3

As soon as I login with my virtual users in ftp I get "cannot change directoy", I have the following configuration in vsftpd.conf. Please suggest

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=002
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
hide_ids=YES
user_config_dir=/data/some-path/ftp/users
local_root=/data/some-path/ftp/data/$USER
guest_username=vsftpd
Castaglia
  • 3,349
  • 3
  • 21
  • 42
Aman
  • 183
  • 1
  • 2
  • 9

4 Answers4

4

Looks like in order for the user to be able to be chroot'd to the directory configured, all the parent directories must have read and execute permissions, otherwise they will be denied for security reasons.

Aman
  • 183
  • 1
  • 2
  • 9
1

I think your users are going to be bound to their home directories with chroot_local_user=YES, maybe try setting your ftp user's home directory to /data/some-path/ftp/data/$USER else see what happens when with chroot_local_user=NO

essefbx
  • 43
  • 9
0

I enabled the following settings in /etc/vsftpd.conf to get past the same error message:

listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO

Also, ran the following command:

sudo chmod +x /home/ -R
jwbradley
  • 1
  • 1
0

This is likely an SELinux issue, try setting

/usr/sbin/setsebool -P ftp_home_dir 1

and see if that fixes it.

user9517
  • 115,471
  • 20
  • 215
  • 297