fauria / docker-vsftpd Goto Github PK

Add a way to pass SSL key and certificate to enable Secure FTP (SFTP).

vsftpd supports the following via its conf file:

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
rsa_cert_file=/etc/vsftpd.pem
rsa_private_key_file=/etc/vsftpd.pem
pasv_max_port=65535
pasv_min_port=64000

When I restart container then I lost all my users.

Hi,

I feel like I am missing something obvious, I created the directory and changed the ownership to user 14 and group 50 but I keep getting errors when listing the directory.

Hi,

I see on vsftpd.log that all my clients have the same ipaddress, but this is obviously the local ip address of the host.
Is possible get the real client ip?

If a container is run with -v /home/ftps/vsftpd-conf/:/etc/vsftpd/ a folder with all the config file get created but the file vsftpd.conf is empty. As the container attempt to start the Variables set at container runtime section gets populated but the container crashes as the rest of the config file is missing.
I was able to start the container by editing the config file and restart.
Every time I restart the container all Variables set at container runtime are duplicated ( the file grows at each restart ).

Hello
I make your ftp Docker instalation and perfect connect , but it happens to me that the volume that I map, I cannot see the files in FileZilla, it does create a directory with the name of my user and this is the one that is listed in FileZilla.
I need to see the other files in that directory (volume host), I search but cannot find a solution.

Should there be a "yum clean all" after this?

RUN yum install -y \
    vsftpd \
    db4-utils \
    db4

Hi,

When I connected from FileZilla in passive mode I'm getting the below error. I have used the same settings as given in the repo.
Error: Disconnected from server: ECONNABORTED - Connection aborted
Error: Failed to retrieve directory listing

Note: Active mode is working fine without any issue. But need to understand what is blocking the passive mode.

I want to control the linux system running program on MFC (for example, .sh file),How to achieve it?
I know that you can use the "quote site exec ***.exe" command to run the windows server program, but this code does not work under the Linux system.

Hi, I've tried for the first time using this image, and I noticed that the STDOUT is not working as I expected, since I don't see any connect or transfer messages.
I'm starting the container using docker-compose, and I set the Environment Variable as documented.
However, after testing for sometime, I only saw one single log message on the console.
So I opened a terminal inside the running container, and I noticed there are 2 vsftpd.log files under /var/log, as follows:

/var/log:

[root@6b28dbacc585 log]# find . -ls | grep vsftp
1104614   16 -rw-------   1 root     root        14757 Nov  9 19:18 ./vsftpd.log
970431    4 drwxr-xr-x   2 root     root         4096 Nov  9 19:00 ./vsftpd
970441    0 lrwxrwxrwx   1 root     root           11 Nov  9 19:00 ./vsftpd/vsftpd.log -> /dev/stdout

Apparently, the location /var/log/vsftpd/vsftpd.log has been corretly redirected to /dev/stdout, but the most messages are being logged into a different location, /var/log/vsftpd.log.

I checked the configuration file being used, and it does point to the location that is redirected to stdout, but for some reason, the situation I just described is taking place.

/etc/vsftpd/vsftpd.conf:

[root@6b28dbacc585 log]# grep log /etc/vsftpd/vsftpd.conf
# Uncomment this to allow local users to log in.
## Enable logging
xferlog_enable=YES
xferlog_file=/var/log/vsftpd/vsftpd.log
xferlog_std_format=NO

Am I doing something wrong, or is there maybe a problem here?
I appreciate any support.

how to bind mount /etc/vsftpd/vsftpd.conf for editing from the host?

I know, that It's my stupidity, but I've mounted my VPS' root dir inside the container, and it's started to change my files permissions recursively. Which of course led to the fatal system corruption. So I believe this behaviour should be documented somewhere...

i tried add a new ftp user,but login failed

finallly , i find the solution

# 4) Manually add a new FTP user to an existing container:
docker exec -i -t vsftpd bash
mkdir /home/vsftpd/myuser
chown -R ftp:ftp /home/vsftpd
echo -e "myuser\nmypass" >> /etc/vsftpd/virtual_users.txt
/usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db
exit
docker restart vsftpd

you should add chown -R ftp:ftp /home/vsftpd command

We have a docker-compose file that includes the fauria/vsftpd image:

vsftpd:
    image: fauria/vsftpd
    ports:
      - "21:21"
      - "20:20"
      - "21100-21110:21100-21110"
    volumes:
      - ./data/:/home/vsftpd/
    environment:
      - "FTP_USER=user"
      - "FTP_PASS=pass"
      - "PASV_ADDRESS=ftp"
      - "PASV_MIN_PORT=21100"
      - "PASV_MAX_PORT=21110"
      # - "LOG_STDOUT=YES"

