Wednesday, November 28, 2012

My struggle with setting up slackware 14 vsftp using a mounted windows share for the home directory

I'm in the process of taking our virtual slackware server and making a physical server running the newest slackware 14.  Along the way i've hit a few issue with newer vsftpd.

I originally hit a 500 error on login because it was not allowing login to users with write access to home.
2nd issue I had was my fstab mount using cifs to a windows machine.  Users could login and download files but they could not upload any files. 530 error message would display.

Below are my steps on a fresh clean install of slackware 14.  It will cover commands that I used to setup mirrors, configure vsftpd.config, inetd.conf, adding a new user, adding a share to fstab and running openssl for the sftp part.

information that needs to be entered in will be in the color red everything else is just my comments or instructions.

After you get to terminal we need to uncomment a location to use slackpkg update.
From terminal type:  vim /etc/slackpkg/mirrors
Exit vim by saving with :wq

Now we need to run from terminal slackpkg update
vim /etc/vsftpd.conf

From what is listed I have uncommented this below.
I had to add in Allow_writeable_chroot=YES to get past the 500 error

ftpd_banner=Private FTP.

I commented out

Save by :wq

vim /etc/inetd.conf
We need to remove the comments from the line below Very Secure Transfer Protocol(FTP) server.
ftp stream tcp nowait root /usr/sbin/tcpd vsftpd
to save :wq

restart the service from terminal by entering
/etc/rc.d/rc.inetd restart

Any users that you want to have full access to all folder on the ftp and not be locked down to their home needs to be placed in the chroot list based on what we have in our changes to vsftpd.conf
vim /etc/vsftpd.chroot_list

Create a directory under home to mount the windows share later
mkdir /home/ftp

Adding our windows share to fstab is my next step.  I had to add in for options gid=ftp,dir_mode=0777 to allow the users to upload files to the share.  If not it would display the 530 error.
vim /etc/fstab

//servername/foldershare  /home/ftp  cifs  gid=ftp,dir_mode=0777,rw,directio,username=windowusername,password=password 0 0

Now its time to create our users. I prefer to use terminal adduser and follow through the command prompts entering what information is needed.
When it asks for home it will give a default /home/username  change it to be /home/ftp/userid
the user home is now on the windows share
When it asks for groups add the user to group = ftp

Setting up SSl from terminal i chose to run this with 365 days with an rsa key of 1024

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem

Now we need to edit the inetd.conf to enable ssl Below are the values i added or changed
vim /etc/inetd.conf

Making any changes to this file you will need to either restart the system or issue the kill hup command.
I find it easiest to just restart the server before testing out ftp.

That is all the steps that I took to set up a slackware 14 vsftp server with sftp using a mounted windows share for the home directory.

I did have to ask for help in a forum to figure out my issue with fstab windows mount not allowing file uploads.  Through those suggestions I was able to apply the dir_mode option.

I hope this helps anyone else that ran into the same issue as I did.

No comments:

Post a Comment