# PureFTP: Can not enable chmodding through conf file (FreeBSD 8.1)



## ghostcorps (Feb 2, 2011)

Hi Guys

 I am using PureFTP on a webserver and we have noticed that changing the CHMOD values is disabled by default.

 I have followed the instructions HERE to create a config file but after the command line (below) is generated (by pure-config.pl) and run, I am still unable to modify the CHMOD values:


```
#/usr/local/sbin/pure-config.pl /etc/pure-ftpd.conf
Running: /usr/local/sbin/pure-ftpd -A -c50 -B -C8 -D -E -fftp
-F/usr/local/etc/pure-ftp.fortune -H -I15 -lpuredb:/etc/pureftpd.pdb -lunix
-L10000:8 -m4 -s -U133:022 -u100 -k99 -Z -Y1
```

 Is there something obvious that I am missing?


Also, I am wondering if after running this command, will PureFTP retain these settings upon reboot?


Thanks for your time


----------



## quintessence (Feb 2, 2011)

Hello,

In pure-ftpd from ports chmod is not disabled by default:

But if you uncomment the following line in /usr/local/etc/pure-ftpd.conf:

```
# Disallow the CHMOD command. Users can't change perms of their files.

#NoChmod                     yes
```
users will not be able to use CHMOD on their own files/directories.


----------



## ghostcorps (Feb 3, 2011)

Thanks Quintessence

 But I want to enable users to be able to change the CHMOD values, perhaps it is a different issue. But without making any modifications, they can not, hence why I understood it to be blocked by default. I had uncommented that line before I posted and changed the value to 'no' with no effect.

 Could there be any other reason? I know the users can change the CHMOD values via ssh for example, so I doubt it is a permissions problem.

What do you think?


----------



## ghostcorps (Feb 4, 2011)

Hello again

I have confirmed that the config file is being parsed at boot 

But unfortunately it still can't chmod. I figure it must be a problem with pure-ftps permissions, but how can that be?


----------



## quintessence (Feb 4, 2011)

ghostcorps said:
			
		

> Thanks Quintessence
> 
> But I want to enable users to be able to change the CHMOD values, perhaps it is a different issue. But without making any modifications, they can not, hence why I understood it to be blocked by default. I had uncommented that line before I posted and changed the value to 'no' with no effect.
> 
> ...



Hello,

They are able to use CHMOD of their own files in their home directories by default if you installed pure-ftpd from the ports collection. There is no need to make any modification in the default config file.
All you have to do is to enable it by placing:

```
pureftpd_enable="YES"
```
in /etc/rc.conf and start the daemon:
`#  /usr/local/etc/rc.d/pure-ftpd start` .

Just installed some version from ports:

```
pure-ftpd-1.0.29_1  A small, easy to set up, fast and very secure FTP server
```
Then I logged with test user which I created, create directory, and CHMOD of directory:

```
230 OK. Current restricted directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mkdir test

ftp> mkdir test2
257 "test2" : The directory was successfully created
ftp> ls -l
229 Extended Passive mode OK (|||58860|)
150 Accepted data connection
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 .
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 ..
drwxrwxrwx    2 alaala     alaala            512 Feb  2 16:50 te
drwxr-xr-x    2 alaala     alaala            512 Feb  4 10:23 test
drwxr-xr-x    2 alaala     alaala            512 Feb  4 10:25 test2
226-Options: -a -l 
226 5 matches total
ftp> chmod [B]700[/B] test2
200 Permissions changed on test2
ftp> ls -l
229 Extended Passive mode OK (|||17921|)
150 Accepted data connection
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 .
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 ..
drwxrwxrwx    2 alaala     alaala            512 Feb  2 16:50 te
drwxr-xr-x    2 alaala     alaala            512 Feb  4 10:23 test
[B]drwx------ [/B]   2 alaala     alaala            512 Feb  4 10:25 test2
226-Options: -a -l 
226 5 matches total
ftp> chmod [B]777[/B] test
200 Permissions changed on test
ftp> ls -l
229 Extended Passive mode OK (|||54795|)
150 Accepted data connection
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 .
drwxr-xr-x    5 alaala     alaala            512 Feb  4 10:25 ..
drwxrwxrwx    2 alaala     alaala            512 Feb  2 16:50 te
[B]drwxrwxrwx [/B]   2 alaala     alaala            512 Feb  4 10:23 test
drwx------    2 alaala     alaala            512 Feb  4 10:25 test2
226-Options: -a -l 
226 5 matches total
```

My ftp test user:

```
alaala:$1$xDE5.rbK$nurA2yZdJgcKv2d28bVLP1:1011:1011::0:0:User &:/storage/ftptest/alaala:/usr/sbin/nologin
```


----------



## ghostcorps (Feb 5, 2011)

Thanks 

So for some reason Pure-ftp itself is not allowed to change the permissions?

How can I even start to troubleshoot that?


----------



## quintessence (Feb 6, 2011)

Hello,
What you mean pure-ftpd itself? User, which is you start service with or?

You can start by removing your current pure-ftpd (which seems you were installed it from source - and by default as you can read in the documentation, chmod is disabled) and installing it from the ports collection (where chmod is enabled by default).


----------



## ghostcorps (Feb 6, 2011)

Thanks Quintessence,

 I assume that Pure-ftpd does not have the permission to change chmod values, which is why it can not grant that ability to users underneath it. Is this possible?

 I had installed pure-ftpd from the ports to begin with. It starts at boot through the rc.conf and looking at top is seems to be run as/by root.


 Do you know if Pure-ftpd is still supported? I have been to the site and all the submissions 
I make to the mail list are bounced back.

 I would use Pro-ftpd, but that has a whole host of other issues and specifically it does not provide tls or the ability to block it's own name.


----------



## quintessence (Feb 7, 2011)

Hello,

Do not create your custom config file with pure-config.pl. Just install pure-ftpd from ports and use its default config file which is placed in /usr/local/etc/, not /etc.

I believe it is supported, but really there is no bug with chmod, it is working ok.


----------



## ghostcorps (Feb 7, 2011)

Thanks for your patience 

I'll give it a go and get back to you, I should say though, that the reason I looked into the config file was because we wanted chmod to work.


----------



## ghostcorps (Feb 8, 2011)

Hi again,

 I reinstalled pure-ftpd and the config files, but it still I still can't change permissions.


----------

