Bug#637076: AllowOverwrite On doesn't work with UserOwner and GroupOwner directives
Francesco P. Lovergine
frankie at debian.org
Mon Dec 21 15:43:05 GMT 2020
tags 637076 + upstream confirmed
quit
This is seems still pending with 1.3.7a. With a very simple global
configuration:
/etc/proftpd/conf.d/groupowner.conf:
<Directory /tmp/tmp>
AllowOverwrite on
GroupOwner nogroup
UserOwner nobody
</Directory>
vagrant at debian:~$ lftp -u vagrant localhost
Password:
lftp vagrant at localhost:~> cd /tmp/tmp
cd ok, cwd=/tmp/tmp
lftp vagrant at localhost:/tmp/tmp> ls
-rw-r--r-- 1 nobody nogroup 2259 Dec 21 15:34 local.yml
lftp vagrant at localhost:/tmp/tmp> put local.yml
put: Access failed: 550 local.yml: Permission denied
The intended behavior should be allowing the rewrite of the file, instead.
On Mon, Aug 08, 2011 at 01:51:01PM +0300, Андрей Василишин wrote:
>Package: proftpd-basic
>Version: 1.3.4rc2
>
>Directive "AllowOverwrite On" doesn't work in such config:
>
># cat /etc/proftpd/proftpd.conf
>Include /etc/proftpd/modules.conf
>
><Global>
> AllowOverwrite on
></Global>
>
>UseIPv6 off
>
>UseReverseDNS off
>Port 0
>
>SystemLog /var/log/proftpd/proftpd.log
>
> <IfModule mod_lang.c>
> LangPath /usr/share/locale
> LangDefault en_US
> </IfModule>
>
><VirtualHost x.x.x.x>
> <IfModule mod_cap.c>
> # Allow root to use chown(2)
> CapabilitiesEngine off
> #CapabilitiesSet -CAP_CHOWN
> </IfModule>
>
>ServerName "x ftp server"
>Port 21
>DefaultServer on
>ServerAdmin x at x
>IdentLookups off
>MaxClients 30 "Sorry, max %m users -- try again later"
>TimeoutLogin 60
>TimeoutIdle 300
>TimeoutNoTransfer 300
>TimeoutStalled 1800
>DefaultTransferMode binary
>DeferWelcome off
>Umask 022
>DefaultRoot ~ !andron
>AllowStoreRestart on
>RequireValidShell off
>User www-data
>Group www-data
> <Directory ~/*>
> UserOwner www-data
> GroupOwner www-data
> AllowOverwrite on
> <Limit WRITE READ DIRS STOR SITE_CHMOD>
> AllowAll
> </Limit>
> </Directory>
>
></VirtualHost>
>
>But work if I comment UserOwner and GroupOwner directives it's works:
>
># cat /etc/proftpd/proftpd.conf
>Include /etc/proftpd/modules.conf
>
><Global>
> AllowOverwrite on
></Global>
>
>UseIPv6 off
>
>UseReverseDNS off
>Port 0
>
>SystemLog /var/log/proftpd/proftpd.log
>
> <IfModule mod_lang.c>
> LangPath /usr/share/locale
> LangDefault en_US
> </IfModule>
>
><VirtualHost x.x.x.x>
> <IfModule mod_cap.c>
> # Allow root to use chown(2)
> CapabilitiesEngine off
> #CapabilitiesSet -CAP_CHOWN
> </IfModule>
>
>ServerName "x ftp server"
>Port 21
>DefaultServer on
>ServerAdmin x at x
>IdentLookups off
>MaxClients 30 "Sorry, max %m users -- try again later"
>TimeoutLogin 60
>TimeoutIdle 300
>TimeoutNoTransfer 300
>TimeoutStalled 1800
>DefaultTransferMode binary
>DeferWelcome off
>Umask 022
>DefaultRoot ~ !andron
>AllowStoreRestart on
>RequireValidShell off
>User www-data
>Group www-data
> <Directory ~/*>
> #UserOwner www-data
> #GroupOwner www-data
> AllowOverwrite on
> <Limit WRITE READ DIRS STOR SITE_CHMOD>
> AllowAll
> </Limit>
> </Directory>
>
></VirtualHost>
>
>
>
>--
>WBR, Andrey Vasilishin CDIG1-UANIC, CDIG1-RIPE
>
>
--
Francesco P. Lovergine
More information about the Pkg-proftpd-maintainers
mailing list