[CentOS] Problen with vsftpd and chroot

Fri Jan 5 18:31:15 UTC 2007
Kevan Benson <kbenson at a-1networks.com>

On Friday 05 January 2007 03:46, Tony Molloy wrote:
> I'm setting up a local mirror server on a CentOS4 box. I want it to serve
> files over http, nfs and ftp.
>
> I've set this up with the mirrored directories on a separate partition.
> I've got the http and nfs working but am having some trouble with ftp.
>
> I'm using vsftpd as the ftp server. I can log in to the ftp server and get
> to the pub (/var/ftp/pub) directory. However when I try and go to the
> mirrored directories below this I get a "can't change directory error.
> The mirrored directories is a symbolic link to the actual directories on
> the separate partition.
>
> So my question is is vsftpd chrooted to the /var/ftp directory by default
> and won't follow symbolic links and if so is there any way to change this
> behaviour.
>
> I can change the mount points if I need to but I was just wondering.

vsftpd stands for Very Secure FTP Daemon, so it's primary purpose is secure 
FTP.  It very well may have checks to make sure it doesn't follow symlinks 
out of the current allowed tree, but I didn't see anything in the 
vsftpd.conf(5) man page on quick examination.  A few tests with symlinks 
pointing to directories on the same partition in and out of the default path 
for vsftpd might yield more information.

If there are issues with vsftpd and symlinks you can't work around, check the 
mount(8) man page and look up --bind.

-- 
- Kevan Benson
- A-1 Networks