I have just updated to Ubuntu 12.04 LTS (Precise Pangolin) from Ubuntu Server 11.10 (Oneiric Ocelot).
It updated my vsFTPd installation, and it seems that something has changed :/ I use PAM authentication. What could have changed to cause this?
When trying to connect to the FTP server I get this error:
500 OOPS: vsftpd: refusing to run with writable root inside chroot()
I tried googling it, and it said to add allow_writable_root=YES to the configuration file - however when I try this and try restarting vsftpd it can't restart. Why?
Here is how I actually fixed it:
wget http://http.us.debian.org/debian/pool/main/v/vsftpd/vsftpd_3.0.2-3_amd64.deb -O vsftpd.deb
dpkg -i vsftpd.deb
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
service vsftpd reload
And voila :)
I have this issue as well and think it's because of the new vsFTPd update to enhance security, so in the meantime I use this solution.
I chmod the folder that my FTP user comes in to as he/she first login (root folder) by using this in the terminal:
sudo chmod a-w /home/userYou can change
/home/userto whatever is your FTP user's root folder.Create a subfolder within the folder, either by the use of GUI, or if you only have a terminal, it's:
sudo mkdir /home/user/newfolderNow you should be able to log in and read write within the "newfolder". You will NOT be able to write in the root folder itself from the FTP client with the chmod a-w, so that is the reason for the subfolder, and there you can.
I guess there will be a fix in a not-so-long time, but in the meantime I hope this helps.
Somebody backported the feature to add
allow_writeable_chroot=YESfrom version 3.0.0 to 2.3.5 (see this blog entry).To install on Ubuntu 12.04 (Precise Pangolin), run the following commands as root:
Note that there seems to an option
allow_writable_chroot=YESin vsftpd-ext - note the mssing e! (or is this a typo in the blog post?)vsFTPd 3.0.0 adds a configuration option,
to again enable the previous behavior (source: Fixing 500 OOPS: vsFTPd: refusing to run with writable root inside chroot(), comment from Brian K. White).
Unfortunately, 3.0.0 is not yet packaged by Ubuntu. So in the meantime, downgrade to some older version. For example, I am using this one on Ubuntu 12.04 (Precise Pangolin): http://packages.ubuntu.com/oneiric-updates/vsftpd
Another way of doing thing as user Kristian it does: It worked for me. The username I use is 'john'. Replace it for the username you want.
sudo chmod a-w /home/john- Removes permission for all users to delete or modify a file.sudo mkdir /home/john/ftp- Creates a folder named 'ftp' in the home dir of user 'john'sudo chown -Rv john.john /home/john/ftp- Changes ownership of the dir to group 'john' and user 'john'.Why?
Taken and adapted from my own answer in bug 1065714.
In order to keep stable releases stable, updates after release are only considered under specific circumstances. Details of the process and of the criteria required are listed here: https://wiki.ubuntu.com/StableReleaseUpdates#When
This does make it difficult for users of the LTS release to have writeable chroots, since the upstream vsftpd project decided to release without this feature at the time that 12.04 was released. Now that 12.04 is released and the fix doesn't meet the above criteria, I don't think this will change for 12.04. But note that the Stable Release Updates Team makes the final decision on this, and an update hasn't been proposed to them.
If you'd like a newer version of vsftpd to be made generally available for users who do want to use the "allow_writeable_chroot" option, then the backports repository is an appropriate venue for this. With a backport, users who want the feature could just add the backports repository and install vsftpd from there. You can find out more about backports and how to request one here: https://wiki.ubuntu.com/UbuntuBackports
In the meantime, The Frontier Group has kindly provided a PPA, as described in lumbric's answer. Or you can use one of the other answers here that works for you.