553 "Permission denied on server" ProFTPD 553 Permission denied on server

Discussion in 'Server Operation' started by slow_boy, May 30, 2006.

  1. slow_boy

    slow_boy New Member

    ProFTPD 553 Permission denied on server

    --------------------------------------------------------------------------------

    I am a newbie trying to setup a LAMP server and I thought I had everything figured out until I tried to write files using FTP. When logged in under FTP using ProFTPD I get the error message 553 "Permission denied on server" error when trying to delete or overwrite files. I tried this with both the root and the new "www" user I created.

    I tried chmod 777 in for the /var/www folder, which didn't seem to help. I can log in through console and delete the same file with no problem. I am not sure if this is a configuration problem with ProFTPD or if it is a linux user problem where I just didn't set up the user right. Below is my proftpd.conf file.

    Ideally I'd like to have the www user dropped into the /var/www/ folder upon login and be able to modify files as necessary.

    Thanks for your help in advance!!

    Matt.

    #
    # /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    #

    ServerName "Streambox Linux"
    ServerType standalone
    DeferWelcome off

    MultilineRFC2228 on
    DefaultServer on
    ShowSymlinks on

    UseReverseDNS off
    IdentLookups off

    TimeoutNoTransfer 600
    TimeoutStalled 600
    TimeoutIdle 1200

    DisplayLogin welcome.msg
    DisplayFirstChdir .message
    ListOptions "-l"

    DenyFilter \*.*/

    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    #PersistentPasswd off

    # Uncomment this if you would use TLS module:
    #TLSEngine on

    # Uncomment this if you would use quota module:
    #Quotas on

    # Uncomment this if you would use ratio module:
    #Ratios on

    # Port 21 is the standard FTP port.
    Port 21

    # To prevent DoS attacks, set the maximum number of child processes
    # to 30. If you need to allow more than 30 concurrent connections
    # at once, simply increase this value. Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances 30

    # Set the user and group that the server normally runs at.
    User www
    Group www

    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask 022 022
    # Normally, we want files to be overwriteable.
    AllowOverwrite on

    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default.
    #DelayEngine off

    # A basic anonymous configuration, no upload directories.

    # <Anonymous ~ftp>
    # User ftp
    # Group nogroup
    # # We want clients to be able to login with "anonymous" as well as "ftp"
    # UserAlias anonymous ftp
    # # Cosmetic changes, all files belongs to ftp user
    # DirFakeUser on ftp
    # DirFakeGroup on ftp
    #
    # RequireValidShell off
    #
    # # Limit the maximum number of anonymous logins
    # MaxClients 10
    #
    # # We want 'welcome.msg' displayed at login, and '.message' displayed
    # # in each newly chdired directory.
    # DisplayLogin welcome.msg
    # DisplayFirstChdir .message
    #
    # # Limit WRITE everywhere in the anonymous chroot
    # <Directory *>
    # <Limit WRITE>
    # DenyAll
    # </Limit>
    # </Directory>
    #
    # # Uncomment this if you're brave.
    # # <Directory incoming>
    # # # Umask 022 is a good standard umask to prevent new files and dirs
    # # # (second parm) from being group and world writable.
    # # Umask 022 022
    # # <Limit READ WRITE>
    # # DenyAll
    # # </Limit>
    # # <Limit STOR>
    # # AllowAll
    # # </Limit>
    # # </Directory>
    #
    # </Anonymous>
     
  2. falko

    falko Super Moderator

    Which distribution do you use?
    What's the output of
    Code:
    ls -la /var
    and as which user are you logging in with FTP?
     
  3. slow_boy

    slow_boy New Member

    www@linux01:~$ ls -la /var
    total 56
    drwxr-xr-x 14 root root 4096 2005-09-09 09:49 .
    drwxr-xr-x 22 root root 4096 2006-05-02 18:31 ..
    drwxr-xr-x 2 root root 4096 2006-05-24 06:25 backups
    drwxr-xr-x 7 root root 4096 2005-09-09 09:49 cache
    drwxr-xr-x 16 root root 4096 2006-02-01 13:57 lib
    drwxrwsr-x 2 root staff 4096 2005-03-31 11:09 local
    drwxrwxrwt 4 root root 4096 2006-05-29 14:29 lock
    drwxr-xr-x 9 root root 4096 2006-05-30 06:25 log
    drwxrwsr-x 2 root mail 4096 2005-12-01 16:07 mail
    drwxr-xr-x 2 root root 4096 2001-12-31 18:32 opt
    drwxr-xr-x 11 root root 4096 2006-05-29 14:34 run
    drwxr-xr-x 4 root root 4096 2001-12-31 18:32 spool
    drwxrwxrwt 2 root root 4096 2006-05-25 12:01 tmp
    drwxr-xr-x 26 root root 4096 2006-05-30 12:51 www
     
  4. slow_boy

    slow_boy New Member

    I am logging in with user www or root. Either produces the same results.
     
  5. falko

    falko Super Moderator

    Which distribution do you use?
     
  6. slow_boy

    slow_boy New Member

    I am using Ubuntu Linux
     
  7. slow_boy

    slow_boy New Member

    Is this a difficult question or did I post it wrong? Is it just too dumb of a question? I got no responses :(
     
  8. falko

    falko Super Moderator

    Then replace
    Code:
    User www
    Group www
    with
    Code:
    User nobody
    Group npgroup
    in /etc/proftpd.conf. Also add
    Code:
    DefaultRoot  ~
    and restart Proftpd.
    Then create a new user and group, e.g. exampleuser and examplegroup, with /var/www as exampleuser's homedir.
    Then do this:
    Code:
    chown exampleuser:examplegroup /var/www
    Afterwards log in to FTP with the user exampleuser.

