Shulou(Shulou.com)06/01 Report--

This article to share with you is about how to configure ftp server under linux and set different permissions for virtual accounts, Xiaobian feel quite practical, so share to everyone to learn, I hope you can gain something after reading this article, not much to say, follow Xiaobian to see it.

1. Create a user database

1

2

3

db_load: install db4, db4-devel, db4-utils

#yum -y install db4*

#db_load -T -t hash -f /etc/vsftpd/vsftpd_login.txt /etc/vsftpd/vsftpd_login.db

3 Modify data file access rights:

1

chmod 600 /etc/vsftpd/vsftp_login.db

4 Modify pam configuration:

1

2

3

4

5

#cat /etc/pam.d/vsftpd.vu

Comment out the original and add:

auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

Note: The.db after db=/etc/vsftpd/vsftpd_login must be removed

5 Create virtual account corresponding to the system user:

Use ftp default account

Modify the main configuration file, guest_enable means to open the virtual account function

All virtual accounts will be mapped to the system account specified by guest_username.

If you need to set permissions for virtual accounts, do so through the same settings as anonymous accounts,

For example, anon_mkdir_write_enable=NO is not able to create a directory since the control virtual account.

[root@localhost ~]#vim /etc/vsftpd/vsftpd.conf

anonymous_enable=NO

local_enable=YES

write_enable=NO #Set individually in each virtual account

anon_upload_enable=NO

anon_mkdir_write_enable=NO

anon_other_write_enable=NO

chroot_local_user=YES

guest_enable=YES #Allow virtual accounts

guest_username=ftp #Real mapping accounts for all virtual accounts

listen=YES

listen_port=21

pam_service_name=vsftpd.vu

user_config_dir=/etc/vsftpd/vconf

pasv_promiscuous=YES

max_clients=40 #Up to 40 client connections

max_per_ip=5 #Up to 5 connections per IP

The requested URL/etc/vsftpd/vconf was not found on this server.

[root@localhost vconf]# ls

user1 user2

vi user1

local_root=/data/ftp

write_enable=YES

vi user2

local_root=/data/ftp #user2 only has download rights, not upload rights.

7, restart

service vsftpd restart

ps: After configuration, problems were found when testing with ftp client.

Error code: 530 Login incorrect.

In vsftpd.vu

auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

Remove the absolute path in/lib/security/pam_userdb.so, just pam_userdb.so

OOPS: 500 OOPS: child died

Online methods

Modify vsftpd server-side configuration file

vi /etc/vsftpd/vsftpd.conf

Add the following line to restart the service

pasv_promiscuous=YES

Solution 2: If the above solution still fails, we can try the following solution.

1. Check the status of SELinux: sestatus -b| grep ftp

2. You can see in the results that appear

ftp_home_dir off

tftpd_disable_trans off

And so on. Now we just have to set one of them to on.

setsebool -P ftpd_disable_trans on or setsebool -P ftp_home_dir on

4. Restart vsftpd: service vsftpd restart

5. If this is not successful, execute the following command and restart FTP

[root@windos-test-01 vsftpd]# setsebool allow_ftpd_full_access 1

[root@windos-test-01 vsftpd]# setsebool allow_ftpd_use_cifs 1

[root@windos-test-01 vsftpd]# setsebool allow_ftpd_use_nfs 1

[root@windos-test-01 vsftpd]# setsebool -P ftp_home_dir 1

[root@windos-test-01 vsftpd]# setsebool httpd_enable_ftp_server 1

[root@windos-test-01 vsftpd]# setsebool tftp_anon_write 1

[root@windos-test-01 vsftpd]# service vsftpd restart

But I tried, and I couldn't.

OOPS: cannot change directory:/data/ftp

usermod -d /data/ftp #Arrange home directory for ftp account

4, can be connected, but can not modify the file

chown -R ftp.ftp /data/ftp

Found uploaded Chinese documents will have garbled. Winscp is recommended for ftp.

After mounting the NAS disk, the permissions of the file directory cannot be modified according to the normal settings. Note when setting up on EMC storage that

The above is how to configure ftp server and set different permissions of virtual account under linux. Xiaobian believes that some knowledge points may be seen or used in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.