc4  
ftp-0.17-26        
vsftpd-2.0.3-1    

Now, how can I tell which one is being used for ftp transfers?
0
 

Author Comment

by:shannon_adams
Comment Utility
Okay, tried the telnet:
Connected to webserver (127.0.0.1).
Escape character is '^]'.          
220 (vsFTPd 2.0.3)                  
0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
> vsftpd-2.0.3-1    

> 220 (vsFTPd 2.0.3)                  


so you have vsftpd 2.0.3
0
 
LVL 14

Expert Comment

by:DonConsolio
Comment Utility
do your SOURCE files havd 777 mode ?
0
 
LVL 14

Accepted Solution

by:
DonConsolio earned 250 total points
Comment Utility
You might also want to check your SELinux settings

"Desktop" > "System Settings" > "Security Level"  >  "FTP" > "SELinux"
0
 
LVL 16

Expert Comment

by:xDamox
Comment Utility
Fedora does not allow rwx files.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

One of the frequent problems with the installations is when some file or registry entry is not removed from the system upon un-installation of the product. Clean removal is always highly desirable. One major reason for that is badly authored inst…
Installations often have prerequisites, such as “Microsoft .Net framework is required for this product”. The usual implementation in MSI installations is system search for a particular registry setting representing the required prerequisite, followe…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now