Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 476
  • Last Modified:

FTP configuration using vsftpd

Hi,
I am configuring a vsftpd server on CentOs 4.x.
I need help on the following.
I have changed the anon_root=/local/data

Under /local/data I have four directories
setups
FAQ
Public
Temp

When the user types ftp://myftpip He is presented with these four directories.
What I need to do is when he changes directory to setups, I dont want the contents/directories listed. But if he knows the name of the file/directory he can access it.
For /Temp the contents can be listed and the user of a particular group (say gid 345) can write to.
For FAQ The contents can be listed only if you know the directory/filename and be readable for users of gid 345


I have been successful in hiding the directory, setups, FAQ,Public,Temp by giving hide_file=setups,FAQ,Public,Temp, but I actually need to hide the data withing these directories.
Also I assume the gid 345 users can be given access I need  based on user_config_dir.

Kindly update with any howto link if possible.

Thanks
--Walter
0
wfaleiro
Asked:
wfaleiro
  • 5
  • 2
  • 2
1 Solution
 
NopiusCommented:
For directories 'r' flag allows you to deny listing.

# to disallow listing of /local/data for all
chmod g-r,o-r /local/data

# to allow write access for group and allow listing of Temp
chgrp 345 /local/data/Temp
chmod g+w+x,o-w+x /local/data/Temp

# FAQ readable by 345 and not listable by others
chgrp 345 /local/data/FAQ
chmod g+r+x,o-r+x /local/data/FAQ
0
 
wfaleiroAuthor Commented:
Hi Nopius
That works fine, but when anonymous user uploads files it creates them with the permissions
-rw-------  1 ftp     ftp filename.
I need to create the same as ftp:gid345 and have permissions set as
-rw-r--r--

Thanks,
--Walter
0
 
wfaleiroAuthor Commented:
My anonymous umask is 022.
So the files shoudl have permission -rw-r--r--.
Suprisingly they dont get the permission
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
wfaleiroAuthor Commented:
These are my settings
anonymous_enable=YES
anon_root=/local/data/
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_world_readable_only=YES
anon_max_rate=500000
anon_umask=022

And under data I have a folder under /local/data called inc.
The permissions for this folder are
drwxrws-wx  ftp 345

But when I upload files under this folder as user anonymous the permissions granted are
-rw-------

I  need the permissions as -rw-r--r--

--Walter
0
 
RWJDComCommented:
That's quite strange.  When you modified the configuration did you stop and restart the FTP daemon?  You need to restart the FTP server for any changes you make to the configuration file to take effect.  Also, make sure that you are modifying the correct config file.  I have seen where the installer creates config files in different places which causes problems (ie. it put a config file in /etc and /usr/local/etc) and the server was only looking at the configuration file in the /etc directory and there was no reason for the /usr/local/etc configuration file.

You could also check the default settings in the code prior to compileing the vsftpd server and just change the settings in the source code itself and re-compile it.

I hope this helps.
0
 
wfaleiroAuthor Commented:
Restarted the daemon after all changes.
0
 
wfaleiroAuthor Commented:
Also I need to disable the verbose mode.
When I login to the system and execute commands I get output messages of the commands executed in verbos mode. Can I disable that?
0
 
RWJDComCommented:
Could you paste your entire configuration file so that I can review it and hopefully assist you better.
0
 
NopiusCommented:
> The permissions for this folder are
> drwxrws-wx  ftp 345

that's good

That's mine config, that works:
write_enable=YES
local_enable=YES
local_umask=022
anonimous_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_world_readable_only=NO
anon_umask=022

after applying this config I get rw-r--r-- when uploading files by anonymous.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now