0

I have a small issue with VSFTPD, and I'm not able to resolve it yet, so I'm coming here to get your tips !

The user has a ftp directory in its home, which is a mount point through s3fs, to access a S3 bucket. Settings to start my s3fs :

s3fs mybucket -o dbglevel=info -f -o curldbg -o url=https://s3-eu-central-1.amazonaws.com -o use_cache=/tmp/myuser -o use_path_request_style -o uid=UID-of-my-user -o gid=GID-of-my-user /home/user/ftp/

Content of the home directory, with permissions :

4 drwxr-xr-x 4 user nfsnobody 4096 Aug 10 08:19 .
4 drwxr-xr-x 7 root    root      4096 Aug 11 07:31 ..
4 -rw------- 1 user usergroup   1750 Aug 11 10:27 .bash_history
4 drwxrwxr-x 3 user usergroup   4096 Aug 10 08:17 .local
4 -rw------- 1 user usergroup   62 Aug 10 08:18 .passwd-s3fs
4 drwxrwxr-x 2 user usergroup   4096 Aug 11 10:28 ftp

Wide settings on the ftp directory, as I tried a lot of things to find a solution, will fix it later.

When I start s3fs, the permissions for the ftp directory are modified :

1 drwx------ 1 user usergroup      0 Jan  1  1970 ftp

My vsftpd.conf :

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
#chroot_local_user=YES
#allow_writeable_chroot=YES
#user_sub_token=\$USER
#local_root=/home/\$USER/ftp
listen=YES
pam_service_name=vsftpd
tcp_wrappers=YES
pasv_min_port=40000
pasv_max_port=50000
pasv_address=3.124.254.185
userlist_file=/etc/vsftpd.userlist
userlist_enable=YES
userlist_deny=NO
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log

As you can see, the settings for chroot are disabled for the moment. My user is in the vsftp.userlist file

If I try to log in with that config, it works, I can log in, go into the ftp directory and do whatever I have to do. However, if I enforce the chroot config, I do have the following error message :

500 OOPS: cannot change directory:/home/user/ftp

I am clueless on what to do now. I really need the user to go directly into the ftp directory, as the app that will use this FTP user is verrrrry old and cannot be configured otherwise.

Any idea ?

Arthur Deslauriers
  • 13
  • 3

0 Answers0