# Pure-FTPd Permission Questions

## jtp755

I have searched around a bit and havent come across my solution so if someone finds it sry i didnt look as hard. I have pure-ftp working great...except for the fact that i cant delete anything. I want only me/myuser to be able to delete files off the FTP and other users to be able to upload/create dirs like its setup now. How can this be accomplished? I have a dir set up for FTP specifically /home/ftpuser/FTP. i have the ftpgroup group and the ftpuser user setup as described in the pure-ftp how-to. I also use virtual users as my user DB. If there is anything else i need to post ill be glad to.

----------

## jtp755

Anyone have any ideas? It would be appreciated.

----------

## sebest

i think it's quite easy

it's all about unix permissions

example:

user1 -> read/write

user2 -> read only

chown user1 /home/ftpuser/FTP

chmod 755 /home/ftpuser/FTP

then create your virtual user

user1 mapped as unix user1

and user2 mapped at nobody

i don't have the man of pure-pw , but it's something like this:

pure-pw add user1 -u user1 -d /home/ftpuser/FTP ....

pure-pw add user2 -u nobody -d /home/ftpuser/FTP ....

so when user1 will log on it will be chroot in /home/ftpuser/FTP, he will have write accesses because he is mapped as user1 who has write access, but user2 will be mapped as user nobody who has only the right of the group other , it means r_x , so he can read and not create or delete

if you want that user2 can write but not delete files of other users, you can use the sticky bit, if you need fine grained right, you should have a look at acl.

hope it mays help you.

----------

## sebest

about this:

> I want only me/myuser to be able to delete files off the FTP and other users to be able to upload/create dirs like its setup now.

you should try to setup the sticky bit, like in /tmp :

chmod 1777 YOUR_DIR

or use the acl of filesystems like XFS

----------

## jtp755

can yall clarify "the sticky bit"? So I need to create a 2 system users....one that has read/write/delete and one that has read/write? after that..edit my current FTP users and map my user to the system user with read/write/read and then rest to the user with read/write. and then chmod my dir as 1777.

How do i map the users? I think i saw a file somewhere but im short on time right now.

Thanks for your help.

----------

## sebest

the sticky bit allow everyone to write in a directory but you can only delete the files that you created, like in /tmp

----------

## jtp755

that would defeat the purpose i am achieving tho....i want only me to be able to delete any file(s) on the ftp and other users can write and create files/dirs. Is this not possible? Should i follow your first suggestion?

----------

## sebest

In my option it's not possible because if a user has the right to create it means he has write access, so he can delete the file he created.

If you follow my first suggestion only you can create/delete files, other people can only download/read these files

thats the purpose of the /pub directory on ftp servers, most of the time /pub is world writable dans / is only writable by a restricted number of people in your case, you.

And then you must move files from the /pub into / or the hierarchy that you choosed.

the thing that you asked in the first place could only be done using acl, and not the unix permissions.

----------

## jtp755

where can i find out information on acl? and is it a safe choice?

----------

## jtp755

ok...i have tried everything you have posted in here and nothign works. i cant even delete my own files. i can only delete files if i am logged in to my server as root and am in the dir.

----------

## jtp755

ok....i started off and i followed the virtual users guide that i got at pure-ftpds website here: Virtual Users Guide but i couldnt delete anythign there so i was just like w/e. well now i have gotten to the point that i need to be able to delete stuff w/o being in front of my server and just being able to log in to the ftp and delete any file i want(actually to be able just to delete my own files right now is good) so i have posted. I tried all of the things you have to do in here with the exception of acl. I still cannon delete any file(even ones created by me). Why is this? Should i just start over? This is really screwed up but its probably just me.

----------

## newtonian

Almost 10 years late... : P but if it helps someone else with pureftp on gentoo....

If both mysql and pam useflags are set pureftp may have permission problems. 

To get around this if you are only using mysql for authentication, turn the pam use flags off.

cat /etc/portage/package.use | grep pure

net-ftp/pure-ftpd -ldap mysql -pam ssl vchroot sysquota

The guide:

http://www.gentoo-wiki.info/PureFTPd

has pam on but it should be off.  I'm using verison 1.0.32-r2 was able to reproduce the problem,

no permission for delete or rename.  Issue gone once I recompiled with the pam use flag off.

Cheers,

----------

