Centos

centos中為/var/www/配置proftpd使用者訪問權限

  • February 17, 2016

我在配置 proftpd 以允許系統使用者訪問 centos 機器上的 /var/www/ 時遇到問題。

配置文件

ServerName                      "ProFTPD server"
ServerIdent                     on "FTP Server ready."
ServerAdmin                     root@localhost
ServerType                      standalone
DefaultServer                   on
VRootEngine                     on
#DefaultRoot                    ~ !adm
DefaultRoot                     /var/www/
VRootAlias                      /etc/security/pam_env.conf etc/security/pam_env.conf
AuthPAMConfig                   proftpd
AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
#PersistentPasswd               off
UseReverseDNS                   off
User                            nobody
Group                           nobody
MaxInstances                    20
UseSendfile                     off
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

<Global>
 Umask                         022
 AllowOverwrite                yes
 <Limit ALL SITE_CHMOD>
   AllowAll
 </Limit>
</Global>

<Limit LOGIN>
AllowUser ftpuser
DenyALL
</Limit>

我創建了一個系統使用者“ftpuser”,他們的主目錄為 /var/www/ 和一個有效的 shell。我可以以該使用者身份登錄並查看正確的目錄等。

但是,當我嘗試使用 ftp 客戶端連接或什至從 shell 連接到 localhost 時,出現錯誤:

Status: Connecting to 10.0.10.10:21...
Status: Connection established, waiting for welcome message...
Response:   220 FTP Server ready.
Command:    USER ftpuser
Response:   331 Password required for ftpuser
Command:    PASS *******
Response:   230 User ftpuser logged in
Command:    OPTS UTF8 ON
Response:   200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is the current directory
Command:    TYPE I
Response:   200 Type set to I
Command:    PASV
Response:   227 Entering Passive Mode (10,0,10,10,184,18).
Command:    MLSD
Response:   550 /: Invalid argument
Error:  Failed to retrieve directory listing

或者:

telnet localhost 21
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 FTP Server ready.
user ftpuser
331 Password required for ftpuser
pass PASSWD
230 User ftpuser logged in
LIST
425 Unable to build data connection: Invalid argument
MLSD
550 /: Invalid argument

有誰知道這裡發生了什麼以及如何解決它?

檢查 SElinux 是否沒有給您帶來問題

setenforce 0

如果這解決了您的問題,請重新打開 SELinux ( setenforce 1),然後嘗試設置 ftp_home_dir 布爾值

setsebool -P ftp_home_dir on

這將允許 ftp 守護程序訪問使用者主目錄。

引用自:https://serverfault.com/questions/559910