However, the build freezes when we try to log the output to STDOUT. Is this a known issue, or did we configure it wrong?

ubuntu 16.04
image version:latest
command:

docker run -d -v /my/data/directory:/home/vsftpd
-p 20:20 -p 21:21 -p 21100-21110:21100-21110
-e FTP_USER=myuser -e FTP_PASS=mypass
-e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110
--name vsftpd --restart=always fauria/vsftpd

I modified the file '/etc/vsftpd/virtual_users.txt’, but when the container restarted, it was reset.
Please help me.

My team use this ftp image in our project and I'm the only member on the team who has an apple silicon mac. Because this image is listed as only being compatible with amd64 architecture on docker hub, I was looking for alternatives to this FTP image but then I realised that the centos version this image is based on is arm compatible. After copying all the source locally, it runs natively on my apple silicon mac absolutely fine.

If it works fine (which from my testing so far seems to be the case), would it be possible to have the image on the docker hub be tagged as compatible with arm/arm64 architectures?

Hi,

I'm creating my own image using some of your settings as they seem to have been well thought over. But some settings are not working as intended :)

When a user wants to create a new directory in their own space the error occurs.
550 Create directory operation failed.

It's due to wrong permissions.
chmod -R ftp:ftp /home/vsftpd should be run after a new user has been added and new directory has been created. Otherwise, that directory has root permissions only.

Hello,
first of all I want to thank you for this container, we are using it since a couple of years and it works pretty well.

We are having a problem with the last update, when we try to connect to the server it says "500 OOPS: failed to open xferlog log file:/var/log/vsftpd/vsftpd.log".

Deleting /var/log/vsftpd/vsftpd.log solves the problem.

Thank you again

Error on start:

/usr/sbin/run-vsftpd.sh: line 29: /sbin/ip: No such file or directory

its a centos 7 docker image from repo fauria/docker-vsftpd, run as :

docker run -d -p 21:21 -p 20:20 -p 21100-21110:21100-21110 -v /mydir:/home/vsftpd -e FTP_USER=myuser -e FTP_PASS=mypass -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 --name myvsftpd --restart=always fauria/vsftpd

Unable to login to ftp via filezilla: details are :

host: 192.168.99.100
port: 21
protocol: sftp
logon type: normal
user: myuser
pass: mypass

Suggestion if any,

Thanks,
Aniruddha

How can I create an administrator account so that he can see the folders and files of all virtual users?

Ftp anonymous user login is a very useful feature, can you consider adding it?

home/vsftpd is declared as a volume so no data can not inserted in it in a child dockerfile. It would be very helpful if child dockerfile could create some initial data in it.

Hi,
I have setup my ftp container using the example files provided however when I login and attempt to do anything using my ftp client I have issues relating to no route to host. Below is the error message I receive. Googling this suggests having to do some config with ip tables?

I can login but cant do anything

tp> open 192.168.0.10
Connected to 192.168.0.10 (192.168.0.10).
220 (vsFTPd 3.0.2)
Name (192.168.0.10:root): admin
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (172,17,1,21,117,241).
ftp: connect: No route to host
ftp>

Anyone able to suggest some ideas?

Thanks

Hello, thanks for the docker image. Container platforms like OpenShift run containers under non-root ids by default, making run-vsftpd.sh to fail when executing its instructions.
Is there any plan to redesign the image to be runnable as non-root?

First of all thanks for this, saved me a few hours of doing the dockerisation myself.

The issue here is that the 'production' setup doesn't work out of the box. Since I am mounting a volume 'my/volume/here' to 'home/vsftp', the expectation is that the default config should be set to mount that volume, and not /home/vsftp/user which is set in the default config.

ftp:/mysql_logbin/20180926> get mysql-bin.000076
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for mysql-bin.000076 (158589904 bytes).
426 Failure writing network stream.

Hi @fauria!

