Differences

This shows you the differences between two versions of the page.

--- servers:vsftpd [2022/07/19 04:22] – Change SELinux handling Sean Rhone
+++ servers:vsftpd [2023/09/09 15:53] – Sean Rhone
@@ Line 5: / Line 5: @@
 ===== Prerequisites =====
-  * [[distros:fedora_workstation_gnome|Fedora]] ((notes link to Workstation, but this can be done on Server))
+  * [[distros:opensuse_tumbleweed_server|openSUSE Tumbleweed]]
 ====== Dependencies ======
@@ Line 11: / Line 11: @@
 ****
-  sudo dnf install 'vsftpd'
+  sudo zypper install 'vsftpd'
 ====== Firewall ======
-  * See [[distros:opensuse_tumbleweed_server#firewalld|firewalld]]
+  * See [[notes:misc_linux#firewalld|firewalld]]
-  * TODO: Update firewall link above to Fedora
-  sudo firewall-cmd --add-service='ftp' --permanent && sudo firewall-cmd --reload
+  * 20/tcp
+  * 21/tcp
+  * PASV: 30000-30100/tcp
-====== SELinux ======
+<code>sudo firewall-cmd --add-service='vsftpd' --permanent && sudo firewall-cmd --reload</code>
-  * This automatically sets policies for ''vsftpd'' as-needed
+===== Custom =====
-<code>
-mkdir -p ~/'policies' && cd ~/'policies' && sudo grep 'vsftpd' '/var/log/audit/audit.log' | sudo audit2allow -M 'vsftpd' && sudo semodule -i 'vsftpd.pp' && cd ~</code>
-===== Verify =====
 ****
-  nano ~/'policies/vsftpd.te'
+<code>sudo firewall-cmd --add-port='20/tcp' --permanent && sudo firewall-cmd --add-port='21/tcp' --permanent && sudo firewall-cmd --add-port='30000-30100/tcp' --permanent && sudo firewall-cmd --reload</code>
 ====== Service ======
@@ Line 43: / Line 39: @@
 ===== General =====
-  * For ''local_root'', even though ''nas1'' is used more frequently, Kodi clients are configured to start from the actual ftp root in order to go into the ''nas2'' folder for media
+  sudo -e '/etc/vsftpd.conf' && sudo systemctl restart 'vsftpd'
-  * To make ''nas1'' convenient, set the root folder from FileZilla
-  sudo -e '/etc/vsftpd/vsftpd.conf' && sudo systemctl restart 'vsftpd'
+<code>
+write_enable=YES</code>
 <code>
 # Custom
-local_root=/var/ftp
+pasv_enable=YES
+local_root=/srv/ftp
 force_dot_files=YES</code>
@@ Line 101: / Line 98: @@
   * :!: This expects 1 drive each with a XFS partition
-  sudo mkdir -p '/var/ftp/nas1' '/var/ftp/nas2' && sudo -e '/etc/fstab'
+  sudo mkdir -p '/srv/ftp/nas1' '/srv/ftp/nas2' '/srv/ftp/internal' && sudo -e '/etc/fstab'
 <code>
 # NAS
-PARTUUID=x /var/ftp/nas1 xfs defaults 0 2
+PARTUUID=x /srv/ftp/nas1 xfs defaults 0 2
-PARTUUID=x /var/ftp/nas2 xfs defaults 0 2</code>
+PARTUUID=x /srv/ftp/nas2 xfs defaults 0 2</code>
-  sudo mount --all
+  sudo systemctl daemon-reload && sudo mount --all && sync
+===== Safe Unmount Externals =====
+  * :!: TODO: See if there's another command that has less dependencies than ''udisks2'' on openSUSE TW
+  sudo udisksctl unmount --force --block-device='/dev/sdb'
+  sudo udisksctl power-off --block-device='/dev/sdb'
 ====== Permissions ======
@@ Line 114: / Line 119: @@
 ===== chown =====
-  sudo chown --recursive 'espionage724':'espionage724' '/var/ftp/nas1' && sync
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/nas1' && sync
-  sudo chown --recursive 'espionage724':'espionage724' '/var/ftp/nas2' && sync
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/nas2' && sync
-===== chmod =====
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/internal' && sync
-  sudo chmod --recursive '774' '/var/ftp/nas1' && sync
+===== chmod =====
-  sudo chmod --recursive '774' '/var/ftp/nas2' && sync
+  * :!: ''664'' makes sense here, but FileZilla is unable to traverse directories. TODO: Figure this out
-===== SELinux =====
+  sudo chmod --recursive '774' '/srv/ftp/nas1' && sync
-  sudo restorecon -F -I -R '/var/ftp/nas1' && sync
+  sudo chmod --recursive '774' '/srv/ftp/nas2' && sync
-  sudo restorecon -F -I -R '/var/ftp/nas2' && sync
+  sudo chmod --recursive '774' '/srv/ftp/internal' && sync