FTP 550 Permission Denied: Troubleshooting Directory Creation Issues in FileZilla Despite File Operations Working


2 views

html

Recently encountered a perplexing FTP scenario where standard file operations function normally, but directory creation fails with "550 Permission denied". Here's my deep dive into resolving this specific edge case.

Server: Linux (Ubuntu 20.04 LTS)
FTP Server: vsftpd 3.0.3
Client: FileZilla 3.63.1
Authentication: Virtual user via PAM

The key anomaly: users could perform these operations successfully:

  • File uploads (STOR command)
  • File deletions (DELE command)
  • Directory removal (RMD command)

But failed on:

  • MKD (make directory) commands
  • LIST commands in certain subdirectories

First examined vsftpd.conf for relevant directives:

# Critical permissions settings
write_enable=YES
anon_mkdir_write_enable=NO
chroot_local_user=YES
allow_writeable_chroot=YES

Discovered the virtual user's home directory had restrictive permissions:

dr-xr-xr-x 5 root root 4096 Jan 15 09:23 /var/www/vhosts/example.com

The combination of chroot restrictions and directory permissions created this paradox:

  1. File operations worked because the user had write permission within existing directories
  2. Directory creation required execute permission on the parent directory
  3. The "x" bit was missing for the user on the root directory

Corrected the permissions while maintaining security:

sudo chmod o+x /var/www/vhosts/example.com

For more granular control in production environments:

# Create a dedicated group for FTP users
sudo groupadd ftpcontent
sudo usermod -aG ftpcontent vsftpd
sudo chown -R :ftpcontent /var/www/vhosts/example.com
sudo chmod -R 775 /var/www/vhosts/example.com

Tested the fix through both FTP client and command line:

ftp> mkdir testdir
257 "/testdir" created

For environments where directory permissions can't be modified:

  1. Configure per-directory rules in vsftpd:
    2. # In vsftpd.conf
user_sub_token=$USER
local_root=/var/www/vhosts/$USER
  2. Implement ACLs for precise control:
    3. setfacl -Rm u:vsftpd:rwx /var/www/vhosts/example.com

Added these checks to our deployment playbook (Ansible example):

- name: Verify FTP directory permissions
  stat:
    path: "{{ ftp_root }}"
  register: dir_stat
  
- name: Set correct permissions
  file:
    path: "{{ ftp_root }}"
    mode: "0755"
    group: "ftpcontent"
  when: dir_stat.stat.mode != "0755"

This FTP 550 error presents an interesting scenario where most file operations work except directory creation. Let me document my troubleshooting journey for fellow developers facing similar issues.

First, let's verify the server configuration. The key commands to check:

# Check directory ownership
ls -la /path/to/ftproot

# Verify vsftpd configuration (if using)
grep -i "write_enable" /etc/vsftpd.conf
grep -i "anon_mkdir" /etc/vsftpd.conf

When using FileZilla with these symptoms, pay attention to:

  • Server type selection (FTP vs SFTP)
  • Transfer mode (Active/Passive)
  • Session credentials caching

Try these commands through FTP directly to isolate the issue:

ftp> quote SITE CHMOD 755 /current_directory
ftp> mkdir test_folder
ftp> rmdir test_folder

For deeper inspection, use cURL to simulate the operation:

curl -v -u username:password ftp://yourserver.com/ \
-X "MKD test_dir" \
--ftp-create-dirs

If you're using vsftpd, ensure these settings exist:

# /etc/vsftpd.conf
write_enable=YES
anon_mkdir_write_enable=YES
allow_writeable_chroot=YES

When all else fails, consider:

  1. Creating directories via SSH first
  2. Using PHP's ftp_mkdir() as a temporary solution
  3. Checking for SELinux contexts on CentOS/RHEL