6

I wish to configure vsftpd in 11.10 so that when a user connects he is shown or redirected to a specific folder. The name of the folder is not related to the user or home folder. It is related to a folder in /var/www. For example:

If user cyrex logs in ftp he is redirected to /var/www/gamers or at least shown a gamers folder inside his home folder that redirects to /var/gamers. If user camelot logs in ftp he is redirected to /var/www/food or at least shown a food folder inside his home folder that redirects to /var/food. ...

The thing he should not leave his home folder and can only access folders inside his home folder that are redirected to other parts like the /var/www/FOLDERS.

UPDATE: In one way of configuration the user should see his home folder and also a folder that redirects him to /var/www/UserFolder. In another way of configuring VSFTPD the user should just be redirected to /var/www/UserFolder without even seeing his home folder, just the var/www specific to him. Can both methods be shown in one answer so I can test both to see which one is better.

What is the easier way to do this.

Luis Alvarado
  • 211,503
  • 1
    I would recommend proftpd though. I use it and it seems a lot simpler. – Severo Raz Oct 29 '11 at 17:50
  • If you can add the way of doing what am asking here with proftpd and it looks easier than vsftpd then I will change the question to it. the point is to do this with an ftp server. – Luis Alvarado Oct 29 '11 at 18:01

3 Answers3

6

You just have to modify the startup call for vsftpd. The user_config_dir argument will tell the server to look for a configuration in the directory /etc/vsftpd_user_conf/luis if the user luis logs in. Analogously with any other user that logs in. I guess that if no configuration file is found the server will fallback to the default one.

Anyway, take a quick read at this manual page (which you can access too from the terminal with man vsftpd) : http://vsftpd.beasts.org/vsftpd_conf.html

This other guide can help you with using custom directories for your server: http://gofedora.com/how-to-configure-secure-ftp-server-vsftpd/

Severo Raz
  • 5,971
  • 1
    Ok lets say that I want the user to have access to his home folder but also to another folder in /var/www. How would the config file look like. I have updated the question to reflect this. – Luis Alvarado Oct 29 '11 at 17:54
  • 1
    Hm, so if I understand correctly, you want ftp://address/to/server/ to display his home folder and his "ftp folder" located at /var/www/user? Take a look at the second answer in this post: http://serverfault.com/questions/222906/vsftpd-local-root-var-www-sites-user-doesnt-get-interpreted . So you will be able to select a custom directory on a per-user basis, and you could also create a mount (as shown in the second link I have you) that would serve as a link from the ftp folder to the user's home directory. – Severo Raz Oct 29 '11 at 18:15
  • @Severo Raz There is nothing on user_config_dir in the second link. And precious little about it in the manual, barring its definition and formatting - said to be identical to that of vsftpd.conf . . . – Trunk Apr 08 '23 at 20:49
0

It is unclear from some sources whether it works with virtual users or normal (local) users as well. It works for local users too.

It was also unclear for me what I can set in the user-specific file.

So, here is what you can do:

  1. edit the config file: sudo vim /etc/vsftpd.conf
  2. add this line to it: user_config_dir=/etc/vsftpd/user_config_dir/
  3. exit the editor with saving the changes (ESC and then :wq in case of vim, what we used above)
  4. edit the user-specific file, for example, if the user is alice then sudo vim /etc/vsftpd/user_config_dir/alice
  5. add the user-specific settings to the file, for example local_umask=0737
  6. exit the editor with saving the changes (see above)
  7. repeat the last three steps for each user for whom you want to specify any user-specific settings.
  8. restart the ftp server: sudo service vsftpd restart

Note: The above example enforces the user alice to create files with permission string ----r-----. This is useful if alice is your scanner who only uploads files to the server. The scanner never wants to read, change or execute the uploaded files but other users from the same group are allowed to read these files, like copying them for editing. These users still can delete the uploaded files if the permissions for the directory are set properly.

Csongor Halmai
  • 101
0

It can work with multiple users but I can't find a way for it to apply the settings made in the separate user configuration files within the designated user_config-dir.

What I got with just 2 FTP accounts on the same server, e.g. website @myserver.org and otherstuff@myserver.org, was that it ignored the local_root locations designated in the website.conf and otherstuff.conf files within the user_config_dir folder and simply rooted the FTP connections to the user's home directory in both cases. All this despite having tried it with chroot_local_user=NO and chroot_local_user=YES.

With a single user and only the vsftpd.conf file needed for configuration, I can root the FTP account no problem at say /var/www/html/mysite.org as long as I get ownership, group and permissions appropriate.

I haven't given up entirely on vsftpd as it's the FTP server most widely used in YouTube and online tutorials on setting up one's own server. But there is little more than I can do to get it to work for multiple users - and this is something I must do as I host more than one domain on my server and there's a website on each which requires at least 1 secure FTP account.

What makes me so suspicious is the total absence of an established SFTPD User Forum where the more experienced can assist the less experienced.

Setting such a forum up on say GitHub would be straightforward enough. You would think that such a forum - effectively a bug trap also - would be essential for a continuing project.

But SFTPD owners seem to think otherwise.

Trunk
  • 318