vsftp的安裝

安裝ubuntu miniserver 12.04

其中vsftpd總是無法順利完成

1,重新安裝vsftpd的指令

sudo apt-get remove --purge vsftpd

sudo apt-get install vsftpd

2,重新啟動

sudo /etc/init.d/vsftpd start

3,設定檔在   /etc/vsftpd.conf

其中比較要注意的是幾個設定值

例如：(拿掉＃)

• 將使用者限定在家目錄中   chroot_local_user = YES

• 可否寫入write_enable=YES

• 任何入讀取匿名ftp資料夾  anonymous_enable=YES

4,匿名ftp預設登入目錄為  /srv/ftp

*******參考文件***********************************

500 OOPS: vsftpd: refusing to run with writable root inside chroot()

Posted on February 25, 2013 by admin

This is one of the most annoying and frustrating problems I have run into lately. This supposed security fix makes vsftp simply unusable after upgrading to Ubuntu 12.04 from 10.04. No amount of cajoling or messing with options will get it working again.
The fix is pretty easy though, just copy/paste these lines into a terminal. It will update your /etc/vsftpd.conf that stopped working after you upgraded.
This has been tested and works on Ubuntu 12.04

wget http://http.us.debian.org/debian/pool/main/v/vsftpd/vsftpd_3.0.2-2_amd64.deb
dpkg -i vsftpd_3.0.2-2_amd64.deb
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
service vsftpd reload

*******參考文件***********************************
這是新版的 vsftpd 又增加了安全性的設定了，它不允許你的根目錄的權限設定是可以寫入的




所以你必須把該使用者的家目錄，可寫入的權限拿掉才能正常的登入

chmod a-w /home/user




*******參考文件***********************************

Before you close this out to repetition, I have been researching all of the proposed solutions to this bug and so far I have been unable to keep a FTP user jailed to their website directory. While I am not a ubuntu server expert, I wanted to reach out to the community to see if anyone has found a solution that both fixes this bug and keeps the user jailed to their directory.

My vsftpd settings that I changed:

listen_port=9000
Set: anonymous_enable=NO 
Uncomment: local_enable=YES 
Uncomment: write_enable=YES 
Uncomment: local_umask=022 
Set: connect_from_port_20=NO 
Uncomment: idle_session_timeout=600
Uncomment: data_connection_timeout=120 
Comment out: #ftpd_banner=Welcome to blah FTP service. [should be on line 104]
Added: banner_file=/etc/issue.net 
Uncomment: chroot_local_user=YES
Uncomment: chroot_local_user=YES 
Uncomment: chroot_list_enable=YES 
Uncomment : chroot_list_file=/etc/vsftpd.chroot_list

At the end of the file I added:

# Show hidden files and the "." and ".." folders.
# Useful to not write over hidden files:
force_dot_files=YES

# Hide the info about the owner (user and group) of the files.
hide_ids=YES

# Connection limit for each IP:
max_per_ip=10

# Maximum number of clients:
max_clients=5

# FTP Passive Settings
pasv_enable=YES
#If your listen_port is 9000 set this range to 7500 and 8500
pasv_min_port=[port range min]
pasv_max_port=[port range max]

The user in question mybloguser is jailed to her website directory under /srv/www/myblog and this user is not part of the nano /etc/vsftpd.chroot_list file. The user’s home directory is also /srv/www/myblog which used to work in the past.

I tried the allow_writeable_chroot=YES solution which did not work, and actually broke vsftpd completely.

I have tried:

http://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot

VSFTPd stopped working after update

http://programster.blogspot.com/2012/12/ubuntu-1204-setting-up-ftp-server-with.html

How can we both fix this error and keep the user jailed to their home directory?