I have some kind of problem. I'm setting up hobby local ftp server in trusted network. I want to allow anon/ftp user to able to delete and rename file, but after many attempt tinkering with /etc/pure-ftpd/pure-ftpd.conf, yield no result. I'm on Fedora 38, using pure-ftpd version 1.0.51. I also set /var/ftpd to be allowed to written, and the default file is permission is 777 for folder and 666 for generated file. I also try to enable allow anon ftpd write in sebool, and so far no error generated from SELINUX. I also tried to let selinux permissive, and it doesn't raise any error on /var/log/audit/audit.log
This is my pure-ftpd config
############################################################
# #
# Configuration file for pure-ftpd #
# #
############################################################
If you want to run Pure-FTPd with this configuration
instead of command-line options, please run the
following command :
/usr/sbin/pure-ftpd /etc/pure-ftpd/pure-ftpd.conf
Online documentation:
https://www.pureftpd.org/project/pure-ftpd/doc
Restrict users to their home directory
ChrootEveryone yes
If the previous option is set to "no", members of the following group
won't be restricted. Others will be. If you don't want chroot()ing anyone,
just comment out ChrootEveryone and TrustedGID.
TrustedGID 100
Turn on compatibility hacks for broken clients
BrokenClientsCompatibility no
Maximum number of simultaneous users
MaxClientsNumber 100
Run as a background process
Important: this must be set to 'yes' for the systemd service to work.
Daemonize yes
Maximum number of simultaneous clients with the same IP address
MaxClientsPerIP 16
If you want to log all client commands, set this to "yes".
This directive can be specified twice to also log server responses.
VerboseLog no
List dot-files even when the client doesn't send "-a".
DisplayDotFiles yes
Disallow authenticated users - Act only as a public FTP server.
AnonymousOnly yes
Disallow anonymous connections. Only accept authenticated users.
NoAnonymous no
Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
The default facility is "ftp". "none" disables logging.
SyslogFacility ftp
Display fortune cookies
FortunesFile /usr/share/fortune/zippy
Don't resolve host names in log files. Recommended unless you trust
reverse host names, and don't care about DNS resolution being possibly slow.
DontResolve yes
Maximum idle time in minutes (default = 15 minutes)
MaxIdleTime 15
LDAP configuration file (see README.LDAP)
LDAPConfigFile @sysconfigdir@/pureftpd-ldap.conf
MySQL configuration file (see README.MySQL)
MySQLConfigFile @sysconfigdir@/pureftpd-mysql.conf
PostgreSQL configuration file (see README.PGSQL)
PGSQLConfigFile @sysconfigdir@/pureftpd-pgsql.conf
PureDB user database (see README.Virtual-Users)
PureDB @sysconfigdir@/pureftpd.pdb
Path to pure-authd socket (see README.Authentication-Modules)
ExtAuth /var/run/ftpd.sock
If you want to enable PAM authentication, uncomment the following line
PAMAuthentication yes
If you want simple Unix (/etc/passwd) authentication, uncomment this
UnixAuthentication yes
Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and
UnixAuthentication can be used specified once, but can be combined
together. For instance, if you use MySQLConfigFile, then UnixAuthentication,
the SQL server will be used first. If the SQL authentication fails because the
user wasn't found, a new attempt will be done using system authentication.
If the SQL authentication fails because the password didn't match, the
authentication chain stops here. Authentication methods are chained in
the order they are given.
'ls' recursion limits. The first argument is the maximum number of
files to be displayed. The second one is the max subdirectories depth.
LimitRecursion 10000 8
Are anonymous users allowed to create new directories?
AnonymousCanCreateDirs yes
If the system load is greater than the given value, anonymous users
aren't allowed to download.
MaxLoad 64
Port range for passive connections - keep it as broad as possible.
PassivePortRange 30000 50000
Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
Symbolic host names are also accepted for gateways with dynamic IP
addresses.
ForcePassiveIP 192.168.0.1
Upload/download ratio for anonymous users.
AnonymousRatio 1 10
Upload/download ratio for all users.
This directive supersedes the previous one.
UserRatio 1 10
Disallow downloads of files owned by the "ftp" system user;
files that were uploaded but not validated by a local admin.
AntiWarez yes
IP address/port to listen to (default=all IP addresses, port 21).
Bind 127.0.0.1,21
Maximum bandwidth for anonymous users in KB/s
AnonymousBandwidth 8
Maximum bandwidth for all users (including anonymous) in KB/s
Use AnonymousBandwidth or UserBandwidth, not both.