    You can't expect to get responses at once. :rolleyes:
     
  9. slow_boy

    slow_boy New Member

    I followed this process and I am still getting the same error, weirly enough I can create files ok, I just can't delete/modify.

    ftp> pwd
    257 "/home/www" is current directory.
    ftp> rm index.html
    553 index.html: Permission denied on server. (Delete
    ftp> mkdir dkfjds
    257 "/home/www/dkfjds" new directory created.
    ftp> rmdir dkfjds
    553 dkfjds: Permission denied on server. (Delete)
    ftp>
     
  10. till

    till Super Moderator

    please post the output of:

    ls -la /home/www
     
  11. slow_boy

    slow_boy New Member

    root@linux01:/home/www # ls -al
    total 52
    drwxrwxrwx 11 nobody 99 4096 2006-06-06 16:57 .
    drwxr-xr-x 11 root root 4096 2006-05-25 11:10 ..
    -rw------- 1 www www 868 2006-06-06 02:17 .bash_history
    drwxrwxrwx 2 nobody 99 4096 2003-08-27 17:01 bin
    drwxr-xr-x 2 www www 4096 2006-06-06 16:57 dkfjds
    drwxrwxrwx 2 nobody 99 4096 2003-05-05 15:59 doc
    drwxrwxrwx 2 nobody 99 4096 2002-06-21 14:28 help
    drwxr-xr-x 2 500 500 4096 2003-04-10 17:27 html
    drwxrwxrwx 2 nobody 99 4096 2003-05-01 17:25 images
    -rwxrwxrwx 1 nobody 99 62 2002-06-21 14:25 index.html
    drwxrwxrwx 2 nobody 99 4096 2002-06-21 14:34 logs
    drwxr-xr-x 2 nobody 99 4096 2002-06-22 07:19 Phone
    drwxrwxrwx 4 nobody 99 4096 2002-02-13 15:11 Reports
    root@linux01:/home/www #
     
  12. falko

    falko Super Moderator

    Did you delete the group with the id 99?
    What's in /etc/groups?
     
  13. slow_boy

    slow_boy New Member

    I now have access to the /home/www directory. The problem is that I need "modify" access to the /var/www/ directory.


    root@linux01:/home/www # ls -al
    total 44
    drwxrwxrwx 10 nobody 99 4096 2006-06-07 10:02 .
    drwxr-xr-x 11 root root 4096 2006-05-25 11:10 ..
    -rw------- 1 www www 868 2006-06-06 02:17 .bash_history
    drwxrwxrwx 2 nobody 99 4096 2003-08-27 17:01 bin
    drwxrwxrwx 2 nobody 99 4096 2003-05-05 15:59 doc
    drwxrwxrwx 2 nobody 99 4096 2002-06-21 14:28 help
    drwxr-xr-x 2 500 500 4096 2003-04-10 17:27 html
    drwxrwxrwx 2 nobody 99 4096 2003-05-01 17:25 images
    drwxrwxrwx 2 nobody 99 4096 2002-06-21 14:34 logs
    drwxr-xr-x 2 nobody 99 4096 2002-06-22 07:19 Phone
    drwxrwxrwx 4 nobody 99 4096 2002-02-13 15:11 Reports
    root@linux01:/home/www #
     
  14. falko

    falko Super Moderator

    What about my previous questions?
    How do you mean that?
     
  15. slow_boy

    slow_boy New Member

    I do not know how to delete 99?

    I have a "group" file, but no "groups" file in /etc


    root:x:0:
    daemon:x:1:
    bin:x:2:
    sys:x:3:
    adm:x:4:
    tty:x:5:
    disk:x:6:
    lp:x:7:
    mail:x:8:
    news:x:9:
    uucp:x:10:
    man:x:12:
    proxy:x:13:
    kmem:x:15:
    dialout:x:20:
    fax:x:21:
    voice:x:22:
    cdrom:x:24:
    floppy:x:25:
    tape:x:26:
    sudo:x:27:
    audio:x:29:
    dip:x:30:
    www-data:x:33:
    backup:x:34:
    operator:x:37:
    list:x:38:
    irc:x:39:
    src:x:40:
    bin:x:2:
    sys:x:3:
    adm:x:4:
    tty:x:5:
    disk:x:6:
    lp:x:7:
    mail:x:8:
    news:x:9:
    uucp:x:10:
    man:x:12:
    proxy:x:13:
    kmem:x:15:
    dialout:x:20:
    fax:x:21:
    voice:x:22:
    cdrom:x:24:
    floppy:x:25:
    tape:x:26:
    sudo:x:27:
    audio:x:29:
    dip:x:30:
    www-data:x:33:
    backup:x:34:
    operator:x:37:
    list:x:38:
    gnats:x:41:
    shadow:x:42:
    utmp:x:43:
    video:x:44:
    sasl:x:45:
    plugdev:x:46:
    staff:x:50:
    games:x:60:
    users:x:100:
    nogroup:x:65534:
    crontab:x:101:
    ssh:x:102:
    postfix:x:103:
    postdrop:x:104:
    syslog:x:105:
    klog:x:106:
    lpadmin:x:107:
    scanner:x:108:
    admin:x:109:matt,alex
    matt:x:1001:
    mysql:x:110:
    alex:x:1002:
    ntp:x:111:
    lance:x:1000:
    nogroup:!:201:
    ftp:x:23:
    matthew:x:1003:
    www:x:1004:
     
  16. falko

    falko Super Moderator

    Sorry, I meant /etc/group.
    Can you try
    Code:
    chown -R :nogroup /home/www/*
    ?
     

Share This Page