Solved

VSFTPD: Problems with upload

Posted on 2006-11-05
11
1,002 Views
Last Modified: 2013-12-16
Sorry guys,
I know that questions about this topic is all over the EE, but I couldn't really find an answer that could solve my problem ... Also, I'm so tired that maybe I overlapped the settings and it couldn't work anyway ....

I'm not experienced in Linux and I'm trying to setup vsftpd for the first time.

Scenario:

I can login, download, but not upload. When I  try to upload, I receive the known 553-Could not create file

Setup:

I created a new user using useradd. The account has no password and it is already unlocked.
On this account home dir, I executed the chown -hR account and chmod -R 777
I tried to read the vsftpd.log, but I couldn't understand anything.
Follows, my vsftpd.conf ...
I hope you guys help me ...
Thanks,

----------------------------------
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES

pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
#enable for standalone mode
listen=YES
tcp_wrappers=YES
chroot_local_user=yes
----------------------------------
0
Comment
Question by:marcelocbf
  • 6
  • 4
11 Comments
 
LVL 12

Expert Comment

by:ibu1
ID: 17879028
Change
#ascii_upload_enable=YES

To
ascii_upload_enable=YES

0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17879843
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=bmqftp


you seem to be changing the owner ship of the files when uploaded.  does "bmqftp" have write access into the folders?  check for that part of it as well.  

comment these lines and restart vsftpd.  try uploading. if that happens, check for ownership of files.

then uncomment the lines and ensure that bmqftp has write access and try uploading.
0
 

Author Comment

by:marcelocbf
ID: 17895678
ibu1 -> I've set ascii_upload_enable to YES, but it didn't work

ygoutham -> I think this may be the problem. As I said above, I just created the user, but I don't know how to check if it has write permissions ... Probably not, because I don't know how to check that. Can you please tell me how to check ?

Thanks,
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17895729
i am assuming that you do not have a user called bmqftp and writing the below

useradd -d /path/to/ftp/folder bmqftp
passwd bmqftp (the system would prompt you to add the password for the user)

any subsequent user added to the system can be added with the primary group as "bmqftp"

useradd -g bmqftp -d /path/to/ftp/folder ygoutham
passwd ygoutham

this ensures that the users belong to the group called bmqftp.  change the ownership of the folders which are meant for ftp users

chmod 770 /path/to/ftp/folder -R
chgrp bmqftp /path/to/ftp/folder -R

now try uploading files once you are logged in as "bmqftp". the system should take the files uploaded without giving an error.

good luck
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17895731
if bmqftp already exists as a user, then

usermod -g bmqftp bmqftp
usermod -g bmqftp ygoutham (for the rest of the users and you can also add "-d /some/home/folder" also as an option)
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:marcelocbf
ID: 17904200
Hi ygoutham,

The user bmqftp already exists ... but I didn't know how to password-protect this account. Now I did what you instructed me to do, and I added the password to the account. I also executed the usermod with the -g option to the user, and the chmod on the its home folder, but I got the same error.

I don't know but is it possible that I'm trying to upload with the wrong command ? I already tried the send, put and even the append. I'm trying to upload all the files in one folder and I'm using send /exampleFolder/*.* /home/bmqftp

I have also tried to not specify anything on the remote side of the command.

Thanks for your help,
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17904812
normally we use mput / mget.  this has the annoying habit of asking for confirmation for every file.  so what i do is turn off the prompt with "prompt off"

1.  from command line start typing
2.  ftp your.server.ip.here
3.  provide username and password (ideally bmqftp and password)
4.  "prompt off"
5.  binary
6.  mput /examplefolder/*

that should upload all the files in that folder.  i personally don't know about "send".  when i tried with my local server here, it works with "send" as well for one particular file.  i think when you try uploading it to a folder where the user does not have "write" access then it gives you a "553" error.  try avoiding *.* and use * instead.  can you try with any GUI based ftp.  it is only a question of having write access into the folder that is giving you the error.

this should upload the files to the home folder of that particular user.  try doing the same with a different username and password from the ftp server.

0
 
LVL 14

Accepted Solution

by:
ygoutham earned 350 total points
ID: 17904828
ok.  change of track.
do the following commands from a different machine other than the ftp server.
1.  cd /exampleFolder
2.  ftp your.ftp.server.ip
3.  provide username and password
4.  prompt off
5.  binary
6.  mput *

i tried doing the same with the absolute path and found that the system gives me a cannot upload error.  remove the path and just use only the * to indicate all files.

when you are using "send /folder/* "   it assumes that the same folder structure at the remote end also and since it cannot find the directory at the remote end it gives you an error.  

the trick is to first be in the directory FROM which you want to upload and then do only a "mput *" without the path reference.

good luck
0
 

Author Comment

by:marcelocbf
ID: 17906960
Uau ... It worked ... I love you ...

It has been annoying for weeks ... Thanks my friend ...

The problem was exactly with the path ... But, does it always work that way ? Is there any way to take just the relative path instead of the absolute one ?

Thanks anyways,

Marcelo
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17912572
not from command line.  you can use GUI based ftp clients to upload a directory.  but a send or a mput needs the user to be in that directory first.

you can do a

!cd /change/your/local/path
and then use

mput files*

note the "!" in front of the command to tell the system to execute the command locally.  the regular "cd " would change directory on the ftp server.

Love you too... ;-)

0
 

Author Comment

by:marcelocbf
ID: 17915227
Ok Man ...

Thanks for the tip ...
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now