When I use docker-vsftpd alogside docker-compose.yml I cannot properly use ftp ls command cause I get such error:

ftp> ls
500 Illegal PORT command.
425 Use PORT or PASV first.

Part of docker-compose.yml file:

ftp-server:
    image: fauria/vsftpd
    deploy:
      replicas: 1
    ports:
      - "20:20"
      - "21:21"
      - "21100-21110:21100-21110"
    environment:
      - FTP_USER=bob
      - FTP_PASS=12345
      - PASV_ADDRESS=my-host
      - PASV_ADDRESS_RESOLVE=YES
      - PASV_ADDR_RESOLVE=YES
      - PASV_MIN_PORT=21100
      - PASV_MAX_PORT=21110
      - PASV_ADDRESS_ENABLE=YES
      - PASV_ENABLE=YES
    networks:
      - webnet
    volumes:
      - "/opt/dockerstorage/volumes/ftpvolume/_data:/home/vsftpd"

But when I start ftp server with below command it works fine:

docker run -d -v /opt/dockerstorage/volumes/ftpvolume/_data:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=bob -e FTP_PASS=12345 -e PASV_ADDRESS=my-host -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 -e PASV_ADDRESS_ENABLE=YES -e PASV_ENABLE=YES --name vsftpd --restart=always fauria/vsftpd

I think there are some troubles with address lookup but I couldn't find how to solve it.

Update: For now I need to use host network.

I see that in the dockerfile the userid and groupid are set to 14 and 50 however to get this to work with another container (paperless-ngx) and so that my user can access the directory I would need to set the group and user id to 1000. I also see this is set if I were building the image from the repo with docker-compose.yml but an image pull would be prefered.

services:
    vsftpd:
      image: fauria/vsftpd
      container_name: vsftpd
      environment:
        - FTP_USER=austinpaperless
        - FTP_PASS=******
        - PASV_ADDRESS=192.168.1.69
        - PASV_MIN_PORT=21100
        - PASV_MAX_PORT=21110
        - LOCAL_UMASK=0777
        - FILE_OPEN_MODE=0777
      ports:
        - 0.0.0.0:20:20
        - 0.0.0.0:21:21
        - "21100-21110:21100-21110"
      volumes: 
        - /home/austin/ftpserver/:/home/vsftpd
        - /home/austin/docker/vsftpd/:/var/log/vsftpd
      restart: always

How to change virtual user password?

#1

I use fauria/vsftpd as ftp server where several docker containers are connected, but I have problem with ftp because the folder from the host where the exchange files are is locked with admins from the ftp container user: ftp uid:14 and gid:12 with chmod 411. Where which is not possible to edit through filebrowser or samba user. Do you have any solution and which one? I also need the solution for docker-compose.yml

Hello,

The documentation provides an example to manually add a new FTP user to an existing container

docker exec -i -t vsftpd bash
mkdir /home/vsftpd/myuser
echo -e "myuser\nmypass" >> /etc/vsftpd/virtual_users.txt
/usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db
exit
docker restart vsftpd

Nevertheless each time the container is restarted, virtual_users.txt is erased in run-vsftpd.sh so the new added user is deleted.

echo -e "${FTP_USER}\n${FTP_PASS}" > /etc/vsftpd/virtual_users.txt
/usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db

May be I'm doing someting wrong.

Hi,

If you don't specify a the PASSV_ADDRESS environment variable, the following error appears in the logs:

/usr/sbin/run-vsftpd.sh: line 27: /sbin/ip: No such file or directory

It looks like the iproute package isn't installed.

I have windows host's shared folder mounted by cifs to linux vm guest, which s runnin docker container(/home/user/conf/folder) i can easily do anything to drag, upload, download or any other kind of interraction( from both side either host windows or guest vm ubuntu).
On vm i have docker container:run command looks like " docker run -v /home/user/conf/folder:/home/vsftpd/user -p 20:20 -p 21:21 -p 47400-47040:47400-47040 -e FTP_USER "ftp" -e FTP_PASS "ftp" -e PASS_ADDRESS="ip host" -d fauria/docker-vsftpd. It starts correctly, so i can connect to host ip using ftp:ftp user:pass combo with filezilla ftp protocol.I can even download any file from mounted dir(and it is really mounted, because i can see all files from host), but cant upload or change(755 perm). My mounted folder owned by user ftp:ftp which was made by myself and has 1002:1002 uid:gid.

P.s. on the same vm i have runnable docker sftp container by atmoz which have absolutely 0 issues even w/custom ssh keys

Can u help me please. How can i solve this problem?

Sometimes DNS lookup is slow, will cause poor performance.

tl;dr Change
echo -e "${FTP_USER}\n${FTP_PASS}" > /etc/vsftpd/virtual_users.txt
to
echo -e "${FTP_USER}\n${FTP_PASS}" >> /etc/vsftpd/virtual_users.txt

It would be nice to be able to use this image as base image, and add an existing list of users when the we build the new image.

Example Docker File:

FROM fauria/vsftpd
COPY my-users.txt /etc/vsftpd/virtual_users.txt

Example my-users.txt.

myuser1
mypass1
myuser2
mypass2

Thank you,
Lance

Thanks for this image !

My goal is to have this container always open, and to have only "virtual_users.txt" updated by our application.

So, it would be great to launch vsftpd as a service.

When trying to start it with systemctl I have this error :

[root@d865273a4eae init.d]# systemctl start vsftpd.service Failed to get D-Bus connection: Operation not permitted

I want to have it as standalone to be able to restart it when the file "virtual_users.txt" is updated with a cron.

Do you have an idea ?
Thank you by advance.

Hello,

first of all, thanks a lot for this container. Maybe I misunderstood something. Therefore, I would be glad about a hint.

I'm struggling adding new users when using docker-compose.yml. When adding a user manually to an existing container, the user gets deleted after using docker-compose down and up again. So, is there going to be a chance to add users like that?:

  vsftpd:  
      container_name: vsftpd
      image: fauria/vsftpd  
      environment:  
        - FTP_USER_1:One
        - FTP_PASS_1:PassOne
        - FTP_USER_2:Two
        - FTP_PASS_2:PassTwo
      volumes:
        - /volume/One:/home/vsftpd/One
        - /volume/Two:/home/vsftpd/Two

Thanks a lot!

Hi,
When loading the container it shows:
· Log file: /var/log/vsftpd/vsftpd.log

but the correct path is /var/log/vsftpd.log

Here is my docker compose

version: "3.7"

services:
  ftp:
    image: fauria/vsftpd:latest
    container_name: Ftp
    restart: always
    environment:
      - FTP_USER=adminuser
      - FTP_PASS=adminpass
      - PASV_ADDRESS=127.0.0.1
      - PASV_MIN_PORT=21100
      - PASV_MAX_PORT=21110
    volumes:
      - ftp-data:/home/vsftpd
      - ftp-log-data:/var/log/vsftpd
    ports:
      - 20:20
      - 21:21
      - 21100-21110:21100-21110
    
volumes:
  ftp-data:
  ftp-log-data:

while trying to access using FileZilla its saying

Error:	Could not connect to server
Status:	Waiting to retry...
Status:	Connecting to 127.0.0.1:21...
Status:	Connection attempt failed with "ECONNREFUSED - Connection refused by server".

also tried with PASV_ADDR_RESOLVE=YES

I am running docker in Windows

Hi there!
Thanks for the effort creating a lightweight ftp docker image!

I just missing something, maybe permission issues?
So I created a compose file, which is the following:

version: '3.3'
services:
    vsftpd:
        volumes:
            - /var/containersdata/ftp-srv/data:/home/vsftpd
            - /var/containersdata/ftp-srv/log:/var/log/vsftpd
        ports:
            - '20:20'
            - '21:21'
            - '21100-21110:21100-21110'
        environment:
            - FTP_USER=user
            - FTP_PASS=pass
            - PASV_MIN_PORT=21100
            - PASV_MAX_PORT=21110
            - LOCAL_UMASK=0777
        container_name: ftp-srv
        restart: always
        image: fauria/vsftpd

But as I connect to the FTP server from my network (so no firewall etc) the connection is up, but I can see no files there.
I tried to create a symlink to the ftp-shared folder, and also just a txt file, but no success, nothing is shown in my ftp server.
What am I doing wrong?

Container does not start if use "ftp" user:

...
/usr/sbin/run-vsftpd.sh: line 24: /etc/vsftpd/virtual_users.txt: Permission denied
BDB5072 db_load: /etc/vsftpd/virtual_users.txt: reopen: No such file or directory

because of:
24 echo -e "${FTP_USER}\n${FTP_PASS}" > /etc/vsftpd/virtual_users.txt
can't write to file
-rw-r--r--. 1 root root 30 Aug 28 12:42 virtual_users.txt

This never works... still bug!

Stato: Connessione a 192.168.7.125:21...
Stato: Connessione stabilita, in attesa del messaggio di benvenuto...
Stato: Server non sicuro, non supporta FTP su TLS.
Stato: Accesso effettuato
Stato: Lettura elenco cartelle...
Comando: PWD
Risposta: 257 "/"
Comando: TYPE I
Risposta: 200 Switching to Binary mode.
Comando: PASV
Risposta: 227 Entering Passive Mode (127,0,0,1,82,108).
Comando: LIST
Errore: La connessione dati non può essere stabilita. ECONNREFUSED - Connessione rifiutata dal server

Docker on server centos
[root@centos-7-125 ~]# docker run -d -v hosting:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=vhost -e FTP_PASS=vpassword -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 --name vsftpd --restart=always fauria/vsftpd

can't see directory only login....

Tue Mar 5 15:24:16 2019 [pid 21] CONNECT: Client "192.168.113.2"
Tue Mar 5 15:24:16 2019 [pid 20] [vhost] OK LOGIN: Client "192.168.113.2"

!! but never connect to see directories !!

Filezilla setting on pasive mode and / or active using port max/min 21110 / 21100
never hit!

Originally posted by @emper0r in #1 (comment)

I want to add an administrator user, not chroot

ubuntu 16.04
image version：最新
命令：

docker run -d \
-v /my/data/directory:/home/vsftpd \
-p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
-e FTP_USER=myuser -e FTP_PASS=mypass \
--name vsftpd  fauria/vsftpd

docker exec -i -t vsftpd bash
vi /etc/vsftpd/vsftpd.conf 

-----
vsftpd.conf add  
  chroot_list_enable=YES   
  chroot_list_file=/etc/vsftpd/chroot_list

echo "myuser" > /etc/vsftpd/chroot_list
exit
docker restart vsftpd

Then the startup fails.
Please help me.

I have this stack file:

version: '3.2'

services:
wordpress{id}:
image: wordpress:latest
deploy:
resources:
limits:
cpus: '0.30'
memory: 512M
hostname: {id}
ports:
- {web_port}:80
environment:
WORDPRESS_DB_HOST: 172.18.0.1
WORDPRESS_DB_USER: {mysql_user}
WORDPRESS_DB_PASSWORD: {mysql_passwd}
WORDPRESS_DB_NAME: {mysql_db}
WORDPRESS_URL: {public_url}
WORDPRESS_CONFIG_EXTRA: |
define('FS_METHOD', 'direct');
volumes:
- wordpress{id}:/var/www/html:rw
networks:
- {id}
vsftpd:
image: fauria/vsftpd
environment:
- FTP_USER={ftp_user}
- FTP_PASS={ftp_pass}
- PASV_ADDRESS={ftp_host}
- PASV_MIN_PORT={ftp_passive_port}
- PASV_MAX_PORT={ftp_passive_port}
- FILE_OPEN_MODE=077
- LOCAL_UMASK=077
volumes:
- wordpress{id}:/home/vsftpd/{ftp_user}:rw
ports:
- {ftp_port}:21
- {ftp_passive_port}:{ftp_passive_port}
phpmyadmin{id}:
image: phpmyadmin/phpmyadmin
deploy:
resources:
limits:
cpus: '0.30'
memory: 256M
hostname: {id}
restart: always
ports:
- {phpmyadmin_port}:80
environment:
PMA_HOST: 172.18.0.1
networks:
- {id}
networks:
{id}:
volumes:
wordpress{id}:
driver: local
driver_opts:
type: none
o: bind
device: /clientes_everhost/home/{id}/public_html

FTP is working for delete, create, etc. But I can't install plugins and theme from WordPress admin panel with this notice:
Installation failed: Could not create directory.

How configure fauria/vsftpd for working with WordPress or any other image in a separeted service?

Hello,

I have this error when trying to send a file:
“Error transferring file '****'.
Server sent passive reply with unroutable address 172.25.0.1, using host address
instead.
Copying files to remote side failed.
Could not create file."

Do you have an idea ?
Thanks.