defeating vsftp error “500 OOPS: cannot change directory:/some/directory”

There’s lots of recommendations floating around the net for this, but try the following first:

Make sure that the user and group permissions for the account and the home directory match. For example, if you are logging in as:

account:x:521:500::/some/directory:/sbin/nologin

then make sure that the home directory defined for “account” is at least readable and executable by user 521 and group 500.

I posted about this previously but this time I also ran into directory permissions. Ugh.

38 thoughts on “defeating vsftp error “500 OOPS: cannot change directory:/some/directory”

  1. Hi! that error is generate for Selinux plz do the following actions:

    [root@sun02 vsftpd]# getenforce
    Enforcing
    [root@sun02 vsftpd]# getsebool -a | grep ftp
    allow_ftpd_anon_write –> off
    allow_ftpd_full_access –> off
    allow_ftpd_use_cifs –> off
    allow_ftpd_use_nfs –> off
    allow_tftp_anon_write –> off
    ftp_home_dir –> on (change that to on in ur case this option is off)
    ftpd_disable_trans –> off
    ftpd_is_daemon –> on
    httpd_enable_ftp_server –> off
    tftpd_disable_trans –> off
    [root@sun02 vsftpd]# setseboll -P ftp_home_dir on

    This is all that u want to need.

    Good Luck!

  2. Jaime –

    That totally worked for me, thank you so much. BTW, there is a typo in your last line, it should be:

    > setsebool -P ftp_home_dir on

    – Matt

  3. it worked but not secured……it leads to path traversal..
    ftp user able to see all sys files like /etc /var /boot everything ..
    “using Up to higher level directory”

  4. Everyone,

    Get the latest version of vsftpd direct from the author: https://security.appspot.com/vsftpd.html

    I had lots of problems because the latest version of Linux Mint 14 was using an old version of vsftpd. I read the Software Manager page carefully for vsftpd and I noticed the author’s website link. I downloaded it and I am happy now!

  5. I have Fedora 13, Directory listing started with command – setsebool -P ftp_home_dir on but it was not allowing to write files in /var/www/html so I have to set
    setsebool -P allow_ftpd_full_access on

    After this writing files permission started.

    Is it right way to do this.

  6. And don't forget that the parent directory ALSO must have excute rights for the user connected to your FTP server. You can do it by applying chmod o+x /parentdir/ftp or by using groups if you care about everybody able to traverse this parent dir.

  7. Yup, and still relevant for Fedora22.
    After following the usual vsftpd setup my user with the default home directory worked fine, but another user I had setup with a different directory failed. All permissions to directory were fine because when I ssh in as them everything works.
    vsftpd however gave me 500 OOPS: cannot change directory, but after setting the following all is now fine…
    setsebool -P ftp_home_dir on
    setsebool -P ftpd_full_access on

Leave a Reply

Your email address will not be published. Required fields are marked *