# vsftpd setup

## carpman

Hello, setting up vsftpd on local home server and need bit of advice.

I have it working, local users can log on ok, anonymous can log on but but not upload, think this a /home/ftp owner permission issue. 

Who should own the home/ftp dir and what permissions should it have?

There is an ftp group should i use this?

Second thing is that i only want to have anonymous access for user on local network but have a guest account with password for allowing access to known users, is this possible?

cheers

----------

## oumpah-pah

To enable anonymous upload, you should have these lines in /etc/vsftpd/vsftpd.conf:

 *Quote:*   

> write_enable=YES
> 
> anon_upload_enable=YES

 

and at least one subdirectory writable by the ftp user.

----------

## Headhunter123

I have an vsftp question too:

How can I share symlinked directories over several directories?

That's the only thing which doesn't work for me atm..

Thanks for help  :Smile: 

----------

## UberLord

 *Headhunter123 wrote:*   

> How can I share symlinked directories over several directories?
> 
> That's the only thing which doesn't work for me atm..

 

If you're chrooting your users and any part of the symlink path goes outside the choot then you need to use mount --bind instead of symlinks

----------

## carpman

 *oumpah-pah wrote:*   

> To enable anonymous upload, you should have these lines in /etc/vsftpd/vsftpd.conf:
> 
>  *Quote:*   write_enable=YES
> 
> anon_upload_enable=YES 
> ...

 

Yep already done this, original question asked about who should own /home/ftp and thus who should make it writable?

Currently it is owned root:root as setup by vsftpd in conf user is set as nobody, so should i use the ftp user/group already on system? or should i make /home/ftp owned root:nobody and make it writable for group?

I know what it is i have to do just not sure who best to have /home/ftp owned by!

----------

## carpman

 *Headhunter123 wrote:*   

> I have an vsftp question too:
> 
> How can I share symlinked directories over several directories?
> 
> That's the only thing which doesn't work for me atm..
> ...

 

Found that earlier

https://forums.gentoo.org/viewtopic-t-357068-highlight-vsftpd.html

----------

## oumpah-pah

As I said, ftp user should have write permission wherever you want anonymous upload to be permited.

----------

## carpman

 *oumpah-pah wrote:*   

> As I said, ftp user should have write permission wherever you want anonymous upload to be permited.

 

we are going around in circles here  :Sad: 

yes i know that the issue is write permission but what i want to know is who is it best to have as the ftp user?

currently /home/ftp is thus:

```

# ls -l /home

total 0

drwxr-xr-x  2 root     root      48 Jul 25 00:14 ftp

```

vsftpd.conf

```

background=YES

listen=YES

anonymous_enable=YES

local_enable=YES

write_enable=YES

anon_upload_enable=YES

anon_mkdir_write_enable=YES

dirmessage_enable=YES

connect_from_port_20=YES

xferlog_enable=YES

xferlog_file=/var/log/vsftpd.log

nopriv_user=nobody

ascii_upload_enable=YES

ls_recurse_enable=YES

```

do i change /home/ftp to be owned by ftp or nobody?

Do set nopriv_user= to ftp and set /home/ftp to be owned by ftp:ftp

cheers

----------

## oumpah-pah

OK, sorry, I must admit that it was not clear. So to make it simple:

```
chown ftp:ftp /home/ftp

chmod 0755 /home/ftp
```

----------

## carpman

 *oumpah-pah wrote:*   

> OK, sorry, I must admit that it was not clear. So to make it simple:
> 
> ```
> chown ftp:ftp /home/ftp
> 
> ...

 

many thanks that was what i wanted, though in vsftpd.conf do i leave:

```

nopriv_user=nobody

```

or change to

```

nopriv_user=ftp

```

cheers  :Smile: 

----------

## oumpah-pah

You leave

 *Quote:*   

> nopriv_user=nobody

 

----------

## carpman

Hello, ok getting error when using gftp:

```

Connected to caxton:21

220 Welcome to my home FTP.

USER anonymous

331 Please specify the password.

PASS xxxx

500 OOPS: vsftpd: refusing to run with writable anonymous root

Disconnecting from site caxton

```

----------

## Nil_Spaar

The solution to that is: Put "vsftpd: refusing to run with writable anonymous root" into google and look at the answers (atm the first hit leads right to the solution).

 *Quote:*   

> 
> 
> vsftp FAQ
> 
> Q) Help! I'm getting the error message "refusing to run with writable anonymous root". 
> ...

 

----------

## carpman

 *Nil_Spaar wrote:*   

> The solution to that is: Put "vsftpd: refusing to run with writable anonymous root" into google and look at the answers (atm the first hit leads right to the solution).
> 
>  *Quote:*   
> 
> vsftp FAQ
> ...

 

Yep i did find but so busy getting ready for house  move that had not implimeted it or replied here.

The thing is i would only like to do that can't find via google and seems to bit odd it allow anon access for local users but not interent, TOS for ISP don't allow open anon ftp but don't want to have to keep logging on locally though i did read somewhere that you can do an FTP mount.

thanks anyway

----------

## unaos

but why i cant browse dirs owned by ftp ? 

```
mako ftp # ls -l

ÉÔÏÇÏ 0

drwxr-xr-x 5 ftp ftp 136 äÅË  1 08:48 dirs

drwxr-xr-x 2 ftp ftp  48 äÅË  5 00:01 s2

drwx------ 2 ftp ftp  48 äÅË  5 00:00 ss

drwxr-xr-x 4 ftp ftp  96 äÅË  4 22:42 users

```

the ftp session

```

ftp> ls ss

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

226 Transfer done (but failed to open directory).

ftp> ls s2

200 PORT command successful. Consider using PASV.

150 Here comes the directory listing.

-rw-r--r--    1 0        0               0 Dec 05 12:17 test

226 Directory send OK.

ftp> 
```

a part of config file 

```

mako ftp # grep user /etc/vsftpd/vsftpd.conf 

guest_username=ftp

nopriv_user=nobody

chown_username=ftp

chroot_local_user=YES

ftp_username=ftp

user_config_dir=/etc/vsftpd/users/
```

btw, its with virutal users and process is owned by ftp user.

----------

