1

I'm new to FTP and I've been following this DigitalOcean tutorial.

Everything works great except that a user (at least in FileZilla) cannot write to the root of his /home/user/ftp folder, only /home/user/ftp/files. An attempt to create in the root folder results in:

Command: PASV Response: 227 Entering Passive Mode (104,131,29,61,191,224).

Command: STOR asdfa

Response: 553 Could not create file.

Error: Critical file transfer error

I scanned /etc/vsftpd.conf file for the word files but I can't find that config anywhere. I've used FTP before and generally you drop and and the files are right there, without needing to navigate to folders.

Is this a chown problem of some sort in Ubuntu?

Is it possible to just allow a user to write to root and if so, how?

Castaglia
  • 3,239
  • 3
  • 19
  • 40
dsp_099
  • 43
  • 1
  • 8

2 Answers2

1

Your default /etc/vsftpd.conf doesn't initially include all the possible directives the configuration file supports. The rest can be found from man vsftpd.conf.

Answer to your question can be found in the very tutorial you are following:

FTP is generally more secure when users are restricted to a specific directory. vsftpd accomplishes this with chroot jails. When chroot is enabled for local users, they are restricted to their home directory by default. However, because of the way vsftpd secures the directory, it must not be writable by the user. This is fine for a new user who should only connect via FTP, but an existing user may need to write to their home folder if they also shell access.

In other words, you have created the /home/user/ftp folder to allow vsftp use chroot jails without making the home folder /home/user/ read only to the user. Therefore you are already doing best practices and should not be worried about the error as it is normal and desired behaviour.

It is possible but highly not recommended to disable chroot jail.

If this is only about enchanging the user experience, you could try append directly to /home/user/ftp/files after login by adding/modifying vsftp.conf directives:

user_sub_token=$USER
local_root=/home/$USER/ftp/files
Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
  • Will software which relies on access to said FTP will follow your last suggestion? Last I heard it's *configured* to look in root, hence the problem. – dsp_099 Mar 21 '17 at 11:12
  • Supposedly the the FTP client appends now directly to `/home/$USER/ftp/files` which should been seen as FTP root now, but haven't personally tested (as I'm not running vsftpd on a test environment). Please reply or accept the answer, if the last suggestion actually does the magic. :) – Esa Jokinen Mar 23 '17 at 16:13
0

You'd have to make the /home/user/ftp directory writable again (it was disabled in the tutorial)

sudo chmod a+w /home/sammy/ftp

and enable writable chroot in vsftp config:

allow_writeable_chroot=YES

However, this option is considered DANGEROUS. It's prone to the "Roaring Beast" attack. You can find more info about the risk here:

Lukasz Wiktor
  • 101
  • 2