In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
CentOS vsftpd users how to manually establish the operating system, many novices are not very clear about this, in order to help you solve this problem, the following small series will explain in detail for everyone, there are people who need this to learn, I hope you can gain something.
CentOS Linux has been widely used because of its compatibility with RHEL and the stability of enterprise-class applications, while allowing users to use it freely.
CentOS vsftpd installation
yum -y install vsftpd*
yum -y install pam*
yum -y install db4*
CentOS vsftpd system account
1. Host user of CentOS vsftpd service
useradd vsftpd -s /sbin/nologin
2. vsftpd virtual host user
useradd ftpuser -s /sbin/nologin
* The user concerned is not allowed to log in.
CentOS vsftpd.conf settings
1. Backup
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.ysbk
more..
less..
2. Settings
anonymous_enable=NO Set not to allow anonymous access
local_enable=YES Set local user access. Note: Mainly for virtual host users, if this item is set to NO then all virtual users will not be able to access.
write_enable=YES Set to enable write operations.
local_umask=022 Set the permission mask for the uploaded file.
anon_upload_enable=NO Disable anonymous user uploads.
anon_mkdir_write_enable=NO Prevent anonymous users from creating directories.
dirmessage_enable=YES Set to enable directory tagline functionality.
xferlog_enable=YES Set to enable logging.
connect_from_port_20=YES Set port 20 for data connection.
chown_uploads=NO Set to prohibit uploading files to change hosts.
xferlog_file=/var/log/vsftpd.log Sets the path where CentOS vsftpd service logs are saved. Note that this file does not exist by default. It has to be manually touched out, and since the CentOS vsftpd service hosting user changed here for manually established CentOS vsftpd. Care must be taken to give this user write access to the log, otherwise the service will fail to start.
xferlog_std_format=YES Sets the log to use the standard record format.
nopriv_user=vsftpd Sets the host user supporting the CentOS vsftpd service to a manually established CentOS vsftpd user. Note that once a change is made to the host user, attention must be paid to the read and write empowerment of the files associated with the service. For example, log files must be given to the user write permissions, etc.
async_abor_enable=YES Set to support asynchronous transfer functionality.
ascii_upload_enable=YES
ascii_download_enable=YES Set to support ASCII mode uploads and downloads.
ftpd_banner=Welcome to Awei FTP servers Set CentOS vsftpd login tagline.
chroot_local_user=YES Prevent local users from logging out of their FTP home directory.
pam_service_name=vsftpd Sets the authentication profile name for CentOS vsftpd under PAM service. Therefore, PAM validation will refer to the CentOS vsftpd file configuration under/etc/pam.d/.
The following are important configuration items for CentOS vsftpd virtual user support. The default Vsftpd.conf does not contain these settings, and you need to manually add your own configuration.
guest_enable=YES Set to enable virtual user functionality.
guest_username=ftpuser Specifies the host user for the virtual user.
virtual_use_local_privs=YES Sets the permissions of virtual users to match those of their host users.
user_config_dir=/etc/vsftpd/vconf Set the path where the configuration file of the virtual user's personal Vsftp is stored. That is, this specified directory will store the profile of each Vsftp virtual user personality. One thing to note is that these profiles must have the same name as the virtual user name.
3. Create CentOS vsftpd log file and change the owner to CentOS vsftpd service host user:
[root@KcentOS5 ~]# touch /var/log/vsftpd.log
[root@KcentOS5 ~]# chown vsftpd.vsftpd /var/log/vsftpd.log
4. Create virtual user profile storage path:
[root@KcentOS5 ~]# mkdir /etc/vsftpd/vconf/
IV. Making CentOS vsftpd virtual user database file
1. Create a virtual user list file:
[root@KcentOS5 ~]# touch /etc/vsftpd/virtusers
A virtual user list file is created. This file is the data file that records the username and password of CentOS vsftpd virtual users. I will name it virtusers here. To avoid file clutter, I put this list file under/etc/vsftpd/.
2. Edit virtual user list file:
[root@KcentOS5 ~]# vi /etc/vsftpd/virtusers
download
1234
upload
5678
admin
9012
Edit this virtual user list file, adding the user's username and password information to it. The format is simple: "one username, one password."
3. Generating virtual user data files:
[root@KcentOS5 ~]# db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db
5. Set PAM authentication file and specify virtual user database file to read
Add the following information to the header of/etc/pamd.vsftpd (invalid after)
auth sufficient /lib/security/pam_userdb.so db=/etc/vsftpd/virtusers
account sufficient /lib/security/pam_userdb.so db=/etc/vsftpd/virtusers
VI. CentOS vsftpd configuration of virtual user
1. download user, only download, not upload or delete
write_enable=NO
2. Upload can be downloaded and uploaded but cannot be deleted
write_enable=YES
cmds_allowed=ABOR,
file_open_mode=0444
3. admin manages ftp
The default vsftpd.conf file is fine, don't make any changes.
4. Supplement:
If you want to restrict the upload directory (home directory) for uploading users, you need to add
local_root=/home/ftp/upload
The requested URL/home/ftp/upload.png was not found on this server.
Did reading the above help you? If you still want to have further understanding of related knowledge or read more related articles, please pay attention to the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.