I have 1 Centos server V4.x already running VSFTPD and when the user logs in they get chrooted to the home directory, I have installed the same config files to a second server (again Centos V4.x) and have setup the same user on the second server but the user does not get chrooted to the home directory but is placed in /var/ftp/pub and cannot upload file. The files I copied are:- /etc/vsftpd.user_list /etc/vsftpd /etc/vsftpd/vsftpd.conf /etc/vsftpd.ftpusers /etc/vsftpd.chroot_list
Any clues ?
Thanks
Denis
The files I copied are:- /etc/vsftpd.user_list /etc/vsftpd /etc/vsftpd/vsftpd.conf /etc/vsftpd.ftpusers /etc/vsftpd.chroot_list
Any clues ?
Does the user exist on the system(is there a home directory for them to chroot to?, if so are the uid's the same as the other system)? Have you looked at the ftp logs to see what's going on? Are you absolutely sure ftp is what you want(<insert standard FTP security rant here>)?
The files I copied are:- /etc/vsftpd.user_list /etc/vsftpd /etc/vsftpd/vsftpd.conf /etc/vsftpd.ftpusers /etc/vsftpd.chroot_list
Any clues ?
Does the user exist on the system(is there a home directory for them to chroot to?, if so are the uid's the same as the other system)? Have you looked at the ftp logs to see what's going on? Are you absolutely sure ftp is what you want(<insert standard FTP security rant here>)?
Yes the user exists on both systems and the home directory exists on both. Yes, it is to allow another system with a FTP backup system to do its backups, I normally use RSYNC across SSH to do backups, but this system cannot be changed.
Thanks
Denis
Denis Croombs wrote:
I have 1 Centos server V4.x already running VSFTPD and when the user logs in
Any clues ?
how about not copying the files over ? its only a 1 line change in the vsftpd.conf file to enable chrooting of users...
Denis Croombs wrote:
I have 1 Centos server V4.x already running VSFTPD and when
the user
logs in
Any clues ?
how about not copying the files over ? its only a 1 line change in the vsftpd.conf file to enable chrooting of users...
Sorry, but I tried that was well.
Denis
Sorry, but I tried that was well.
You still haven't told us what the logs said. Logs are a valuable source of debugging information, and will probably help to figure out what's going wrong.
On 28/08/06, Denis Croombs denis@croombs.org wrote:
Denis Croombs wrote:
I have 1 Centos server V4.x already running VSFTPD and when
the user
logs in
Any clues ?
how about not copying the files over ? its only a 1 line change in the vsftpd.conf file to enable chrooting of users...
Sorry, but I tried that was well.
Pointing out the obvious here but have you restarted the vsftpd service?
# /etc/rc.d/init.d/vsftpd restart or # service vsftpd restart
Are the contents of /etc/shells the same on each server? Do the default shells specified in /etc/passwd for the user match on each server? And as everyone else pointed out, is there anything in /var/log/secure or /var/log/messages ?
Will.
On 28/08/06, Denis Croombs denis@croombs.org wrote:
Denis Croombs wrote:
I have 1 Centos server V4.x already running VSFTPD and when
the user
logs in
Any clues ?
how about not copying the files over ? its only a 1 line change in the vsftpd.conf file to enable chrooting of users...
Sorry, but I tried that was well.
Pointing out the obvious here but have you restarted the vsftpd service?
# /etc/rc.d/init.d/vsftpd restart or # service vsftpd restart
Are the contents of /etc/shells the same on each server? Do the default shells specified in /etc/passwd for the user match on each server? And as everyone else pointed out, is there anything in /var/log/secure or /var/log/messages ?
Hi
Yes I have restarted it after each change to the conf file. The shell for both is the same and the user can ssh onto both machines and on both systems can get to the home directory first time with no errors. No errors in ANY logs, which is why it is blowing my mind, the 1st server just worked, and this second 1 is just driving me up the wall.
Thanks for you assistance.
Denis
On 29/08/06, denis@croombs.org denis@croombs.org wrote:
Are the contents of /etc/shells the same on each server? Do the default shells specified in /etc/passwd for the user match on each server? And as everyone else pointed out, is there anything in /var/log/secure or /var/log/messages ?
Yes I have restarted it after each change to the conf file. The shell for both is the same and the user can ssh onto both machines and on both systems can get to the home directory first time with no errors. No errors in ANY logs, which is why it is blowing my mind, the 1st server just worked, and this second 1 is just driving me up the wall.
Just to verify, have you checked /etc/shells on each server too? Oh, might be worth checking /etc/nsswitch.conf too to ensure the user auth's local in both cases.
If so and it's looking OK then I'd probably start the daemon manually under strace on each system and compare what that shows on login.
Something like the following may be a good place to start:
[root@willspc ~]# strace -f /usr/sbin/vsftpd 2>&1 | grep read
Will.
On 29/08/06, denis@croombs.org denis@croombs.org wrote:
Are the contents of /etc/shells the same on each server? Do the default shells specified in /etc/passwd for the user match on each server? And as everyone else pointed out, is there anything in /var/log/secure or /var/log/messages ?
Yes I have restarted it after each change to the conf file. The shell for both is the same and the user can ssh onto both machines and on both systems can get to the home directory first time with no errors. No errors in ANY logs, which is why it is blowing my mind, the 1st server just worked, and this second 1 is just driving me up the wall.
Just to verify, have you checked /etc/shells on each server too? Oh, might be worth checking /etc/nsswitch.conf too to ensure the user auth's local in both cases.
If so and it's looking OK then I'd probably start the daemon manually under strace on each system and compare what that shows on login.
Something like the following may be a good place to start:
[root@willspc ~]# strace -f /usr/sbin/vsftpd 2>&1 | grep read
Hi Will
Thanks, I will try the strace later tonight. Yes I have checked the /etc/shells, but not the /etc/nsswitch.conf so again I will check that in a little while.
Thanks again Denis
-
Denis Croombs -
denis@croombs.org
-
Jim Perrin -
Karanbir Singh -
Will McDonald