So approx. 1 week ago i get questions as to why a clients upload is getting cut off when they are uploading a file to our FTP server. Being that it was only 1 client out of the hundred or so we have using our FTP server, I figured there was something wrong on their end or with the routing. I tried to login myself, uploaded files, moved around, did a little dance, voila everything works fine without issue. Well not so fast, customers continue to have issues and I can’t seem to make sense of it. A couple days after that I get another request to look into why a very frustrated customer is uploading a PDF that is being corrupted. Ok so now something has got to be going on. I check the FTP server, uploads work fine without corruption. I check the server that actually host the clients files, no errors reported. Finally my hair recedes another inch and I continue to look.

So to give a 10,000 foot view of the layout, we have 1 Linux VSFTP server which might I add, rocks!.  Attached via CIFS mount is a windows file server that just does what it’s name is, it serves up files. So I being that this is not my first day at the rodeo (” I have done this before”), I have been fairly confident about this setup. The VSFTP server provides the data link essentially to the file server and all is well. Well after looking and looking some more, I began to run a command in Linux some of you might know as Tail.  In running  ” tail -f /var/log/syslog” I started to see errors pop

And as you can see the CIFS VFS: Write2 ret -13, and I think oh! of course this is as clear as mud!.

All joking aside , I looked for several hours to find some kind of solution for this. Nothing shows online, but 1 thing I did determine was that my Linux release even though it was up to date, it was 2 versions behind. With CIFS errors coming from the Kernel, I decided that ultimately the Kernel will need to be recompiled at the very least to fix the issue with VFS. Or I can just update the entire OS to the latest release and be done with this.

On average every 15 minutes our FTP server is being connected to. Not extremely busy but, also does not give me a window large enough to do a full update. So I decided that I would go with an alternate idea that would minimize downtime to about 10 minutes. Drawbacks? I would be spending the next week building 2 Linux servers with VSFTPD and selecting the best Linux OS to support it. I thought, “This can’t be that hard”.  Sorely mistaken I dove into the task and was suddenly met with problems from the new and improved VSFTPD.

One of the newer features I believe that comes with version 2.5.3 and up is the chroot_users does not allow the root folder to be written to.  This I knew was a problem because of how we have our FTP set up, we need to allow users to write to their root. Knowing that the users root is technically not on the FTP server, I can see no harm in allowing this.

Well none the less the issue remains,  however with the new 3.0 version, you can set a config called allow_writeable_chroot. This will solve the issue for you. Only thing you need to do is to compile the 3.o version yourself till all the Linux versions inherit it. After all said and done, moving to Centos with a self compiled VSFTPD version fixed our problem.

Advertisements