CentOS 6 VSFTP FTP User Setup

I still get an Access Denied using cuteftp when I try to create a directory or upload a file.  I restarted the vsftpd service and httpd service, and still permission denied.

> when I try to create a directory or upload a file.  
Where?
Please do
ls -l  /path-to-problem-dir
id

Hi,

Please do the steps & check it.

1. shortlink to /var/ftp/pub folder to /var/www/html

 ln -s   /var/ftp/pub /var/www/html

2. set the access control by using
 setfacl -m u:apache:--x /var/ftp/pub/
 setfacl -m u:ftpuser:rwx /var/ftp/pub/

3. change the owner ship of the pub folder
 chown -R ftpuser.ftpuser pub

4. check the getfacl /var/ftp/pub folder

MS

ls -l /var/www/  looks like this:

drwxrwxr-x.  2   root         root 4096   Jul     7 06:31 cgi-bin
drwxr-xr-x.   3   root          root 4096  Sep   7 09:12 error
drwxrwxr-x.  2   root         root 4096   Nov 11  2010 html
drwxr-xr-x.   3   root          root 4096  Sep   7 11:11 icons
drwxr-xr-x.  14  root          root 4096  Sep   7 09:13 manual
drwxr-xr-x.   2   webalizer root 4096  Sep   8 03:22 usage

ls -l /var/ftp/ looks like this:

drwxrwxr-x+   2   contechftp   ftp  4096  Sep  7 14:14 pub




MS, I tried what you wrote but still no permission to create a folder, file or anything.  Create a folder gives me a "Can't create following directory:" error and "access denied" for when I try to upload.

this write permission problem in the pub folder

try

 chown -R ftpuser.ftpuser /var/ftp/pub/

OR

chmod 777 /var/ftp/pub/

MS

tried ftpuser.ftpuser  in the chown command but says invalid user.  What does the period represent in between the ftpuser.ftpuser?

ftpuser in sense ftp user, which user r  u able to access the folder

like .  chown -R ftp.ftp /var/ftp/pub/

in the above command usename is ftp

MS

Well I chmod 777 /var/ftp/pub  but still no permission.

It seems like such a simple task, all I want is my ftpuser to be able to log in through cuteftp and have full read/write access to html and cgi-bin directory.  

yes , u have to give the full permission html and cgi-bin folder to ftp user.

ftp user already exists, ran the chown command and got

lrwxrwxrwx. 1 ftp ftp 17 Sep  8 08:32 cgi-bin -> /var/www/cgi-bin/
lrwxrwxrwx. 1 ftp ftp 14 Sep  8 08:31 html -> /var/www/html/

for permissions on /var/ftp/pub

still unable to write to html or cgi-bin :(

drwxrwxr-x.  2   root         root 4096   Jul     7 06:31 cgi-bin
drwxrwxr-x.  2   root         root 4096   Nov 11  2010 html

/var/www/cgi-bin  and /var/www/html   are still owned by "root" group.
You did NOT do the third step.

If you already have ftp group, and all the ftp users are in "ftp group  (very important (step 2), please check /etc/group file to verify )
Then
chgrp   -R   ftp    /var/www/html   /var/www/cgi-bin

after  "chgrp   -R   ftp    /var/www/html   /var/www/cgi-bin"
please do
ls  -l   /var/www
grep  ftp  /etc/group
and post the result here

Still same, here's the results:

[root@servername ~]# ls -l /var/www/
total 24
drwxrwxr-x.    2 root          ftp   4096 Sep  8 08:27 cgi-bin
drwxr-xr-x.     3 root          root 4096 Sep  7 09:12 error
drwxrwxrwx.  2 root          ftp   4096 Sep  8 08:29 html
drwxr-xr-x.     3 root          root 4096 Sep  7 11:11 icons
drwxr-xr-x.   14 root          root 4096 Sep  7 09:13 manual
drwxr-xr-x.     2 webalizer root 4096 Sep  8 03:22 usage


[root@servername ~]# grep ftp /etc/group
ftp:x:50:ftpuser

From the result of "grep ftp /etc/group", it only show
login account name "ftpuser" as group.
Are you FTP login as "ftpuser"?
If you FTP login as other login name, say "miz", then please add miz into ftp group
---- /etc/group ----
ftp:x:50:ftpuser,miz
------------
Then ftp login as "miz" and try it.  (please replace "miz" with actual FTP account name).
All other FTP login name, say ftp1, ftp2.... Please add to /etc/group
ftp:x:50:ftpuser, miz,ftp1,ftp2,ftp3

my user is ftpuser, the group is ftp

I only have one user to have access via ftp

Ok, so
you ftp login CentOS as "ftpuser" and
------------
cd  /var/www/html
mkdir  test   ====> succeed or fail?

I ftp login with CuteFTP as ftpuser but cannot make a directory named test.  It fails.

I cannot run ftp on the server itself as it gives me a "command not found" error.

Would you be able to create any dir under  /var/ftp/pub ?

No, I tried that as well...  unsuccessful

Please post your vsftpd.conf
make sure
write_enable=YES

Then restart vsftpd (service vsftpd restart)

anonymous_enable=NO

local_enable=YES

write_enable=YES

local_umask=022

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

xferlog_std_format=YES

listen=YES

pam_service_name=vsftpd
userlist_enable=NO
tcp_wrappers=YES

It was already set to YES

Could ftpuser can create a test dir anywhere?
If yes, please do
ls  -l /path-to-dir   (the parent dir to "test" dir)

ftpuser can create in the /tmp folder

drwxrwxrwt.   4 root root  4096 Sep  8 15:04 tmp

Though ftpuser can create a directory in /tmp with the above permissions, I changed the permissions to match the /tmp for /var/www/html and /var/ftp/pub  but still could not create.  How is it that I can not get ftpuser permission to read and write in these directories?

OK,
1.
not through FTP(cuteftp), just directly login Ubuntu (ssh or from console) as "ftpuser", then
cd  /var/www/html
mkdir test1

If it work. then it is vsftp setting issue:

2. Create another account, say userA, for ftp on Ubuntu, add that account to "ftp" group in /etc/group.
Then login as "userA" directly, do
cd  /var/www/html
mkdir test2
to make sure userA can create directory under /var/www/html

Then use cuteftp FTP login as "userA" and create test3 directory under /var/www/html
If works, then "ftpuser" account is not right.

glad to hear you find the solution yourselves. select your post as solution and close it.

Was able to come across the answer on another forum.