Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: vsftpd anonymous upload

  1. #1
    Larry Bristol NNTP User

    Default vsftpd anonymous upload

    I cannot get this to work, and none of the "solutions" I can find using
    google search seem to help at all. Has anyone gotten vsftpd configured
    correctly to support anonymous uploads?

    TIA


  2. #2
    Join Date
    Dec 2008
    Location
    GMT-7
    Posts
    382

    Default Re: vsftpd anonymous upload

    Can you post back your vsftpd.conf file? You may want to censor any passwords, etc. you have in there first before posting.
    Desk: AMD Phenom II X4 945 8GB RAM Radeon HD 3300 Arch Linux Xfce 4.8
    Lap: Intel 2.13GHz Core i3 M330 8GB RAM nVidia GeForce 310M Arch Linux KDE 4.7.3

  3. #3
    Larry Bristol NNTP User

    Default Re: vsftpd anonymous upload

    twelveeighty wrote:
    > Can you post back your vsftpd.conf file? You may want to censor any
    > passwords, etc. you have in there first before posting.


    You betcha! I should have done that one the original post.

    vsftpd.conf
    ------------
    dirmessage_enable=YES
    nopriv_user=ftpsecure
    anonymous_enable=YES
    anon_world_readable_only=YES
    anon_other_write_enable=YES
    syslog_enable=YES
    connect_from_port_20=YES
    pam_service_name=vsftpd
    listen=YES
    ssl_enable=NO

    anon_mkdir_write_enable=YES
    anon_root=/srv/ftp
    anon_umask=0077
    anon_upload_enable=YES
    chroot_local_user=NO
    file_open_mode=0666
    ftpd_banner=Welcome message
    idle_session_timeout=900
    local_enable=YES
    log_ftp_protocol=NO
    max_clients=10
    max_per_ip=8
    pasv_enable=YES
    pasv_max_port=40500
    pasv_min_port=40000
    ssl_sslv2=NO
    ssl_sslv3=NO
    ssl_tlsv1=YES
    write_enable=YES


  4. #4
    Join Date
    Dec 2008
    Location
    GMT-7
    Posts
    382

    Default Re: vsftpd anonymous upload

    Here are a couple of things to check:

    * The user ftpsecure exists and has write-access to your /srv/ftp folder.

    * Turn on logging with log_ftp_protocol=YES and xferlog_enable=YES. Then try a transaction and check the /var/log/vsftpd.log file.

    I guess I haven't asked you the most basic question: what exactly does (not) work? Are you able to log in and download anonymously? Is it just the upload that fails?

    Also: is your FTP client using PASV protocol?
    Desk: AMD Phenom II X4 945 8GB RAM Radeon HD 3300 Arch Linux Xfce 4.8
    Lap: Intel 2.13GHz Core i3 M330 8GB RAM nVidia GeForce 310M Arch Linux KDE 4.7.3

  5. #5
    Larry Bristol NNTP User

    Default Re: vsftpd anonymous upload

    twelveeighty wrote:
    > Here are a couple of things to check:
    >
    > * The user ftpsecure exists and has write-access to your /srv/ftp
    > folder.
    >
    > * Turn on logging with log_ftp_protocol=YES and xferlog_enable=YES.
    > Then try a transaction and check the /var/log/vsftpd.log file.
    >
    > I guess I haven't asked you the most basic question: what exactly does
    > (not) work? Are you able to log in and download anonymously? Is it just
    > the upload that fails?
    >
    > Also: is your FTP client using PASV protocol?
    >


    This is not a new server; it has been running for awhile. Anonymous
    downloads work. For actual users, both downloads and uploads work. So
    far, the only problem I have observed is anonymous uploads do not. When I
    attempt that, the file transfer seems to go normally, but at the end, I
    get:
    553 could not create file.

    User "ftpsecure" exists, assuming this simply means there is an entry for
    the user in the /etc/passwd file.

    You want me to check permissions for /srv/ftp? I thought uploads would go
    into the ftpsecure user's home directory, which is /var/1ib/empty. (This
    is a strange location as far as I'm concerned. If this is where anonymous
    uploads will go, I will want to change this when I get it working. In
    fact, see below.)

    I confirmed that user "ftpsecure" does have write permission for his own
    home directory. Still get the "553 could not create". I changed this
    user's home directory to /srv/ftpUploads, and made sure he had permission
    to write. I still get the same 553 error.

    Now looking at "srv/ftp" as the target directory.
    If I do "chmod 777 /srv/ftp" I get:
    500 OOPS: vsftpd refuses to run with writable anonymous root

    So I tried using group permissions:
    (user "ftpsecure" changed to be a member of group "ftp")
    chown root:ftp /srv/ftp
    chmod 775 /srv/ftp
    I still get the same "500 OOPS" error

    Now trying direct ownership:
    chown ftpsecure:ftp /srv/ftp
    chmod 755 /srv/ftp
    No "500 OOPS", but now it goes back to the same "553 could not create file"
    error.

    The FTP client I am using is FileZilla. It is using PASV.

    I do not think it is a transmission problem, but I will activate the logging
    you requested, and post the results when available.

    Thanks again for helping!


