Package: vsftpd Version: 3.0.2-20 Severity: minor Hello,
Foreword: I guess I will find out how to convince it to DWIW when I dig long enough but the current installation is either buggy or have severe usability issues (see below). I tried to setup a simple FTP server for drop-by uploads in a secure local network. I.e. just enabling anonymous user to do what he wants in an incoming directory. This apparently failed. I have read the config file and IMHO have set everything I needed, it still tells me: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() And yes, I did restart it with the service(8) command. I looked around the documentation, couldn't find anything useful. The message itself sounds like BS: when I set write_enable I mean write enabling so it should just let me do so. Or maybe there is another trick in the application design (playing cluelss here *g*) that the message refers to but then it should be properly documented, in some kind of FAQ or simple explanation. I only found related keywords in /usr/share/doc/vsftpd/SECURITY but it's full of technic details that a USER won't like to read and won't read long enough to understand the implications that might be mentioned somewhere in the 4th line of the 7th paragraph. PS: I found secure_chroot_dir option in the vsftp.conf manpage now. It refers to /var/run/vsftpd/empty and it exists and looks ok for me: drwxr-xr-x 2 root root 40 Jul 18 09:20 /var/run/vsftpd/empty Even "chmod -w" on that did not change the situation. Regards, Eduard. -- Package-specific info: -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.2+ (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages vsftpd depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.56 ii init-system-helpers 1.23 ii libc6 2.19-19 ii libcap2 1:2.24-9 ii libpam-modules 1.1.8-3.1 ii libpam0g 1.1.8-3.1 ii libssl1.0.0 1.0.2c-1 ii libwrap0 7.6.q-25 ii netbase 5.3 Versions of packages vsftpd recommends: ii logrotate 3.8.7-2 ii ssl-cert 1.0.36 vsftpd suggests no packages. -- Configuration Files: /etc/vsftpd.conf changed: listen=NO listen_ipv6=YES anonymous_enable=YES local_enable=YES write_enable=YES anon_upload_enable=YES anon_mkdir_write_enable=YES dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=NO -- debconf information: * vsftpd/directory: /srv/ftp * vsftpd/username: ftp -- <pasc> man <pasc> the AMD64 camp is not helped by the list of people supporting it <pasc> when nerode is on your side, you know you're doing something wrong -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
