I need to allow users to upload files to an FTP server anonymously. They should not be able to see any other files, or download files. It is a CentOS 5.2 server. I have a separate partition for the the upload area (mounted at /ftp).
I have tried to set up vsftpd, followed all the instructions/advice I could find. But, when a user logs in and tries to transfer a file it throws a "553 could not create file." error. If I do a 'pwd' it shows the directory as "/" rather than the anon_root of "/ftp/anonymous". Any attempt to change the remote directory ends with "550 Failed to change directory.". I have a subdirectory "/ftp/anonymous/incoming" that is writable for the uploads
SELinux is in permissive mode.
I am running version 2.0.5 release 16.el5 of vsftpd.
Here is the vsftpd.conf file:
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=002
anon_umask=007
file_open_mode=0666
anon_upload_enable=YES
anon_mkdir_write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=inftpadm
xferlog_std_format=YES
nopriv_user=nobody
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
ftp_username=inftpadm
anon_root=/ftp/anonymous
anon_other_write_enable=NO
anon_mkdir_write_enable=NO
anon_world_readable_only=NO
dirlist_enable=YES
Can anyone help?
Best Answer
The configuration file is pretty straightforward. Here's where you're going wrong:
You have an entry duplicated (which shouldn't be a big deal), and you have anon_other_write_enable set to NO. Also, if you're going to use the second line, make sure you have the service disabled in inetd/xinetd.
After changing the SELinux context you also need to reboot to relabel the file system. Run sestatus to see the current context.