Setup chroot ftp user in Centos with Selinux enabled

The requirement is to setup a FTP server as that can be mounted in Mac OSX.

a) Install vsftpd

yum install vsftpd

b) Add a user

useradd ftpu

c) Change the permission of user by editing /etc/passwd

Change the shell to /sbin/nologin as we do not want this user to login

Change the directory to /ftpdir

d) Enabled the chroot in /etc/vsftpd/vsftpd.conf

chroot_local_user=YES

This will ensure the ftp user will not be allowed to move out side the home directory.

e)Now in case selinux is enabled the user will not be able to login. You need to allow the access in selinux

setsebool -P ftp_home_dir on

f) After this the user will be able to login but will not be able to write inside the directory we need to enabled that as well in selinux

setsebool -P allow_ftpd_full_access=1

Please note the selinux command will take some time to complete. So be patient

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s