This is with a fresh install of openwrt on a wrt1900ac router using openwrt 18.06
The goal is to setup an anonymous read only VSFTPD server on my router running openwrt 18.06 that shares the contents i have stored in a drive which is attached to the router via USB.
I have been trying to setup an anonymous read only FTP server using VSFTPD. I am able to login using the root account login but it only shows me a blank directory which i believe is
/home/ftp
I did login to the router using winscp to edit the file "vsftpd.conf" which is located in the "/etc" folder and did this
I am connecting to it via lan IP address 192.168.1.1 via wired Ethernet. And it's plugged in directly from the computer I'm using to Port 1 on the router.
i ran those commands in putty and found the test file.
i re-added the "anon_root" command with the directory going to the drive (and i even placed a picture in the drive) and restarted vsftpd. i logged back in filezilla and it shows me an empty directory but says it connected successfully.
When i try to login the ftp server via chrome browser, it says the site cannot be reached.
when i remove anon_root from the configuration file and restart vsftpd, things work again and i can see the test file.
Most likely you don't have enough permissions to access the target directory.
Fix mount options in case of NTFS and fix permissions recursively in case of native Linux FS.
Sidenote: I should state that i am a windows user and now kind of a fan of dd-wrt. was a huge fan but not much anymore after what i have been seeing going on since around 2014.
-anyway-
So after checking the commands you had me write, this is what i did.
I swapped the drive for a fat32 drive with the same files on it and plugged it into openwrt. i set it up the same way did with the other drive and then ran the same chmod commands but with 755 pointing to /tmp/mnt/sda1/ and the 777 pointing to /tmp/mnt/sda1/FTP/Basmaff. Which did not work. I have no idea what the chmod commands and their numbers mean or do.
|Command:|USER anonymous|
|---|---|
|Response:|500 OOPS: vsftpd: refusing to run with writable root inside chroot()|
|Error:|Could not connect to server|
I am going to stop for now. take a short break because all i expected to do was this.
install openwrt
install vsftpd via command line
edit configuration text file for vsftpd
run vsftpd via command line
up and running with files on seperate usb drive attached to router now being shared via anonymous FTP.
But instead I have been stuck for the past 4-5 hours, along with a couple of other days, trying to share a folder on a router via FTP with users being able to login anonymously to grab whatever they want from shared folder.
So why would someone like me choose to use openwrt?
Because its lightweight upon install. Just install your programs and your good to go. It also has better ipv6 support. But i did not realize that it would be this complex and hard to carry out some tasks like these that are not in the gui.
If i am getting no more help on this, please let me know. Thanks.
I went to mount points and remounted it as /mnt/usb1
I also added "umask=0" in the options box for that mount point.
anything else? I do not know where else to go from here. I did ask someone else on a discord server what chmod is and showed him this thread. And he said "so that's why your having a difficult time. you do not know chmod" and then explained to me that its some kind of thing where you take some values, add them up, and get something like 777 or some other number that will apply whatever permissions it is that your trying to apply.
I've tested anonymous access to custom directory.
It seems that the issue is not related to permissions, but the acecess is limited to home directory of user ftp.
Still have not googled the option responsible for this behavior.
So, you can either change user ftp home directory inside /etc/passwd, or mount your drive in the /home/ftp.
It would be the simplest workaround for now.
I remounted /dev/sda1 to /home/ftp. I reconnected to the FTP server using filezilla and its giving me the error message
|Command:|USER anonymous|
|---|---|
|Response:|331 Please specify the password.|
|Command:|PASS *********************|
|Response:|500 OOPS: vsftpd: refusing to run with writable root inside chroot()|
|Error:|Critical error: Could not connect to server|
Hey, you might have sorted this by now but I think the problem was you missing the ftp_username=nobody attribute. Once I put that in it all worked as expected.
I can connect to the FTP server and see all the files on my drive. But I want to limit the anonymous user to the ftp folder on my drive.
If I change anon_root=/mnt to anon_root=/mnt/my-usb/ftp I get the following error during a connection attempt: 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
passwd_chroot_enable
If enabled, along with chroot_local_user , then a chroot() jail location may be specified on a per-user basis. Each user's jail is derived from their home directory string in /etc/passwd. The occurrence of /./ in the home directory string denotes that the jail is at that particular location in the path.
Default: NO
anon_root
This option represents a directory which vsftpd will try to change into after an anonymous login. Failure is silently ignored.
Default: (none)
ftp_username
This is the name of the user we use for handling anonymous FTP. The home directory of this user is the root of the anonymous FTP area.
Default: ftp
I only know how to get this working with non anonymous users...
For example:
I have user1
And passwd_chroot_enable set to yes (and all other options needed to make chroot work)
I have a global ftp directory owned by nobody:nogroup (the user/group vsftpd is running as) with 777 permission /mnt/data/ftp
user1 home directory is: /mnt/data/ftp/user1
which is owned by this user and his grp (same name) but is not writable.
The actual ftp directory for this user is: /mnt/data/ftp/user1/uploads
which is also owned by this user and his group but this directory is writable.
To make vsftpd change into this upload directory automatically the passwd file has to be modified like this (where passwd_chroot_enable comes into play): user1:x:1000:1000::/mnt/data/ftp/user1/./uploads:/bin/false
Note: The ./uploads after the actual home directory.
Maybe you can do something like this with the default ftp user?
And actually I'm not sure if the passwd_chroot_enable help text is actually correct...
It implies that the actual chroot in this case would be: /mnt/data/ftp/user1/uploads
Which doesn't seem to be the case.
The actual chroot is: /mnt/data/ftp/user1
Because user1 is able to move out of the uploads directory up to his home directory but not further/higher.