I have a server with centos 6.2 with httpd and vsftpd.
I have few web site in /var/www and i want to add a ftp user for each site.
My user1 home directory is /home/user1 and can read/write to it folder from ftp. (it's the user i use to ssh and almost everything)
I made user2 which home is /var/www/site2 and bash setting /bin/nologin (because i want it to be just a ftp user)
I can log in the FTP with the user2 and download file, but i can't upload file or mkdir...
The permission are :
for /var/www :
drwxrwxr-x. 13 root root 4096 Aug 21 14:08 .
for /var/www/site2 :
drwxrwxrwx. 2 user2 user2 4096 Aug 21 14:35 site2
(the 777 was just for testing...)
My vsftpd.conf is :
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=NO
log_ftp_protocol=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
banner_file=/etc/vsftpd/banner
My iptables is currently stop for testing, so the problem is not my firewall either...
SELinux is enabled :
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
When i disabled it, it's working! :)
How can I enabled it and keep my vsftpd working?
Thank in advance for your help
Answer
What are the rights on /var/www/site2?
User2 will need write access to this directory at the file system level. For instance /var/www/site2 needs to be something like:
ls /var/www
drxwr-xr-x user2 www-data site2/
Make sure SELinux is disabled as well
setsebool -P allow_ftpd_full_access 1
No comments:
Post a Comment