Shulou(Shulou.com)06/02 Report--

1. Process and Thread

vsftp server

1. File Transfer Protocol (FTP)

FTP client and server based on the protocol to achieve file sharing, upload and download files

FTP generates a virtual connection based on TCP protocol and is used to control ftp connection information. At the same time, a TCP connection is generated for FTP data transmission

2. ftp transfer mode

3. FTP installation configuration

a.yum installation

b. Cheap source code installation

1)yum install -y vsftpd*

2)Vsftpd installed configuration file path, start vsftpd service and check whether the process starts

rpm -ql | more systemctl start vsftpd ps -ef | grep vsftpd

3)Vsftpd Default Profile

[xj@www ~]$ sudo cat /etc/vsftpd/vsftpd.conf |grep -v "^#"| grep -v "^$" Remove comments and blank lines

anonymous_enable=YES Enable anonymous user access

local_enable=YES Enable local system user access

write_enable=YES Local system user write permissions

local_umask=022 Local user creates files and directories default permission mask

dirmessage_enable=YES Prints directory display messages for the first time a user accesses a directory

xferlog_enable=YES Enable upload/download logging

connect_from_port_20=YES FTP: Use port number 20 for data transfer

xferlog_std_format=YES Log files will be written according to the guaranteed format of xferlog

listen=YES vsftp is not started as a standalone service, but managed by xinetd service. It is recommended to change to YES.

listen_ipv6=NO Enable IPv6 snooping

pam_service_name=vsftpd Log in to the Ftp server and authenticate according to the contents of/etc/pam.dvsftpd

userlist_enable=YES vsftp.user_list and ftpusers profiles prohibit users from accessing ftp

tcp_wrappers=YES Set vsftpd and tcp wrapper for host access control. vsftpd server checks the settings in/etc/hosts.allow and/etc/hosts/deny to determine whether the host requesting the link is allowed to access the ftp server.

4)FTP defaults to active mode. The method to set passive mode is as follows:

pasv_enable=YES pasv_main_port=6000 pasv_max_port=60100

5)Anonymous user configuration, access path is/var/ftp/pub, default only view permission, if you want to upload download delete, you need to add the following code:

anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES

Because the default vsftp anonymous user has anonymous and ftp, so if you want to upload delete and modify permissions, you need to modify/var/ftp/pub has write permissions,(any of the following commands can be used)

chown -R ftp pub/ chown o+w pub/

problem areas

1.vsftpd.service: control process exited, code=exit... s=2

Because the vsftp configuration file in centos7 does not comment out the line "listen_ipv6 =YES" by default, and our current network environment does not support ipv6,

Which causes an error to fail to start,

So the solution is to change listen_ipv6=YES to: listen_ipv6=NO, or comment out this line

After commenting out listen_ipv6=YES as above, vsftp is successfully started.

When uploading files:

2.553 Could not create file.

getsebool -a|grep ftp

setsebool allow_ftpd_full_access on

3.500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

chmod a-w /var/ftp

summary

The above is a small series to introduce you to the Linux file server combat detailed explanation (anonymous users), I hope to help you, if you have any questions welcome to leave a message to me, small series will reply to you in time!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.