Link to home
Start Free TrialLog in
Avatar of wfaleiro
wfaleiroFlag for India

asked on

FTP configuration using vsftpd

Hi,
I am configuring a vsftpd server on CentOs 4.x.
I need help on the following.
I have changed the anon_root=/local/data

Under /local/data I have four directories
setups
FAQ
Public
Temp

When the user types ftp://myftpip He is presented with these four directories.
What I need to do is when he changes directory to setups, I dont want the contents/directories listed. But if he knows the name of the file/directory he can access it.
For /Temp the contents can be listed and the user of a particular group (say gid 345) can write to.
For FAQ The contents can be listed only if you know the directory/filename and be readable for users of gid 345


I have been successful in hiding the directory, setups, FAQ,Public,Temp by giving hide_file=setups,FAQ,Public,Temp, but I actually need to hide the data withing these directories.
Also I assume the gid 345 users can be given access I need  based on user_config_dir.

Kindly update with any howto link if possible.

Thanks
--Walter
Avatar of Arty K
Arty K
Flag of Kazakhstan image

For directories 'r' flag allows you to deny listing.

# to disallow listing of /local/data for all
chmod g-r,o-r /local/data

# to allow write access for group and allow listing of Temp
chgrp 345 /local/data/Temp
chmod g+w+x,o-w+x /local/data/Temp

# FAQ readable by 345 and not listable by others
chgrp 345 /local/data/FAQ
chmod g+r+x,o-r+x /local/data/FAQ
Avatar of wfaleiro

ASKER

Hi Nopius
That works fine, but when anonymous user uploads files it creates them with the permissions
-rw-------  1 ftp     ftp filename.
I need to create the same as ftp:gid345 and have permissions set as
-rw-r--r--

Thanks,
--Walter
My anonymous umask is 022.
So the files shoudl have permission -rw-r--r--.
Suprisingly they dont get the permission
These are my settings
anonymous_enable=YES
anon_root=/local/data/
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_world_readable_only=YES
anon_max_rate=500000
anon_umask=022

And under data I have a folder under /local/data called inc.
The permissions for this folder are
drwxrws-wx  ftp 345

But when I upload files under this folder as user anonymous the permissions granted are
-rw-------

I  need the permissions as -rw-r--r--

--Walter
That's quite strange.  When you modified the configuration did you stop and restart the FTP daemon?  You need to restart the FTP server for any changes you make to the configuration file to take effect.  Also, make sure that you are modifying the correct config file.  I have seen where the installer creates config files in different places which causes problems (ie. it put a config file in /etc and /usr/local/etc) and the server was only looking at the configuration file in the /etc directory and there was no reason for the /usr/local/etc configuration file.

You could also check the default settings in the code prior to compileing the vsftpd server and just change the settings in the source code itself and re-compile it.

I hope this helps.
Restarted the daemon after all changes.
Also I need to disable the verbose mode.
When I login to the system and execute commands I get output messages of the commands executed in verbos mode. Can I disable that?
Could you paste your entire configuration file so that I can review it and hopefully assist you better.
ASKER CERTIFIED SOLUTION
Avatar of Arty K
Arty K
Flag of Kazakhstan image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial