I have a problem with vsftpd not allowing anonymous users to append to files that they have uploaded. Uploading files initially works perfectly file. Changing the permissions on the uploaded files does not help. Is there a setting that I have not been able to find that allows appending to existing files?
For some background, the problem I am trying to solve is allowing uploads to continue if the upload is broken.
An example is found in the following log:
Tue Jan 3 14:06:38 2012 [pid 28433] CONNECT: Client "xxx.xxx.xxx.xxx"
Tue Jan 3 14:06:38 2012 [pid 28433] FTP response: Client "xxx.xxx.xxx.xxx", "220 (vsFTPd 2.2.2)"
Tue Jan 3 14:06:40 2012 [pid 28433] FTP command: Client "xxx.xxx.xxx.xxx", "USER anonymous"
Tue Jan 3 14:06:40 2012 [pid 28433] [anonymous] FTP response: Client "xxx.xxx.xxx.xxx", "331 Please specify the password."
Tue Jan 3 14:06:41 2012 [pid 28433] [anonymous] FTP command: Client "xxx.xxx.xxx.xxx", "PASS <password>"
Tue Jan 3 14:06:41 2012 [pid 28432] [ftp] OK LOGIN: Client "xxx.xxx.xxx.xxx", anon password "?"
Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "230 Login successful."
Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "SYST"
Tue Jan 3 14:06:41 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "215 UNIX Type: L8"
Tue Jan 3 14:06:56 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "CWD uploads"
Tue Jan 3 14:06:56 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "250 Directory successfully changed."
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "TYPE I"
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 Switching to Binary mode."
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "PORT xxx.xxx.xxx.xxx,229,167"
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 PORT command successful. Consider using PASV."
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "STOR test"
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "150 Ok to send data."
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] OK UPLOAD: Client "xxx.xxx.xxx.xxx", "/uploads/test", 12 bytes, 0.15Kbyte/sec
Tue Jan 3 14:06:59 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "226 Transfer complete."
Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "PORT xxx.xxx.xxx.xxx,222,100"
Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "200 PORT command successful. Consider using PASV."
Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "APPE test"
Tue Jan 3 14:07:11 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "550 Permission denied."
Tue Jan 3 14:07:13 2012 [pid 28434] [ftp] FTP command: Client "xxx.xxx.xxx.xxx", "QUIT"
Tue Jan 3 14:07:13 2012 [pid 28434] [ftp] FTP response: Client "xxx.xxx.xxx.xxx", "221 Goodbye."
Best Answer
I'd suggest you want to set
anon_other_write_enableto YES.As per the vsftpd documentation:
The problem though, is that with this, any anonymous user could modify/overwrite any other anonymously uploaded file.
(As a point of mention, vsftpd defines 'write operations' as: STOR, DELE, RNFR, RNTO, MKD, RMD, APPE and SITE.)