Setting up an FTP server with different user folders on Ubuntu 12.04

authored by Frank Lynam at 17/07/2013 06:41:16

In this post I’m going to describe what should have been a fairly straightforward procedure. I’ve just arrived back on Crete after my wedding hiatus up in Sweden and I wanted to be able to use my VMware Ubuntu 12.04 LTS image that I’m already using as a HTTP server to also act as an FTP server. I’ve done this a thousand times on Windows servers and thought that I would be able to get it up and running in no time. Unfortunately, I was wrong. Here’s how I finally got it working.

  1. I installed vsftpd, the FTP daemon as follows:

	sudo apt-get install vsftpd

No surprises thus far so.

  1. I then modified the /etc/vsftpd.conf file to include only the following instructions:

	listen=YES
	anonymous_enable=YES
	local_enable=YES
	write_enable=YES
	dirmessage_enable=YES
	use_localtime=YES
	xferlog_enable=YES
	connect_from_port_20=YES
	ftpd_banner=Welcome to Frank's FTP service.
	chroot_list_enable=YES
	secure_chroot_dir=/var/run/vsftpd/empty
	pam_service_name=vsftpd
	rsa_cert_file=/etc/ssl/private/vsftpd.pem
	allow_writeable_chroot=YES
  1. I then created a folder to hold custom setup commands for different users:

	mkdir /etc/vsftpd_user_conf/
  1. I then created a file for each user in this folder. Give the file the name of the user that you will create in the next step and add the following lines:

	dirlist_enable=YES
	download_enable=YES
	write_enable=YES
  1. Next I created system user accounts for each user that I wanted to be able to log into my FTP server. Specify a home directory for the user that you want to make visible when the user logs in to your FTP server.

	useradd [USERNAME] -d [PATH TO USER HOME DIRECTORY] -m

(where [USERNAME] is the name of the new user)

  1. And set the user’s password:

	passwd [USERNAME]
  1. I then needed to make sure that the access privileges for the user’s home directory would allow him to read and write (if required). You can do this by running:

	ls [PATH TO HOME DIR] –lA

This will list the access rights for the folder.

You can change the access rights to readwrite for all users by calling:


	chmod 666 [PATH OF HOME DIR]
  1. OK, we’re almost there. vsftpd 2.3.5, which is packaged with Ubuntu 12.04 does not support the allow_writeable_chroot feature and without this vsftpd will not allow the user to log into a folder that he has write access to. A custom build of vsftpd was released by The Frontier Group (http://blog.thefrontiergroup.com.au) that resolves this problem. It’s explained in more detail here (http://blog.thefrontiergroup.com.au/2012/10/making-vsftpd-with-chrooted-users-work-again/). You can install the update by running the following commands:

	apt-get install python-software-properties
	add-apt-repository ppa:thefrontiergroup/vsftpd
	apt-get update
	apt-get install vsftpd
  1. Finally restart vsftpd

	service vsftpd restart

And that’s it. You should now be able to log into your Ubuntu server and point users towards a specific folder. Enjoy!

Comments

submit