vsftpd - ftpuser cannot upload files to server

3

2

I'm developing a website in Netbeans where I configured FTP to upload files to my server. On the server - Ubuntu 14.04 LTS - I created a user called "ftpuser" specifically for this task. I installed vsFTPd to handle file uploads. Its config is blow:

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
file_open_mode=0644
local_umask=022
dirmessage_enable
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
allow_writeable_chroot=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

The starting directory of ftpuser is /var/www:

ftpuser:x:1005:1007:ftp user,,,:/var/www:/bin/bash

Everytime I try to upload a file, Netbeans says "Error, file NOT sent: file.php" and packet inspection with wireshark returns me these errors:

226 - Transfer done (but failed to open directory)
553 - Could not create file.

Even with just doing ftp with the PUT operation gives me Error 553. The FTP user has no trouble logging in and changing directory.

The directory and all its subdirectories and files have the permissions set to 755 (777 - local_umask).

Is there something I'm missing? It used to work perfectly and I can't remember changing anything in Netbeans or vsFTPd.

UPDATES

The owner of the directory (and subdirectories / files) is set to:

drwxr-xr-x  6 marijn marijn 4096 Sep  1 14:21 noc

Even chowning this to ftpuser:ftpuser does not do anything.

Beeelze

Posted 2015-10-27T10:26:59.960

Reputation: 161

You give the permissions but not the owner/group of the directories. Can you please provide this ? – Pierre-Alain TORET – 2015-10-27T10:57:11.160

This is what the log says: [ftpuser] FAIL UPLOAD: Client "x.x.x.x", "/noc/app/controllers/noc/app/controllers/dashboard.php", 0.00Kbyte/sec. The directory to where it's supposed to be uploaded is noc/app/controllers. – Beeelze – 2015-10-27T11:02:32.453

Answers

1

It's an easy thing to overlook, but check if the ports that vsftpd has configured are open on your firewall.

I had similar problems where my connection to the ftp server would go through fine, but I couldn't get directory listings for the folder. I spent 6 hours searching aimlessly for a solution, but this fixed my problem.

Check your conf file for the specified ports:

vi /etc/vsftpd.conf

You're looking for these 2 lines:

pasv_max_port=12100
pasv_min_port=12000

In this case, I would open ports 12000-12100 for passive mode transfer:

ufw allow  12000:12100 /tcp

HTH

Ortund

Posted 2015-10-27T10:26:59.960

Reputation: 272

Touché! I was accessing the FTP over a forward proxy tunnel. – VH-NZZ – 2017-11-18T11:52:52.083

1

Fortunately I had a working configuration on my development server. Sometimes I need to upload some changes directly into the live server and I somehow configured vsftpd.conf differently. Also the FTP configurations in Netbeans were different.

This is what my vsftpd.conf looks like now: (notice the absence of chroot)

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

The starting directory in Netbeans was set to:

/var/www/noc

Beeelze

Posted 2015-10-27T10:26:59.960

Reputation: 161

So did you apply this conf to your other server ? Is it working now ? – Pierre-Alain TORET – 2015-10-27T12:21:24.847

@pat, Yes, this is working now. I removed everything that had something to do with chroot. It used to work with chroot, but one day it stopped working somehow. I'll use this setup for now. – Beeelze – 2015-10-27T14:55:47.110

okay, it's weird it's not working with chroot though. But good you can use it anyway. – Pierre-Alain TORET – 2015-10-27T14:58:21.120

@pat yea, im happy I can use it, I was pulling my hair out for 1,5 days :P – Beeelze – 2015-10-27T15:57:13.813

0

According to your details, I would say that your user has no permission to write in the directory that you're trying to upload to.
The owner/group is marijn. But only the user can write to the directory, group and other users can only read and enter the dir.

Your user is ftpuser.
So either you add ftpuser to marijn group, and give the right to the group marijn to /var/www/noc and subdirs : chmod -R g+w /var/www/noc or you have to make ftpuser the owner of the dir where you want to write.

Pierre-Alain TORET

Posted 2015-10-27T10:26:59.960

Reputation: 306

This would indeed be a logical thing to do. I tried both things your mentioned in your answer. First I chowned ftpuser:ftpuser to the noc directory and subdirectories. Then I tried adding ftpuser to group marijn and chmodding your command. Both have the same outcome. – Beeelze – 2015-10-27T11:17:38.733

when you do one of them, try to take ftpuser role with su - ftpuser and then try to touch a file in the directory where you want to upload, that way you will know if there's still some issue writing there. – Pierre-Alain TORET – 2015-10-27T11:19:42.357

at /var/www/noc I can touch a file but not do a directory listing with "ls". Going further, I can do anything I want. – Beeelze – 2015-10-27T11:24:41.053

Asked: 2015-10-27T10:26:59.960

Viewed: 23 864 times

Active: 2015-10-27T12:20:18.837