As promised, I'm back on the second part of the setting up steps for my MyBook World Edition Blue Rings. In my last post I was planning to go through installing the vsftpd FTP server, LightHttpd web server and registering with DynDns - all in one go. Due to my crazy schedule I will have to break this into several sessions - so for now, we'll only look at installing the vsftpd FTP server.
I would suggest going through the instructions below at least once - to get the whole picture of the involved steps - before doing any changes to your machine.
Installing the vsftpd FTP server
Scope: what we want to achieve here - is to install the vsftpd FTP sever and set it up so that the local users will be able to connect through a FTP client, access their shares and have read/write access enabled. Also, we want to prevent those users to view and access the whole system or other users folders. The admin (you!) should have unrestricted access when using the FTP service.
If you followed the steps in my first part you should now have the Optware package installed - if not, you can go back to Part 1 and see how to install the Optware package. Once that's done, fire up Putty and connect to your NAS. Become root (su-) - than issue:
sudo ipkg install vsftpd
After the install is complete, we'll need to edit inetd.conf (in the /etc folder) to add a line. To open inetd.conf for editing, we'll use nano:
sudo /opt/bin/nano /etc/inetd.conf
...and add the following line:
ftp stream tcp nowait root /opt/sbin/vsftpd /opt/etc/vsftpd.conf
Ctrl+O to save, than
Ctrl+X to exit. Boom. During install, vsftpd created a user called "ftpsecure" (vsftpd will run as a non-privileged user). We'll need to add this user to the passwd file, so let's open the file:
Add this line at the end of the file:
... where 108 is the unique User ID for the user ftpsecure on MY machine.
To find out the ID for YOUR ftpsecure user, exit passwd (Ctrl-x), and type in the shell:
That will return the User ID for the ftpsecure user. Now let's go back to the passwd file.
Inside this file, you should also see other users that have accounts on the machine, along with the paths to their shares. If not, you can add them. In order to do that you'll need to find out their user ID. Same syntax as above:
In my case, this is what I get back, and now I know that my user ID is 1003.
uid=1003(JOHN) gid=1003(JOHN) groups= 1003(JOHN)
If you closed the passwd file, let's open it again:
The way you add your users here and point to their shares - it's like this:
...each user on a single line. Like I said, this step (addig users in to the passwd file) should not be necessary - this is just in case you don't see them in there. And of course, those users and shares have to exist. Also note that usernames are in capital letters, and my shares are set up using names that match user's names. Once you're done adding users, you can save and close the file.
Now let's take a quick trip to the vsftpd.chroot_list file:
sudo /opt/bin/nano /opt/etc/vsftpd.chroot_list
In here, we'll also add users. The rules are: usernames are in capital letters, they have to exist (ex: a login account on your machine), and each have to be on a single line. Like this:
#JOHN TOMMY ALLEN
If you don't have any other users set up on your machine, just write your user name . The reason we are adding user names to this file it's because we'll need to "jail" them inside their folder when they'll connect to the FTP server. Most likely you will not want your users to wander all over system when connected. Also notice that my username (JOHN in this case) - has "#" in front of it. This way, we are telling the server to allow me to see my folder/share as well as the whole system when I will connect to the FTP service - so I will not be "jailed" to my folder. Save and close the file.
Ok, almost there; let's have a closer look at vsftpd.conf - where you can set various options for vsftpd. Open up vsftpd.conf:
sudo /opt/bin/nano /opt/etc/vsftpd.conf
There are quite a few options in there and I will not go through all of them, just the ones that are relevant to our example here. Look for the settings below and match them with mine:
anonymous_enable=NO local_enable=YES write_enable=YES connect_from_port_20=YES ftpd_banner=Welcome to the John's FTP box! chroot_list_enable=YES chroot_list_file=/opt/etc/vsftpd.chroot_list ls_recurse_enable=YES listen= NO
Now, vsftpd is controlled by inetd, which in turn it's controlled by S30network (I know, I know..). So let's restart the whole thing:
Check if vsftpd is running:
ps -ef|grep vsftpd
You should get something similar to:
JOHN 6261 6219 1 17:38 pts/0 00:00:00 grep vsftpd
Go grab Filezilla and log in. If you're running into issues, you can drop me a line and I will try to help. Until next time, have fun tuning up your fresh vsftpd install.