分享
 
 
 

vsftpd frequently asked questions

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

Q) Can I restrict users to their home Directories?

A) Yes. You are probably after the setting:

chroot_local_user=YES

Q) Does vsFTPd support a limit on the number of users connected?

A1) Yes, indirectly. vsftpd is an inetd-based service. If use the popular

"xinetd" as your inetd, this supports per-service per-IP connection limits.

There is an example of this in the "EXAMPLE" directory.

A2) If you run vsftpd in "standalone" mode with the setting listen=YES, then

you can investigate the setting (e.g.):

max_clients=10

Q) Help! I'm getting the error message "refusing to run with writable anonymous

root".

A) vsftpd is protecting against dangerous configurations. The cause of this

message is usually dodgy ownership of the ftp home directory. The home

directory should NOT be owned by the ftp user itself. Neither should it

be writable by the ftp user. A way to fix this is:

chown root ~ftp; chmod -w ~ftp

Q) Help! I'm getting the error message "str_getpwnam".

A) The most likely cause of this is that the "nobody" user does not exist on

your system. vsftpd needs this user to run bits of itself with no privilege.

Q) Help! Local users cannot log in.

A) There are various possible problems.

A1) By default, vsftpd disables any logins other than anonymous logins. Put

local_enable=YES in your /etc/vsftpd.conf to allow local users to log in.

A2) vsftpd tries to link with PAM. (Run "ldd vsftpd" and look for libpam to

find out whether this has happened or not). If vsftpd links with PAM, then

you will need to have a PAM file installed for the vsftpd service. There is

a sample one for RedHat systems included in the "RedHat" directory - put it

under /etc/pam.d

A3) If vsftpd didn't link with PAM, then there are various possible issues. Is

the user's shell in /etc/shells? If you have shadowed passWords, does your

system have a "shadow.h" file in the include path?

A4) If you are not using PAM, then vsftpd will do its own check for a valid

user shell in /etc/shells. You may need to disable this if you use an invalid

shell to disable logins other than FTP logins. Put check_shell=NO in your

/etc/vsftpd.conf.

Q) Help! Uploads or other write commands give me "500 Unknown command.".

A) By default, write commands, including uploads and new directories, are

disabled. This is a security measure. To enable writes, put write_enable=YES

in your /etc/vsftpd.conf.

Q) Help!

What are the security implications referred to in the

"chroot_local_user" option?

A) Firstly note that other ftp daemons have the same implications. It is a

generic problem.

The problem isn't too severe, but it is this: Some people have FTP user

accounts which are not trusted to have full shell Access. If these

accounts can also upload files, there is a small risk. A bad user now has

control of the filesystem root, which is their home directory. The ftp

daemon might cause some config file to be read - e.g. /etc/some_file. With

chroot(), this file is now under the control of the user. vsftpd is

careful in this area. But, the system's libc might want to open locale

config files or other settings...

Q) Help! Uploaded files are appearing with permissions -rw-------.

A) Depending on if this is an upload by a local user or an anonymous user,

use "local_umask" or "anon_umask" to change this. For example, use

"anon_umask=022" to give anonymously uploaded files permissions

-rw-r--r--. Note that the "0" before the "22" is important.

Q) Help! How do I integrate with LDAP users and logins?

A) Use vsftpd's PAM integration to do this, and have PAM authenticate against

an LDAP repository.

Q) Help! Does vsftpd do virtual hosting setups?

A1) Yes. If you integrate vsftpd with xinetd, you can use xinetd to bind to

several different IP addresses. For each IP address, get xinetd to launch

vsftpd with a different config file. This way, you can get different behaviour

per virtual address.

A2) Alternatively, run as many copies as vsftpd as necessary, in standalone

mode. Use "listen_address=x.x.x.x" to set the virtual IP.

Q) Help! Does vsftpd support virtual users?

A) Yes, via PAM integration. Set "guest_enable=YES" in /etc/vsftpd.conf. This

has the effect of mapping every non-anonymous sUCcessful login to the local

username specified in "guest_username". Then, use PAM and (e.g.) its pam_userdb

module to provide authentication against an external (i.e. non-/etc/passwd)

repository of users.

Note - currently there is a restriction that with guest_enable enabled, local

users also get mapped to guest_username.

There is an example of virtual users setup in the "EXAMPLE" directory.

Q) Help! Does vsftpd support different settings for different users?

A) Yes - in a very powerful way. Look at the setting "user_config_dir" in the

manual page.

Q) Help! Can I restrict vsftpd data connections to a specific range of ports?

A) Yes. See the config settings "pasv_min_port" and "pasv_max_port".

Q) Help! I'm getting the message "OOPS: chdir".

A) If this is for an anonymous login,

check that the home directory for the

user "ftp" is correct. If you are using the config setting "anon_root", check

that is correct too

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有