知识大全 vsftpd frequently asked questions

Posted 文字

篇首语:好汉做事干到底,好马登程跑到头。本文由小常识网(cha138.com)小编为大家整理,主要介绍了知识大全 vsftpd frequently asked questions相关的知识,希望对你有一定的参考价值。

  Q) Can I restrict users to their home directories?  A) Yes You are probably after the setting:  chroot_local_user=YES  Q) Does vsftpd support a limit on the number of users connected?  A ) Yes indirectly vsftpd is an inetd based service If use the popular   xinetd as your inetd this supports per service per IP connection limits   There is an example of this in the EXAMPLE directory   A ) If you run vsftpd in standalone mode with the setting listen=YES then  you can investigate the setting (e g ):  max_clients=   Q) Help! I m getting the error message refusing to run with writable anonymous  root   A) vsftpd is protecting against dangerous configurations The cause of this  message is usually dodgy ownership of the ftp home directory The home  directory should NOT be owned by the ftp user itself Neither should it  be writable by the ftp user A way to fix this is:  chown root ~ftp; chmod w ~ftp  Q) Help! I m getting the error message str_getpwnam   A) The most likely cause of this is that the nobody user does not exist on  your system vsftpd needs this user to run bits of itself with no privilege   Q) Help! Local users cannot log in   A) There are various possible problems   A ) By default vsftpd disables any logins other than anonymous logins Put  local_enable=YES in your /etc/nf to allow local users to log in   A ) vsftpd tries to link with PAM (Run ldd vsftpd and look for libpam to  find out whether this has happened or not) If vsftpd links with PAM then  you will need to have a PAM file installed for the vsftpd service There is  a sample one for RedHat systems included in the RedHat directory put it  under /etc/pam d  A ) If vsftpd didn t link with PAM then there are various possible issues Is  the user s shell in /etc/shells? If you have shadowed passwords does your  system have a shadow h file in the include path?  A ) If you are not using PAM then vsftpd will do its own check for a valid  user shell in /etc/shells You may need to disable this if you use an invalid  shell to disable logins other than FTP logins Put check_shell=NO in your  /etc/nf   Q) Help! Uploads or other write mands give me Unknown mand   A) By default write mands including uploads and new directories are  disabled This is a security measure To enable writes put write_enable=YES  in your /etc/nf   Q) Help! What are the security implications referred to in the   chroot_local_user option?  A) Firstly note that other ftp daemons have the same implications It is a  generic problem   The problem isn t too severe but it is this: Some people have FTP user  accounts which are not trusted to have full shell access If these  accounts can also upload files there is a small risk A bad user now has  control of the filesystem root which is their home directory The ftp  daemon might cause some config file to be read e g /etc/some_file With  chroot() this file is now under the control of the user vsftpd is  careful in this area But the system s libc might want to open locale  config files or other settings   Q) Help! Uploaded files are appearing with permissions rw   A) Depending on if this is an upload by a local user or an anonymous user   use local_umask or anon_umask to change this For example use   anon_umask= to give anonymously uploaded files permissions   rw r r Note that the before the is important   Q) Help! How do I integrate with LDAP users and logins?  A) Use vsftpd s PAM integration to do this and have PAM authenticate against  an LDAP repository   Q) Help! Does vsftpd do virtual hosting setups?  A ) Yes If you integrate vsftpd with xinetd you can use xinetd to bind to  several different IP addresses For each IP address get xinetd to launch  vsftpd with a different config file This way you can get different behaviour  per virtual address   A ) Alternatively run as many copies as vsftpd as necessary in standalone  mode Use listen_address=x x x x to set the virtual IP   Q) Help! Does vsftpd support virtual users?  A) Yes via PAM integration Set guest_enable=YES in /etc/nf This  has the effect of mapping every non anonymous successful login to the local  username specified in guest_username Then use PAM and (e g ) its pam_userdb  module to provide authentication against an external (i e non /etc/passwd)  repository of users   Note currently there is a restriction that with guest_enable enabled local  users also get mapped to guest_username   There is an example of virtual users setup in the EXAMPLE directory   Q) Help! Does vsftpd support different settings for different users?  A) Yes in a very powerful way Look at the setting user_config_dir in the  manual page   Q) Help! Can I restrict vsftpd data connections to a specific range of ports?  A) Yes See the config settings pasv_min_port and pasv_max_port   Q) Help! I m getting the message OOPS: chdir   A) If this is for an anonymous login check that the home directory for the  user ftp is correct If you are using the config setting anon_root check  that is correct too cha138/Article/program/Oracle/201311/16532

相关参考

知识大全 vsftpd的配置

    作者免费打工仔    RedHat服务器配置指南vsftp  RedHat带了wuftpd和vsftp两套ftp系统我也使第一次接触vsftp根据man说vsftp的含义就是VerySecur

知识大全 INTERNET

vsftpd-1.1.3配制实例之一:INTERNET  以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧

知识大全 VIRTUAL

vsftpd-1.1.3配制实例之四:VIRTUAL  以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧!

知识大全 VSFTP+MySQL虚拟用户配置

VSFTP+MySQL虚拟用户配置  以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧!  VSFTPD是