vsftpd: Local And Virtual Users With Bash Scripts For User Maintainance (CentOS 6.0)
vsftpd is the most popular FTP server in the Linux world and is secure and fast. Recently I had to configure a FTP server quickly onto a CentOS server setup built using the minimal ISO and the server was up and running in a snap.
The server being used here is a Linux Cent OS Minimal installation build.
CentOS 6
vsftpd 2.2.2
Follow these instructions:
$ su - root
At the root shell:
# yum install vsftpd
This installs the daemon from the distribution's repository. A default config file is placed with the most basic and necessary options. Now edit the config file at /etc/vsftpd/config using your favourite editor e.g. vi.
# cd /etc/vsftpd/
# vi config
In this file comment/add or uncomment the following and leave the rest as is.
anonymous_enable=NOThis is set to YES by default.
local_enable=YES This is set to NO by default and change when you want the local users to have ftp access.
xferlog_enable=Yes This is set to NO by default. Your logs will be written to /var/log/xferlog.
Common Pitfalls & Panic Areas
Most Linux's have SELinux installed by default and this gives an error when the installer does not take care of the Selinux policy's. The error is as follows:
500 OOPS: cannot change directory:/home/someuser
This can be fixed by either disabling the selinux or setting the selinux boolean option.
Disabling SELinux:
# vi /etc/selinux/config
In this file set the option to disabled.
SELINUX=disabled
Setting SELinux for ftp access:
# getsebool -a | grep ftp
This will list a group of ftp boolean options, ftp_home_dir will by default be off. Set it on by
# setsebool -P ftp_home_dir on
This might take a min or two, wait till the prompt comes back. You can check by using the getsebool command again. If you need both local and virtual users then use the instructions in the next section.
Starting the server and test
Now set the service to start automatically at startup.
# chkconfig --levels 345 vsftpd on
Start the service
# service vsftpd start
From a different box connect to this server. Go on, you can use either a GUI or a cli client.
All set, the FTP server is ready to serve.