UserBandwidth 8
File creation mask. <umask for files>:<umask for dirs> .
177:077 if you feel paranoid.
Umask 111:011
Minimum UID for an authenticated user to log in.
For example, a value of 100 prevents all users whose user id is below
100 from logging in. If you want "root" to be able to log in, use 0.
MinUID 1000
Allow FXP transfers for authenticated users.
AllowUserFXP no
Allow anonymous FXP for anonymous and non-anonymous users.
AllowAnonymousFXP no
Users can't delete/write files starting with a dot ('.')
even if they own them. But if TrustedGID is enabled, that group
will exceptionally have access to dot-files.
ProhibitDotFilesWrite no
Prohibit reading of files starting with a dot (.history, .ssh...)
ProhibitDotFilesRead no
Don't overwrite files. When a file whose name already exist is uploaded,
it gets automatically renamed to file.1, file.2, file.3, ...
AutoRename no
Prevent anonymous users from uploading new files (no = upload is allowed)
AnonymousCantUpload no
Only connections to this specific IP address are allowed to be
non-anonymous. You can use this directive to open several public IPs for
anonymous FTP, and keep a private firewalled IP for remote administration.
You can also only allow a non-routable local IP (such as 10.x.x.x) for
authenticated users, and run a public anon-only FTP server on another IP.
TrustedIP 10.1.1.1
To add the PID to log entries, uncomment the following line.
LogPID yes
Create an additional log file with transfers logged in a Apache-like format :
fw.c9x.org - jedi [13/Apr/2017:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
This log file can then be processed by common HTTP traffic analyzers.
AltLog clf:/var/log/pureftpd.log
Create an additional log file with transfers logged in a format optimized
for statistic reports.
AltLog stats:/var/log/pureftpd.log
Create an additional log file with transfers logged in the standard W3C
format (compatible with many HTTP log analyzers)
AltLog w3c:/var/log/pureftpd.log
Disallow the CHMOD command. Users cannot change perms of their own files.
NoChmod no
Allow users to resume/upload files, but NOT to delete them.
KeepAllFiles no
Automatically create home directories if they are missing
CreateHomeDir yes
Enable virtual quotas. The first value is the max number of files.
The second value is the maximum size, in megabytes.
So 1000:10 limits every user to 1000 files and 10 MB.
Quota 1000:10
If your pure-ftpd has been compiled with standalone support, you can change
the location of the pid file. The default is /var/run/pure-ftpd.pid
#PIDFile /var/run/pure-ftpd.pid
If your pure-ftpd has been compiled with pure-uploadscript support,
this will make pure-ftpd write info about new uploads to
/var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
spawn a script to handle the upload.
Don't enable this option if you don't actually use pure-uploadscript.
CallUploadScript yes
This option is useful on servers where anonymous upload is
allowed. When the partition is more that percententage full,
new uploads are disallowed.
MaxDiskUsage 49
Set to 'yes' to prevent users from renaming files.
NoRename no
Be 'customer proof': forbids common customer mistakes such as
'chmod 0 public_html', that are valid, but can cause customers to
unintentionally shoot themselves in the foot.
CustomerProof yes
Per-user concurrency limits. Will only work if the FTP server has
been compiled with --with-peruserlimits.
Format is: <max sessions per user>:<max anonymous sessions>
For example, 3:20 means that an authenticated user can have up to 3 active
sessions, and that up to 20 anonymous sessions are allowed.
PerUserLimits 3:20
When a file is uploaded and there was already a previous version of the file
with the same name, the old file will neither get removed nor truncated.
The file will be stored under a temporary name and once the upload is
complete, it will be atomically renamed. For example, when a large PHP
script is being uploaded, the web server will keep serving the old version and
later switch to the new one as soon as the full file will have been
transferred. This option is incompatible with virtual quotas.
NoTruncate yes
This option accepts three values:
0: disable SSL/TLS encryption layer (default).
1: accept both cleartext and encrypted sessions.
2: refuse connections that don't use the TLS security mechanism,
including anonymous sessions.
Do not uncomment this blindly. Double check that:
1) The server has been compiled with TLS support (--with-tls),
2) A valid certificate is in place,
3) Only compatible clients will log in.
TLS 1
Cipher suite for TLS sessions.
The default suite is secure and setting this property is usually
only required to lower the security to cope with legacy clients.
Prefix with -C: in order to require valid client certificates.
If -C: is used, make sure that clients' public keys are present on
the server.
