Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to modify the user's home directory and lock the upload directory under Linux". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to modify the user's home directory and lock the upload directory under Linux.

1. Establish test users

2. Modify the user's home directory in / etc/passwd

User format description in / etc/passwd file

Login name: encrypted password: digital user ID: numeric group ID: comment field: starting directory: shell program

Test:x:503:503::/home/test:/bin/bash changes this directly to the following style

Test:x:503:503::/data/comm:/bin/bash

After modifying the user's default home directory with this method, some exceptions will occur, such as bash environment exception. Here, you need to copy the hidden files under the user's original home directory to the changed home directory.

# cp-a / original home directory /. / destination directory

[root@localhost /] # su-test

-bash-3.2$ pwd

/ data/comm

-bash-3.2$ exit

Logout

3. Log in locally to ftp

[root@localhost data] # ftp localhost

Connected to localhost.localdomain.

220 (vsFTPd 2.0.5)

Name (localhost:root): test

331 Please specify the password.

Password:

500 OOPS: cannot change directory:/data/comm

Login failed.

Ftp > quit

3. Permission modification

[root@localhost /] # chown root.test / data/comm/

[root@localhost /] # chmod 744 / data/comm/

4. Modify FTP configuration file

[root@localhost /] # vi / etc/vsftpd/vsftpd.conf

Add the following statement to it

Local_enable=YES / / whether to allow local users to log in to the FTP server. The default is to allow

Write_enable=YES / / whether users are allowed to write in FTP server files. The default is to allow.

Pam_service_name=vsftpd

Userlist_enable=YES

Tcp_wrappers=YES

Permissions of local_umask=007 # user

Chroot_list_enable=YES / / if you want the user to log in and not be able to change to a directory other than his own directory, you need to set this item to lock the user directory

Chroot_list_file=/etc/vsftpd/chroot_list

Userlist_enable=YES # sets userlist_enable=YES, then only users listed in / etc/vsftpd/user_list are allowed to have this feature

Userlist_deny=NO

Userlist_file=/etc/vsftpd/user_list

~

"/ etc/vsftpd/vsftpd.conf" 147L, 5079C written

4. Restart the ftp service after setting up

[root@localhost /] # service vsftpd restart

Close vsftpd: [OK]

Start vsftpd for vsftpd: [OK]

Try [root@localhost /] # ftp localhost again

Connected to localhost.localdomain.

220 (vsFTPd 2.0.5)

Name (localhost:root): test

331 Please specify the password.

Password:

500 OOPS: cannot change directory:/data/comm

Login failed.

Ftp > quit

Still report an error, at this time you have to consider the limitations of IPTABLES and SELINUX.

5. You can close IPTABLES and SELINUX directly. If it cannot be closed, you need to make the following adjustments

Open the FTP service in IPTABLE, allowing port 21 to pass.

You can use this sentence for SELINUX

[root@localhost test] # setsebool ftpd_disable_trans 1 # turn off SELinux's protection of ftp

[root@localhost test] # service vsftpd restart

And then try again.

[root@localhost test] # ftp localhost

Connected to localhost.localdomain.

220 (vsFTPd 2.0.5)

Name (localhost:root): test

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

Ftp > pwd

257 "/" # the root is shown here, and the actual directory has been limited to / data/comm

Ftp > bye

6. Try uploading files. The modified home directory has been locked.

[root@localhost test] # cd / data/comm

[root@localhost comm] # ls-lr

Total 6

-rwx-r---r--- 1 test test 30623 03-08 12:36 crond.txt

At this point, I believe you have a deeper understanding of "how to modify the user's home directory and lock the upload directory under Linux". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.