Create virtual users on Ubuntu 16.06

June 7, 2017 296 views
DigitalOcean Development LAMP Stack PHP System Tools Ubuntu

Hello,

I want to create virtual users that will have dedicated jailed folders(in /var/www/html/users...) with chroot, these users should connect using ftp(vsftpd).

To do this I have followed the steps from approved answer from the link: https://askubuntu.com/questions/575523/how-to-setup-virtual-users-for-vsftpd-with-access-to-a-specific-sub-directory
Only difference is that I have left "listen=NO"

Everything seems to be set up okay, only problem is that when I try to connect with ftp, it gives error "500 OOPS: cannot change directory:".

I have found here how to solve the problem: https://nurikabe.blog/2009/06/15/defeating-vsftp-error-500-oops-cannot-change-directorysomedirectory/
According to this solution I have to run command "getsebool -a | grep ftp", when I run it I get "getsebool: SELinux is disabled" error.
When I run the command "getenforce" it returns "Disabled" despite file in /etc/selinux/config looks like this (SELINUX=enforcing):

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# default - equivalent to the old strict and targeted policies
# mls     - Multi-Level Security (for military and educational use)
# src     - Custom policy built from source
SELINUXTYPE=ubuntu

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

As a bottom line, my problem is that I can't enable SELinux.

Any ideas what can be the reason of the problem?

1 comment
  • Hi! Since SELinux seems to be disabled, something else is causing that error. Does the user you're logging in as have permission to access their jail folder? Can you post the output of the following command for every directory in the path? (For example, say the path is /var/www/html/user, you'd run it for /var /var/www /var/www/html and /var/www/html/user)

    stat -f '%Sp %N' /var /var/www/ ...
    
Be the first one to answer this question.