TLSCipherSuite HIGH
Certificate file, for TLS
The certificate itself and the keys can be bundled into the same
file or split into two files.
CertFile is for a cert+key bundle, CertFileAndKey for separate files.
Use only one of these.
CertFile /etc/ssl/private/pure-ftpd.pem
CertFileAndKey "/etc/pure-ftpd.pem" "/etc/pure-ftpd.key"
Unix socket of the external certificate handler, for TLS
ExtCert /var/run/ftpd-certs.sock
Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
By default, both IPv4 and IPv6 are enabled.
IPV4Only yes
Listen only to IPv6 addresses in standalone mode (i.e. disable IPv4)
By default, both IPv4 and IPv6 are enabled.
The Folder Owner and SELINUX Context :
[ben@TP-X220 ftp]$ pwd
/var/ftp
[ben@TP-X220 ftp]$ ls -lahRZ
.:
total 0
drwxr-xr-x. 1 ftp ftp system_u:object_r:public_content_t:s0 6 2023-06-13 08:02 .
drwxr-xr-x. 1 root root system_u:object_r:var_t:s0 194 2023-05-07 08:25 ..
drwxrwxrwx. 1 ftp ftp unconfined_u:object_r:public_content_t:s0 58 2023-06-13 08:28 sql
./sql:
total 16K
drwxrwxrwx. 1 ftp ftp unconfined_u:object_r:public_content_t:s0 58 2023-06-13 08:28 .
drwxr-xr-x. 1 ftp ftp system_u:object_r:public_content_t:s0 6 2023-06-13 08:02 ..
-rw-rw-rw-. 1 ftp ftp system_u:object_r:public_content_t:s0 244 2023-06-13 08:28 coba.py
-rw-rw-rw-. 1 ftp ftp system_u:object_r:public_content_t:s0 0 2023-06-13 08:06 coba.txt
-rw-rw-rw-. 1 ftp ftp system_u:object_r:public_content_t:s0 12K 2023-06-13 08:08 pure-ftpd.conf
This is the semanage boolean -l
[ben@TP-X220 ftp]$ getenforce
Permissive
[ben@TP-X220 ftp]$ sudo semanage boolean -l | grep ftp
ftpd_anon_write (on , on) Allow ftpd to anon write
ftpd_connect_all_unreserved (off , off) Allow ftpd to connect all unreserved
ftpd_connect_db (off , off) Allow ftpd to connect db
ftpd_full_access (on , on) Allow ftpd to full access
ftpd_use_cifs (off , off) Allow ftpd to use cifs
ftpd_use_fusefs (off , off) Allow ftpd to use fusefs
ftpd_use_nfs (off , off) Allow ftpd to use nfs
ftpd_use_passive_mode (on , on) Allow ftpd to use passive mode
httpd_can_connect_ftp (off , off) Allow httpd to can connect ftp
httpd_enable_ftp_server (off , off) Allow httpd to enable ftp server
tftp_anon_write (off , off) Allow tftp to anon write
tftp_home_dir (off , off) Allow tftp to home dir
The output of the ftp client when delete
ftp> ls -lah
229 Extended Passive mode OK (|||54365|)
150 Accepted data connection
drwxrwxrwx 1 14 50 58 Jun 13 08:28 .
drwxr-xr-x 1 0 0 6 Jun 13 08:02 ..
-rw-rw-rw- 1 14 50 244 Jun 13 08:28 coba.py
-rw-rw-rw- 1 14 50 0 Jun 13 08:06 coba.txt
-rw-rw-rw- 1 14 50 11487 Jun 13 08:08 pure-ftpd.conf
226-Options: -a -l
226 5 matches total
ftp> delete coba.py
550 Anonymous users can not delete files
ftp> cd /
ftp> ls -lah
229 Extended Passive mode OK (|||65372|)
150 Accepted data connection
drwxrwxrwx 1 14 50 12 Jun 13 09:31 .
drwxrwxrwx 1 14 50 12 Jun 13 09:31 ..
drwxrwxrwx 1 14 50 0 Jun 13 09:31 ben
drwxrwxrwx 1 14 50 58 Jun 13 08:28 sql
226-Options: -a -l
226 4 matches total
ftp> rm ben
550 Sorry, anonymous users are not allowed to remove directories
ftp> delete ben
550 Anonymous users can not delete files
I did check https://superuser.com/a/419683/973279, but as I see I can write and make directory in it, so I don't know why it can't delete, as write permission already there. I already restarted the service after changing the config files. Any help is appreciated. Thank you
