Are you facing the error '500 oops vsftpd refusing to run with writable root inside chroot()'?
This guide is for you.
500 oops vsftpd refusing to run with writable root inside chroot() happens when attempting to connect to a vsftpd FTP server that is configured to jail (prevent from accessing other directories) each FTP user.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to fix vsftpd related errors.
In this context, we shall look into the cause of this error to occur and also see how to fix it.
Generally, this error mainly occurs when you have newly installed the vsftpd on a Linux server and trying to FTP to it.
Also, after upgrading the vsftpd or vsftpd-ext, you may come across this error message while connecting to FTP.
The best fix is to create a separate Linux user specifically for FTP only that can't log in via SSH.
In case, if you wish to remove the SSH access for a test user then you can run the below command:
$ usermod -s /sbin/nologin testuser
However, this will not completely fix the error.
So we need to modify the user's home directory to read-only.
Here, we are assuming the username to be testuser and the home directory to be /home/testuser.
Then we run the below command:
$ chmod a-w /home/testuser
Finally, restart the vsftpd by running the below command.
$ systemctl restart vsftpd
Alternatively, you can try bypassing the writable check in the vsftpd config file by executing the below command:
$ echo 'allow_writeable_chroot=YES' >> /etc/vsftpd/vsftpd.conf && systemctl restart vsftpd
This article covers fixes to '500 oops vsftpd refusing to run with writable root inside chroot()' error which occurs while connecting to vsftpd if it is a newly installed vsftpd or if it is upgraded.
To fix this error, you need to upgrade your Server by adding the jessie repository to my Debian installation and upgrade it so:
echo "deb http://ftp.us.debian.org/debian jessie main contrib non-free" >> /etc/apt/sources.list
aptitude update
aptitude upgrade vsftpd
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
service vsftpd restart
Also, add the value:
seccomp_sandbox=NO
to the configuration and restart the service with service vsftpd restart:
Then "allow_writeable_chroot=YES"