  6. #6
    Larry Bristol NNTP User

    Default Re: vsftpd anonymous upload

    twelveeighty wrote:
    > * Turn on logging with log_ftp_protocol=YES and xferlog_enable=YES.
    > Then try a transaction and check the /var/log/vsftpd.log file.


    Fri Apr 16 08:45:13 2010 [pid 17112] CONNECT: Client "192.168.179.58"
    Fri Apr 16 08:45:13 2010 [pid 17111] [ftp] OK LOGIN:
    Client "192.168.179.58", anon password "anon@localhost"
    Fri Apr 16 08:45:22 2010 [pid 17115] CONNECT: Client "192.168.179.58"
    Fri Apr 16 08:45:22 2010 [pid 17114] [ftp] OK LOGIN:
    Client "192.168.179.58", anon password "anon@localhost"
    Fri Apr 16 08:45:23 2010 [pid 17116] [ftp] FAIL UPLOAD:
    Client "192.168.179.58", "/xls2csv-1.06.tar.gz", 0.00Kbyte/sec
    Fri Apr 16 08:50:54 2010 [pid 17174] CONNECT: Client "192.168.179.58"
    Fri Apr 16 08:50:55 2010 [pid 17173] [ftpsecure] OK LOGIN:
    Client "192.168.179.58", anon password "anon@localhost"
    Fri Apr 16 09:03:40 2010 [pid 17231] CONNECT: Client "192.168.179.58"
    Fri Apr 16 09:03:41 2010 [pid 17230] [ftp] OK LOGIN:
    Client "192.168.179.58", anon password "anon@localhost"
    Fri Apr 16 09:03:54 2010 [pid 17234] CONNECT: Client "192.168.179.58"
    Fri Apr 16 09:03:54 2010 [pid 17233] [ftp] OK LOGIN:
    Client "192.168.179.58", anon password "anon@localhost"
    Fri Apr 16 09:03:55 2010 [pid 17235] [ftp] FAIL UPLOAD:
    Client "192.168.179.58", "/xls2csv-1.06.tar.gz", 0.00Kbyte/sec

    Is that filepath serious?!? Is it REALLY trying to write the file into
    the / directory?!?


  7. #7
    Join Date
    Dec 2008
    Location
    GMT-7
    Posts
    382

    Default Re: vsftpd anonymous upload

    Quote Originally Posted by Larry Bristol View Post
    Is that filepath serious?!? Is it REALLY trying to write the file into
    the / directory?!?
    I think you're close, according to (http://www.linuxjournal.com/article/7520):

    Create an anonymous FTP user account, such as ftp, and make sure its home directory is set to [..] (/srv/ftp). Your system already may have such an account. The anonymous ftp user should not be able to write in its home directory, and it should never own any files or directories.
    Also try from (I'd like to strangle vsftpd - anonymous uploads denied [Archive] - Ubuntu Forums

    To enable anonymous uploads you need to create a directory in the ftp root directory that is world writable. So for example by default the ftp area is /home/ftp.

    So do:
    sudo mkdir /home/ftp/incoming
    sudo chmod a+rwx /home/ftp/incoming

    Now anon users will be able to upload into /incoming.

    You must have the following in your vsftpd.conf:
    anonymous_enable=YES
    write_enable=YES
    anon_upload_enable=YES
    Desk: AMD Phenom II X4 945 8GB RAM Radeon HD 3300 Arch Linux Xfce 4.8
    Lap: Intel 2.13GHz Core i3 M330 8GB RAM nVidia GeForce 310M Arch Linux KDE 4.7.3

  8. #8
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    19,852
    Blog Entries
    14

    Default Re: vsftpd anonymous upload

    My suggestion: install yast*ftp*server packages. They give you all the options to configure vsftpd.
    ° Appreciate my reply? Click the star and let me know why.

    ° Perfection is not gonna happen. No way.

    https://en.opensuse.org/openSUSE:Board#Members
    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

  9. #9
    Join Date
    Dec 2008
    Location
    GMT-7
    Posts
    382

    Default Re: vsftpd anonymous upload

    Quote Originally Posted by Knurpht View Post
    My suggestion: install yast*ftp*server packages. They give you all the options to configure vsftpd.
    After years of using openSUSE and vsftpd, I never clued into that there may be a Yast module for it.

    Wow - that's awesome. I feel stupid and amused at the same time.
    Desk: AMD Phenom II X4 945 8GB RAM Radeon HD 3300 Arch Linux Xfce 4.8
    Lap: Intel 2.13GHz Core i3 M330 8GB RAM nVidia GeForce 310M Arch Linux KDE 4.7.3

  10. #10
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    19,852
    Blog Entries
    14

    Default Re: vsftpd anonymous upload

    Quote Originally Posted by twelveeighty View Post
    After years of using openSUSE and vsftpd, I never clued into that there may be a Yast module for it.

    Wow - that's awesome. I feel stupid and amused at the same time.
    I know that feeling. And love it, makes me aware of the fact it's even better than I already know.


    Yast has 2 modules for FTP server, one of them offers a choice between pureftp and vsftp
    ° Appreciate my reply? Click the star and let me know why.

    ° Perfection is not gonna happen. No way.

    https://en.opensuse.org/openSUSE:Board#Members
    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •