marcelocbf
asked on
VSFTPD: Problems with upload
Sorry guys,
I know that questions about this topic is all over the EE, but I couldn't really find an answer that could solve my problem ... Also, I'm so tired that maybe I overlapped the settings and it couldn't work anyway ....
I'm not experienced in Linux and I'm trying to setup vsftpd for the first time.
Scenario:
I can login, download, but not upload. When I try to upload, I receive the known 553-Could not create file
Setup:
I created a new user using useradd. The account has no password and it is already unlocked.
On this account home dir, I executed the chown -hR account and chmod -R 777
I tried to read the vsftpd.log, but I couldn't understand anything.
Follows, my vsftpd.conf ...
I hope you guys help me ...
Thanks,
--------------------------
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=Y
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsft
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=1
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vs
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsf
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
#enable for standalone mode
listen=YES
tcp_wrappers=YES
chroot_local_user=yes
--------------------------
I know that questions about this topic is all over the EE, but I couldn't really find an answer that could solve my problem ... Also, I'm so tired that maybe I overlapped the settings and it couldn't work anyway ....
I'm not experienced in Linux and I'm trying to setup vsftpd for the first time.
Scenario:
I can login, download, but not upload. When I try to upload, I receive the known 553-Could not create file
Setup:
I created a new user using useradd. The account has no password and it is already unlocked.
On this account home dir, I executed the chown -hR account and chmod -R 777
I tried to read the vsftpd.log, but I couldn't understand anything.
Follows, my vsftpd.conf ...
I hope you guys help me ...
Thanks,
--------------------------
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=Y
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsft
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=1
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vs
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsf
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
#enable for standalone mode
listen=YES
tcp_wrappers=YES
chroot_local_user=yes
--------------------------
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp
you seem to be changing the owner ship of the files when uploaded. does "bmqftp" have write access into the folders? check for that part of it as well.
comment these lines and restart vsftpd. try uploading. if that happens, check for ownership of files.
then uncomment the lines and ensure that bmqftp has write access and try uploading.
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp
you seem to be changing the owner ship of the files when uploaded. does "bmqftp" have write access into the folders? check for that part of it as well.
comment these lines and restart vsftpd. try uploading. if that happens, check for ownership of files.
then uncomment the lines and ensure that bmqftp has write access and try uploading.
ASKER
ibu1 -> I've set ascii_upload_enable to YES, but it didn't work
ygoutham -> I think this may be the problem. As I said above, I just created the user, but I don't know how to check if it has write permissions ... Probably not, because I don't know how to check that. Can you please tell me how to check ?
Thanks,
ygoutham -> I think this may be the problem. As I said above, I just created the user, but I don't know how to check if it has write permissions ... Probably not, because I don't know how to check that. Can you please tell me how to check ?
Thanks,
i am assuming that you do not have a user called bmqftp and writing the below
useradd -d /path/to/ftp/folder bmqftp
passwd bmqftp (the system would prompt you to add the password for the user)
any subsequent user added to the system can be added with the primary group as "bmqftp"
useradd -g bmqftp -d /path/to/ftp/folder ygoutham
passwd ygoutham
this ensures that the users belong to the group called bmqftp. change the ownership of the folders which are meant for ftp users
chmod 770 /path/to/ftp/folder -R
chgrp bmqftp /path/to/ftp/folder -R
now try uploading files once you are logged in as "bmqftp". the system should take the files uploaded without giving an error.
good luck
useradd -d /path/to/ftp/folder bmqftp
passwd bmqftp (the system would prompt you to add the password for the user)
any subsequent user added to the system can be added with the primary group as "bmqftp"
useradd -g bmqftp -d /path/to/ftp/folder ygoutham
passwd ygoutham
this ensures that the users belong to the group called bmqftp. change the ownership of the folders which are meant for ftp users
chmod 770 /path/to/ftp/folder -R
chgrp bmqftp /path/to/ftp/folder -R
now try uploading files once you are logged in as "bmqftp". the system should take the files uploaded without giving an error.
