[CentOS] vsftpd virtual users

Tue Feb 10 21:04:40 UTC 2009
dnk <d.k.emaillists at gmail.com>

On 10-Feb-09, at 12:06 PM, Alain Reguera Delgado wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> dnk wrote:
>> Good day all,
>>
>> I have followed the wiki article on setting up vsftpd on centos with
>> virtual users.
>
> Do you refer to:
> http://wiki.centos.org/HowTos/Chroot_Vsftpd_with_non-system_users
>
> ?
>
>> I was wondering if anyone had an example of knowledge on how to add
>> another "readonly" user.
>
> Did you use the script vsftpd_virtualuser_add.sh to do so ?

No I did not. I had started originally with the http://linuxforfun.net/2008/04/05/vsftpd-virtual-users/ 
  link, and then when I came across the wiki article, I gleaned if for  
further additional info.
>
>
> I don't want to enable anon access. The issue
>> I have is that the tutorial (from the wiki) uses the same real system
>> user (ftp) - so permissions don't apply.
>
> How ? explain a bit more please.


Ok, for more detail,

I used some of the info from the wiki, and from http://linuxforfun.net/2008/04/05/vsftpd-virtual-users/ 
.

My actual vsftpd.conf is:

anonymous_enable=NO
local_enable=YES
chroot_local_user=YES
hide_ids=YES
listen=YES
local_umask=022
connect_from_port_20=YES
pasv_min_port=62222
pasv_max_port=63333
guest_enable=YES
guest_username=ftp
nopriv_user=ftp
virtual_use_local_privs=YES
write_enable=YES
pam_service_name=vsftpd-virtual
user_sub_token=$USER
local_root=/home/ftproot/$USER
listen_address=xxx.xxx.xxx.xxx
max_clients=50
session_support=NO
use_localtime=YES
userlist_enable=YES
userlist_file=/etc/vsftpd/denied_users
xferlog_enable=YES

my /etc/pam.d/vsftpd-virtual file:

auth required pam_userdb.so db=/etc/vsftpd/users/virtual-users
account required pam_userdb.so db=/etc/vsftpd/users/virtual-users



So long story short... I have for read / write:

user1
-> /home/ftproot/user1 (home folder)

Then I would like to create user2 and have read only:

user2
-> /home/ftproot/user1

D