In most cases, the supplied sample configuration file for VSFTPD located in /etc/vsftpd will work for most simple setups. However, you might find that after connecting to your FTP server using you favourite FTP client, you find you recieve the following error in you client log:
Error: Transfer Done (but failed to open directory)
The main reason that the client can't read or "open" the directory is permission issues on the folder denying the client access. When running a Red Hat based (Red Hat, Fedora etc.) server, SELinux is installed and live be default. SELinux controls a second set of folder/file access permissions on top of the standard linux folder permissions system. And because in most cases SELinux is not setup properly, users and administrators are unaware that SELinux is working on this layer.
Because of many issues with configuration SELinux, if you don't properly set this up, SELinux will deny FTP access to the folders and also see the access as a possible security threat.
In my configuration, the standard linux permission system is fine. Therefore, disabling SELinux resolves this issue.
To disable SELinux (Note: this needs to be done as root or sudo):
- Using a command-line, goto /etc/selinux/
- Open the file config using your prefered text editor (e.g. vim, nano)
- Find the option SELINUX= and set it to the following:
- Save the file and reboot you machine.