Solved

FTP configuration using vsftpd

Posted on 2006-06-28
9
466 Views
Last Modified: 2008-02-26
Hi,
I am configuring a vsftpd server on CentOs 4.x.
I need help on the following.
I have changed the anon_root=/local/data

Under /local/data I have four directories
setups
FAQ
Public
Temp

When the user types ftp://myftpip He is presented with these four directories.
What I need to do is when he changes directory to setups, I dont want the contents/directories listed. But if he knows the name of the file/directory he can access it.
For /Temp the contents can be listed and the user of a particular group (say gid 345) can write to.
For FAQ The contents can be listed only if you know the directory/filename and be readable for users of gid 345


I have been successful in hiding the directory, setups, FAQ,Public,Temp by giving hide_file=setups,FAQ,Public,Temp, but I actually need to hide the data withing these directories.
Also I assume the gid 345 users can be given access I need  based on user_config_dir.

Kindly update with any howto link if possible.

Thanks
--Walter
0
Comment
Question by:wfaleiro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
9 Comments
 
LVL 27

Expert Comment

by:Nopius
ID: 17005961
For directories 'r' flag allows you to deny listing.

# to disallow listing of /local/data for all
chmod g-r,o-r /local/data

# to allow write access for group and allow listing of Temp
chgrp 345 /local/data/Temp
chmod g+w+x,o-w+x /local/data/Temp

# FAQ readable by 345 and not listable by others
chgrp 345 /local/data/FAQ
chmod g+r+x,o-r+x /local/data/FAQ
0
 
LVL 1

Author Comment

by:wfaleiro
ID: 17009933
Hi Nopius
That works fine, but when anonymous user uploads files it creates them with the permissions
-rw-------  1 ftp     ftp filename.
I need to create the same as ftp:gid345 and have permissions set as
-rw-r--r--

Thanks,
--Walter
0
 
LVL 1

Author Comment

by:wfaleiro
ID: 17010193
My anonymous umask is 022.
So the files shoudl have permission -rw-r--r--.
Suprisingly they dont get the permission
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:wfaleiro
ID: 17010564
These are my settings
anonymous_enable=YES
anon_root=/local/data/
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_world_readable_only=YES
anon_max_rate=500000
anon_umask=022

And under data I have a folder under /local/data called inc.
The permissions for this folder are
drwxrws-wx  ftp 345

But when I upload files under this folder as user anonymous the permissions granted are
-rw-------

I  need the permissions as -rw-r--r--

--Walter
0
 
LVL 8

Expert Comment

by:RWJDCom
ID: 17011276
That's quite strange.  When you modified the configuration did you stop and restart the FTP daemon?  You need to restart the FTP server for any changes you make to the configuration file to take effect.  Also, make sure that you are modifying the correct config file.  I have seen where the installer creates config files in different places which causes problems (ie. it put a config file in /etc and /usr/local/etc) and the server was only looking at the configuration file in the /etc directory and there was no reason for the /usr/local/etc configuration file.

You could also check the default settings in the code prior to compileing the vsftpd server and just change the settings in the source code itself and re-compile it.

I hope this helps.
0
 
LVL 1

Author Comment

by:wfaleiro
ID: 17012290
Restarted the daemon after all changes.
0
 
LVL 1

Author Comment

by:wfaleiro
ID: 17013047
Also I need to disable the verbose mode.
When I login to the system and execute commands I get output messages of the commands executed in verbos mode. Can I disable that?
0
 
LVL 8

Expert Comment

by:RWJDCom
ID: 17014969
Could you paste your entire configuration file so that I can review it and hopefully assist you better.
0
 
LVL 27

Accepted Solution

by:
Nopius earned 125 total points
ID: 17015201
> The permissions for this folder are
> drwxrws-wx  ftp 345

that's good

That's mine config, that works:
write_enable=YES
local_enable=YES
local_umask=022
anonimous_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_world_readable_only=NO
anon_umask=022

after applying this config I get rw-r--r-- when uploading files by anonymous.
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question