Bug#637076: AllowOverwrite On doesn't work with UserOwner and GroupOwner directives

Mon, 21 Dec 2020 07:45:14 -0800

tags 637076 + upstream confirmed quit
This is seems still pending with 1.3.7a. With a very simple global configuration: 

/etc/proftpd/conf.d/groupowner.conf:

<Directory /tmp/tmp>
AllowOverwrite on
GroupOwner nogroup
UserOwner nobody
</Directory>

vagrant@debian:~$ lftp -u vagrant localhost

Password: 
lftp vagrant@localhost:~> cd /tmp/tmp         
cd ok, cwd=/tmp/tmp                  
lftp vagrant@localhost:/tmp/tmp> ls

-rw-r--r--   1 nobody   nogroup      2259 Dec 21 15:34 local.yml
lftp vagrant@localhost:/tmp/tmp> put local.yml
put: Access failed: 550 local.yml: Permission denied

The intended behavior should be allowing the rewrite of the file, instead.

On Mon, Aug 08, 2011 at 01:51:01PM +0300, Андрей Василишин wrote:

Package: proftpd-basic
Version: 1.3.4rc2

Directive "AllowOverwrite On"  doesn't work in such config:

# cat /etc/proftpd/proftpd.conf
Include /etc/proftpd/modules.conf

<Global>
AllowOverwrite on
</Global>

UseIPv6 off

UseReverseDNS     off
Port 0

SystemLog                       /var/log/proftpd/proftpd.log

 <IfModule mod_lang.c>
  LangPath /usr/share/locale
  LangDefault en_US
 </IfModule>

<VirtualHost x.x.x.x>
 <IfModule mod_cap.c>
   # Allow root to use chown(2)
   CapabilitiesEngine      off
   #CapabilitiesSet -CAP_CHOWN
 </IfModule>

ServerName "x ftp server"
Port 21
DefaultServer           on
ServerAdmin             x@x
IdentLookups off
MaxClients 30 "Sorry, max %m users -- try again later"
TimeoutLogin 60
TimeoutIdle 300
TimeoutNoTransfer 300
TimeoutStalled 1800
DefaultTransferMode binary
DeferWelcome off
Umask 022
DefaultRoot ~ !andron
AllowStoreRestart on
RequireValidShell off
User www-data
Group www-data
 <Directory ~/*>
       UserOwner www-data
       GroupOwner www-data
       AllowOverwrite  on
       <Limit WRITE READ DIRS STOR SITE_CHMOD>
               AllowAll
       </Limit>
 </Directory>

</VirtualHost>

But work if I comment UserOwner and GroupOwner directives it's works:

# cat /etc/proftpd/proftpd.conf
Include /etc/proftpd/modules.conf

<Global>
AllowOverwrite on
</Global>

UseIPv6 off

UseReverseDNS     off
Port 0

SystemLog                       /var/log/proftpd/proftpd.log

 <IfModule mod_lang.c>
  LangPath /usr/share/locale
  LangDefault en_US
 </IfModule>

<VirtualHost x.x.x.x>
 <IfModule mod_cap.c>
   # Allow root to use chown(2)
   CapabilitiesEngine      off
   #CapabilitiesSet -CAP_CHOWN
 </IfModule>

ServerName "x ftp server"
Port 21
DefaultServer           on
ServerAdmin             x@x
IdentLookups off
MaxClients 30 "Sorry, max %m users -- try again later"
TimeoutLogin 60
TimeoutIdle 300
TimeoutNoTransfer 300
TimeoutStalled 1800
DefaultTransferMode binary
DeferWelcome off
Umask 022
DefaultRoot ~ !andron
AllowStoreRestart on
RequireValidShell off
User www-data
Group www-data
 <Directory ~/*>
       #UserOwner www-data
       #GroupOwner www-data
       AllowOverwrite  on
       <Limit WRITE READ DIRS STOR SITE_CHMOD>
               AllowAll
       </Limit>
 </Directory>

</VirtualHost>



--
WBR, Andrey Vasilishin CDIG1-UANIC, CDIG1-RIPE




--
Francesco P. Lovergine















    











					Reply via email to