Differences

This shows you the differences between two versions of the page.

--- servers:vsftpd [2023/07/31 13:19] – Sean Rhone
+++ servers:vsftpd [2023/09/09 15:53] – Sean Rhone
@@ Line 5: / Line 5: @@
 ===== Prerequisites =====
-  * [[distros:fedora_workstation_gnome|Fedora]] ((notes link to Workstation, but this can be done on Server))
+  * [[distros:opensuse_tumbleweed_server|openSUSE Tumbleweed]]
 ====== Dependencies ======
@@ Line 11: / Line 11: @@
 ****
-  sudo dnf install 'vsftpd'
+  sudo zypper install 'vsftpd'
 ====== Firewall ======
-  * See [[distros:opensuse_tumbleweed_server#firewalld|firewalld]]
+  * See [[notes:misc_linux#firewalld|firewalld]]
-  * TODO: Update firewall link above to Fedora
   * 20/tcp
   * 21/tcp
-  * PASV: 40000-50000/tcp
+  * PASV: 30000-30100/tcp
-  sudo firewall-cmd --add-port='20/tcp' --permanent && sudo firewall-cmd --add-port='21/tcp' --permanent && sudo firewall-cmd --add-port='40000-50000/tcp' --permanent && sudo firewall-cmd --reload
+<code>sudo firewall-cmd --add-service='vsftpd' --permanent && sudo firewall-cmd --reload</code>
-====== SELinux ======
+===== Custom =====
-  * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/sect-managing_confined_services-file_transfer_protocol-booleans
-  * https://hostodo.com/portal/knowledgebase/25/Setup-vsftp-with-SELinux.html
-  sudo setsebool -P 'ftpd_full_access' 'on'
-  sudo setsebool -P 'ftpd_use_passive_mode' 'on'
-  sudo grep "SELinux is preventing" /var/log/messages > k.txt
-===== Verify =====
 ****
-  getsebool -a | grep 'ftp'
+<code>sudo firewall-cmd --add-port='20/tcp' --permanent && sudo firewall-cmd --add-port='21/tcp' --permanent && sudo firewall-cmd --add-port='30000-30100/tcp' --permanent && sudo firewall-cmd --reload</code>
 ====== Service ======
@@ Line 51: / Line 39: @@
 ===== General =====
-  sudo -e '/etc/vsftpd/vsftpd.conf' && sudo systemctl restart 'vsftpd'
+  sudo -e '/etc/vsftpd.conf' && sudo systemctl restart 'vsftpd'
+<code>
+write_enable=YES</code>
 <code>
 # Custom
 pasv_enable=YES
-pasv_max_port=50000
+local_root=/srv/ftp
-pasv_min_port=40000
-local_root=/var/ftp
 force_dot_files=YES</code>
@@ Line 109: / Line 98: @@
   * :!: This expects 1 drive each with a XFS partition
-  sudo mkdir -p '/var/ftp/nas1' '/var/ftp/nas2' && sudo -e '/etc/fstab'
+  sudo mkdir -p '/srv/ftp/nas1' '/srv/ftp/nas2' '/srv/ftp/internal' && sudo -e '/etc/fstab'
 <code>
 # NAS
-PARTUUID=x /var/ftp/nas1 xfs defaults,nofail 0 2</code>
+PARTUUID=x /srv/ftp/nas1 xfs defaults 0 2
+PARTUUID=x /srv/ftp/nas2 xfs defaults 0 2</code>
-  sudo mount --all && sudo systemctl daemon-reload && sync
+  sudo systemctl daemon-reload && sudo mount --all && sync
 ===== Safe Unmount Externals =====
+  * :!: TODO: See if there's another command that has less dependencies than ''udisks2'' on openSUSE TW
   sudo udisksctl unmount --force --block-device='/dev/sdb'
@@ Line 127: / Line 119: @@
 ===== chown =====
-****
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/nas1' && sync
-  sudo chown --recursive 'espionage724':'espionage724' '/var/ftp/nas1' && sync
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/nas2' && sync
+  sudo chown --recursive 'espionage724':'espionage724' '/srv/ftp/internal' && sync
 ===== chmod =====
@@ Line 135: / Line 129: @@
   * :!: ''664'' makes sense here, but FileZilla is unable to traverse directories. TODO: Figure this out
-  sudo chmod --recursive '774' '/var/ftp/nas1' && sync
+  sudo chmod --recursive '774' '/srv/ftp/nas1' && sync
-===== SELinux =====
+  sudo chmod --recursive '774' '/srv/ftp/nas2' && sync
-****
-  sudo restorecon -F -I -R '/var/ftp/nas1' && sync
+  sudo chmod --recursive '774' '/srv/ftp/internal' && sync