Link to home
Start Free TrialLog in
Avatar of andersenks
andersenksFlag for United States of America

asked on

vsftpd permissions with groups

I have a directory "/mnt/storage" that local users connect via SMB and remote users FTP to. The smb.conf file is configured to use a group (group 500 "thisgroup") to manage permission for individual users and write permissions to 770. The FTP account when used labels the user as the FTP user (user 506) instead of the group 500 and writes permission to 644.

Is there a way to configure the vsftpd.conf to do the same thing the smb.conf does

Attached below is the current conf for SMB and vsftpd

Thanks!
smb.conf...
[global]

        # logs split per machine
;       log file = /var/log/samba/%m.log
        # max 50KB per log file, then rotate
;       max log size = 5000

        log level = 2

        netbios name = server
        workgroup = domain
        server string = storage server
        security = group

[homes]
        comment = Home Directories
        path = /home/%U
        valid users = %S
        read only = No
        browseable = No
        writeable = yes
        create mode = 0775

[storage]
        path = /mnt/storage
        writeable = yes
        force group = thisgroup    <-"500"
        valid users = @thisgroup   <-"500"
        create mask = 770
        directory mask = 770
vsftpd.conf...

anonymous_enable=NO
#
local_enable=YES
#
write_enable=YES
#
local_umask=022
#
#anon_upload_enable=YES
#
#anon_mkdir_write_enable=YES
#
dirmessage_enable=YES
#
xferlog_enable=YES
#
connect_from_port_20=YES
#
chown_uploads=YES
chown_username=thisgroup   <-"500"
#
xferlog_file=/var/log/xferlog
#
xferlog_std_format=YES
#
#idle_session_timeout=600
#
#data_connection_timeout=120
#
#nopriv_user=ftpsecure
#
#async_abor_enable=YES
#
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
#ftpd_banner=Welcome to blah FTP service.
#
#deny_email_enable=YES
#banned_email_file=/etc/vsftpd/banned_emails
#
chroot_local_user=YES
chroot_list_enable=NO
chroot_list_file=/etc/vsftpd/chroot_list
#
ls_recurse_enable=YES
#
listen=YES
#
#listen_ipv6=YES

pasv_enable=NO
# pasv_max_port=22000
# pasv_min_port=22005
pasv_promiscuous=YES
# port_enable=YES
pam_service_name=vsftpd
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
tcp_wrappers=YES

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of farzanj
farzanj
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of andersenks
andersenks
Flag of United States of America image

ASKER

so change the local_umask=022 to something like local_umask=007 in the vsftpd.conf file?
Avatar of farzanj
farzanj
Flag of Canada image
You have to set the create mode in your samba config.  This would set the permissions of newly created files to be 660 and folders to be 770.

If this doesn't work, you have to set umask
Put the following in the ~/.bash_profile file for the ftp account.
umask 007