vsFTPd stopped working after update
I have just updated to Ubuntu 12.04 LTS (Precise Pangolin) from Ubuntu Server 11.10 (Oneiric Ocelot).
It updated my vsFTPd installation, and it seems that something has changed :/ I use PAM authentication. What could have changed to cause this?
When trying to connect to the FTP server I get this error:
500 OOPS: vsftpd: refusing to run with writable root inside chroot()
I tried googling it, and it said to add allow_writable_root=YES
to the configuration file - however when I try this and try restarting vsftpd it can't restart. Why?
Here is how I actually fixed it:
wget http://http.us.debian.org/debian/pool/main/v/vsftpd/vsftpd_3.0.2-3_amd64.deb -O vsftpd.deb
dpkg -i vsftpd.deb
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
service vsftpd reload
And voila :)
I have this issue as well and think it's because of the new vsFTPd update to enhance security, so in the meantime I use this solution.
-
I chmod the folder that my FTP user comes in to as he/she first login (root folder) by using this in the terminal:
sudo chmod a-w /home/user
You can change
/home/user
to whatever is your FTP user's root folder. Create a subfolder within the folder, either by the use of GUI, or if you only have a terminal, it's:
sudo mkdir /home/user/newfolder
Now you should be able to log in and read write within the "newfolder". You will NOT be able to write in the root folder itself from the FTP client with the chmod a-w, so that is the reason for the subfolder, and there you can.
I guess there will be a fix in a not-so-long time, but in the meantime I hope this helps.
Somebody backported the feature to add allow_writeable_chroot=YES
from version 3.0.0 to 2.3.5 (see this blog entry).
To install on Ubuntu 12.04 (Precise Pangolin), run the following commands as root:
add-apt-repository ppa:thefrontiergroup/vsftpd
apt-get update
apt-get install vsftpd
echo allow_writeable_chroot=YES >> /etc/vsftpd.conf
Note that there seems to an option allow_writable_chroot=YES
in vsftpd-ext - note the mssing e! (or is this a typo in the blog post?)
vsFTPd 3.0.0 adds a configuration option,
allow_writeable_chroot=YES
to again enable the previous behavior (source: Fixing 500 OOPS: vsFTPd: refusing to run with writable root inside chroot(), comment from Brian K. White).
Unfortunately, 3.0.0 is not yet packaged by Ubuntu. So in the meantime, downgrade to some older version. For example, I am using this one on Ubuntu 12.04 (Precise Pangolin): http://packages.ubuntu.com/oneiric-updates/vsftpd