I have the following config on my Ubuntu 12 server:
1 - vsftpd installed and configured with the config file settings:
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dir_message_enable=YES
use_locatime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
#chroot_list_enable=YES (commented out)
chroot_list_file=/etc/vsftpd.chroot_list
secure_choot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/ect/ssl/private/vsftpd.pem
user_config_dir=/etc/vsftpd/user_conf
2 - I have an ftp user setup in which their home directory is
/var/www
3 - When I connect to the server with filezilla with the new ftp username, filezilla automatically shows the webroot, as desired.
The problem is the permissions of the files; every file the ftpuser uploads to the /var/www directory are set so both the owner and the group of the file is of the ftp user.
Also the permissions are
-rw-------
Which of course means every file a try to access through a std browser receives the forbidden warning.
The /var/www's owner is 'www-data' and the group is 'webroot'.
webroot is a group I created separately and added the ftp user to, along with a few others.
How can I best correct this so that a std browser doesn't receive the forbidden warning when trying to view a file uploaded by the ftp user?
Firstly I believe you should do a
chmod g+son /var/www. This will ensure that files created in this directory inherit the group from the parent directory.Secondly, it looks like the file mode can be controlled by a vspftpd.conf value:
If you're still having problems, have a look at the
umaskfor the FTP user, this may be set in the user's~/.bashrc