User login

Home
 How to give a user global FTP privileges (with vsftpd)

How to give a user global FTP privileges (with vsftpd)

Submitted by Benjamin Melançon on January 30, 2007 - 8:58am
in

This guide applies to CentOS (a generic version of Red Hat Enterprise Linux, or RHEL) and vsftpd.

There's actually not much reason to give a Linux user FTP access to your entire server; each user can access its own directory, which is fine for user mywebsite. But this can be useful for an admin to create a generic FTP user, with a different username and password from any users with sudo to root capabilities.

cd etc
sudo vi vsftpd/vsftpd.conf

In /etc/vsftpd/vsftpd.conf, uncomment these lines (press i to enter insert/edit mode):

chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list

So that the relevant section looks like:

# You may specify an explicit list of local users to chroot() to their home
chroot_local_user=YES
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list

(Press esc to exit edit mode and Shift-ZZ to save and quit Vim.)

Then,

sudo vi vsftpd.chroot_list

And type in the user or users (one per line) you want to break out of the chroot jail and give global FTP to.

And don't forget:

sudo /etc/init.d/vsftpd restart

(Changes to vsftpd.chroot_list will take affect without restarting vsftpd, but a restart after editing vsftpd.conf is required.)

This guide applies to CentOS (a generic version of Red Hat Enterprise Linux, or RHEL) and vsftpd.

There's actually not much reason to give a Linux user FTP access to your entire server; each user can access its own directory, which is fine for user mywebsite. But this can be useful for an admin to create a generic FTP user, with a different username and password from any users with sudo to root capabilities.

cd etc
sudo vi vsftpd/vsftpd.conf

In /etc/vsftpd/vsftpd.conf, uncomment these lines (press i to enter insert/edit mode):

chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list

So that the relevant section looks like:

# You may specify an explicit list of local users to chroot() to their home
chroot_local_user=YES
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list

(Press esc to exit edit mode and Shift-ZZ to save and quit Vim.)

Then,

sudo vi vsftpd.chroot_list

And type in the user or users (one per line) you want to break out of the chroot jail and give global FTP to.

And don't forget:

sudo /etc/init.d/vsftpd restart

(Changes to vsftpd.chroot_list will take affect without restarting vsftpd, but a restart after editing vsftpd.conf is required.)

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <blockquote> <small> <h2> <h3> <h4> <h5> <h6> <sub> <sup> <p> <br> <strike> <table> <tr> <td> <thead> <th> <tbody> <tt> <output>
  • Lines and paragraphs break automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.