Allow Chroot VSFTPD User External File Access

Scenario: FTP user is jailed to their home directory with chroot. FTP user needs to access an external directory (such as www).

Normally you would create a symbolic link in the user’s home directory.

cd /home/user
ln -s /var/www/html/ www

But for some reason, this just doesn’t work with VSFTPD. After fiddling with permissions unsuccessfully for a few minutes, I found a better way.

cd /home/user
mkdir www
mount –bind /var/www/html/ www

So you could either do it this way, or use PROFTPD.

About Benjamin Perove

Ben has been associated with a broad spectrum of technologies starting from an early age, and he's contributed to the success of many businesses and enterprises professionally since 2001. Most of his time is spent building cool stuff. When he's not working, he enjoys reading, playing acoustic guitar, and being with friends. He currently resides in Medellin, Colombia.

  • iceolate

    this might be useful for some people at work. though i don’t know how many it would actually apply to.

  • David

    Cheers for the tip.

  • David

    Cheers for the tip.

  • bperove

    <!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
    <meta content=”text/html;charset=UTF-8″ http-equiv=”Content-Type”>
    <body bgcolor=”#ffffff” text=”#000000″>
    <font size=”-1″><font face=”Georgia”>approve</font></font>

  • Thor

    Tnx 4 this tip…I needed to allow users to upload their content to their webspace – so read/write rts were only needed to the one user for the one /var/www/[user]- be aware that rights have to be set appropriatly, though…


  • Pirsey

    If you want to read a reader’s feedback :) , I rate this post for four from five. Decent info, but I have to go to that damn msn to find the missed pieces. Thanks, anyway!

Got WordPress Security?

You will definitely wish you had downloaded my top 5 recommendations when you're cleaning out malicious Javascript from deep within you WordPress site. Enter your email and get the PDF right now, before it's too late.