HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   vsftp - 550 Failed to change directory (http://www.howtoforge.com/forums/showthread.php?t=4232)

latcarf 11th May 2006 15:13

vsftp - 550 Failed to change directory
 
I have been running an anonymous ftp for some time and all of a sudden any files recently added give a "550 Failed to change directory" when I or anyone else try to download them.

I just discovered this when someone sent me a file to place on my ftp then they tried to download it after. Files seem to be uploading fine and any files previously put out there seem to be downloading okay.

I have not opened the config file in some time, wasn't broke so there was no reason to fix it!

Anyone have an idea why this is happening?

falko 11th May 2006 17:07

Are there errors related to this in your logs?

latcarf 11th May 2006 22:51

Quote:

Originally Posted by falko
Are there errors related to this in your logs?

Hi Falko,

After some more investigation I found out that when anonymous users upload a file the files are "owned" by the user group ftp and it is only assigning rw permissions to the file. I assume all I need to do is either, 1) change the user group "ftp", or 2) change the config file, or both! :confused:

Tips and hints are welcome!

falko 12th May 2006 11:02

What's in your /etc/vsftpd.conf?

latcarf 12th May 2006 14:34

Quote:

Originally Posted by falko
What's in your /etc/vsftpd.conf?

Here is the config file
Code:

# Standalone mode
listen=YES
max_clients=200
max_per_ip=4
# Access rights
anonymous_enable=YES
local_enable=NO
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=YES
connect_from_port_20=YES
hide_ids=YES
pasv_min_port=50000
pasv_max_port=60000
# Features
xferlog_enable=YES
ls_recurse_enable=NO
ascii_download_enable=NO
async_abor_enable=YES
# Performance
one_process_model=YES
idle_session_timeout=120
data_connection_timeout=300
accept_timeout=60
connect_timeout=60
anon_max_rate=50000

I wonder if this line anon_other_write_enable=NO was changed to YES if that would do the trick? Note it is not running xinetd...

falko 12th May 2006 21:36

I'd change

Code:

anon_mkdir_write_enable=NO
anon_other_write_enable=NO

to YES and try again (restart vsftpd).

latcarf 12th May 2006 22:32

Quote:

Originally Posted by falko
I'd change

Code:

anon_mkdir_write_enable=NO
anon_other_write_enable=NO

to YES and try again (restart vsftpd).

I gave that a shot and the error message changed from "550 Failed to change directory" to "550 Failed to open file" plus it gave anon users the ability to delete files which is a no-no. After changing the config and restart I passed a doc to the ftp and then tried to download it from the ftp. Here is the log showing the transactions...
Code:

Fri May 12 14:55:31 2006 [pid 10277] CONNECT: Client "192.168.2.4"
Fri May 12 14:55:31 2006 [pid 10277] [ftp] OK LOGIN: Client "192.168.2.4", anon password "wsftp605@"
Fri May 12 14:55:45 2006 [pid 10277] [ftp] FAIL UPLOAD: Client "192.168.2.4", "/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 14:55:54 2006 [pid 10277] [ftp] OK UPLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 10761 bytes, 44.52Kbyte/sec
Fri May 12 14:56:06 2006 [pid 10277] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 14:56:29 2006 [pid 10277] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 14:56:32 2006 [pid 10277] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 14:56:52 2006 [pid 10277] [ftp] OK DOWNLOAD: Client "192.168.2.4", "/HowTo's/FunkyFlames.pdf", 509784 bytes, 55.78Kbyte/sec
Fri May 12 14:56:55 2006 [pid 10277] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:06:47 2006 [pid 5699] CONNECT: Client "192.168.2.4"
Fri May 12 15:06:47 2006 [pid 5699] [ftp] OK LOGIN: Client "192.168.2.4", anon password "wsftp605@"
Fri May 12 15:06:50 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:07:22 2006 [pid 5699] [ftp] OK DELETE: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG"
Fri May 12 15:07:30 2006 [pid 5699] [ftp] OK UPLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 10965 bytes, 47.44Kbyte/sec
Fri May 12 15:07:39 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:07:48 2006 [pid 5699] [ftp] OK DELETE: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG"
Fri May 12 15:08:00 2006 [pid 5699] [ftp] OK UPLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 11067 bytes, 47.35Kbyte/sec
Fri May 12 15:08:08 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:08:15 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:08:16 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:08:18 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG", 0.00Kbyte/sec
Fri May 12 15:08:26 2006 [pid 5699] [ftp] OK DELETE: Client "192.168.2.4", "/HowTo's/WS_FTP.LOG"
Fri May 12 15:09:10 2006 [pid 5699] [ftp] OK UPLOAD: Client "192.168.2.4", "/Scripts/WS_FTP.hlp", 246726 bytes, 48.46Kbyte/sec
Fri May 12 15:09:17 2006 [pid 5699] [ftp] FAIL DOWNLOAD: Client "192.168.2.4", "/Scripts/WS_FTP.hlp", 0.00Kbyte/sec
Fri May 12 15:09:26 2006 [pid 5699] [ftp] OK DELETE: Client "192.168.2.4", "/Scripts/WS_FTP.hlp"


falko 13th May 2006 12:36

Can you try
Code:

anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=NO

then?

latcarf 14th May 2006 02:05

Quote:

Originally Posted by falko
Can you try
Code:

anon_mkdir_write_enable=NO
anon_other_write_enable=NO
# Security
anon_world_readable_only=NO

then?

cool beans! :D that worked!! I feel a little embarassed since I did not see that anon line in security...

thanks for the help!


All times are GMT +2. The time now is 02:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.