good luck
if bmqftp already exists as a user, then
usermod -g bmqftp bmqftp
usermod -g bmqftp ygoutham (for the rest of the users and you can also add "-d /some/home/folder" also as an option)
usermod -g bmqftp bmqftp
usermod -g bmqftp ygoutham (for the rest of the users and you can also add "-d /some/home/folder" also as an option)
ASKER
Hi ygoutham,
The user bmqftp already exists ... but I didn't know how to password-protect this account. Now I did what you instructed me to do, and I added the password to the account. I also executed the usermod with the -g option to the user, and the chmod on the its home folder, but I got the same error.
I don't know but is it possible that I'm trying to upload with the wrong command ? I already tried the send, put and even the append. I'm trying to upload all the files in one folder and I'm using send /exampleFolder/*.* /home/bmqftp
I have also tried to not specify anything on the remote side of the command.
Thanks for your help,
The user bmqftp already exists ... but I didn't know how to password-protect this account. Now I did what you instructed me to do, and I added the password to the account. I also executed the usermod with the -g option to the user, and the chmod on the its home folder, but I got the same error.
I don't know but is it possible that I'm trying to upload with the wrong command ? I already tried the send, put and even the append. I'm trying to upload all the files in one folder and I'm using send /exampleFolder/*.* /home/bmqftp
I have also tried to not specify anything on the remote side of the command.
Thanks for your help,
normally we use mput / mget. this has the annoying habit of asking for confirmation for every file. so what i do is turn off the prompt with "prompt off"
1. from command line start typing
2. ftp your.server.ip.here
3. provide username and password (ideally bmqftp and password)
4. "prompt off"
5. binary
6. mput /examplefolder/*
that should upload all the files in that folder. i personally don't know about "send". when i tried with my local server here, it works with "send" as well for one particular file. i think when you try uploading it to a folder where the user does not have "write" access then it gives you a "553" error. try avoiding *.* and use * instead. can you try with any GUI based ftp. it is only a question of having write access into the folder that is giving you the error.
this should upload the files to the home folder of that particular user. try doing the same with a different username and password from the ftp server.
1. from command line start typing
2. ftp your.server.ip.here
3. provide username and password (ideally bmqftp and password)
4. "prompt off"
5. binary
6. mput /examplefolder/*
that should upload all the files in that folder. i personally don't know about "send". when i tried with my local server here, it works with "send" as well for one particular file. i think when you try uploading it to a folder where the user does not have "write" access then it gives you a "553" error. try avoiding *.* and use * instead. can you try with any GUI based ftp. it is only a question of having write access into the folder that is giving you the error.
this should upload the files to the home folder of that particular user. try doing the same with a different username and password from the ftp server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Uau ... It worked ... I love you ...
It has been annoying for weeks ... Thanks my friend ...
The problem was exactly with the path ... But, does it always work that way ? Is there any way to take just the relative path instead of the absolute one ?
Thanks anyways,
Marcelo
It has been annoying for weeks ... Thanks my friend ...
The problem was exactly with the path ... But, does it always work that way ? Is there any way to take just the relative path instead of the absolute one ?
Thanks anyways,
Marcelo
not from command line. you can use GUI based ftp clients to upload a directory. but a send or a mput needs the user to be in that directory first.
you can do a
!cd /change/your/local/path
and then use
mput files*
note the "!" in front of the command to tell the system to execute the command locally. the regular "cd " would change directory on the ftp server.
Love you too... ;-)
you can do a
!cd /change/your/local/path
and then use
mput files*
note the "!" in front of the command to tell the system to execute the command locally. the regular "cd " would change directory on the ftp server.
Love you too... ;-)
ASKER
Ok Man ...
Thanks for the tip ...
Thanks for the tip ...
#ascii_upload_enable=YES
To
ascii_upload_enable=YES