本文共 9483 字,大约阅读时间需要 31 分钟。
Last login: Wed Dec 30 09:33:49 2020 from 172.17.136.10
Authorized users only.All activities will be monitored and reported. [jyc@test ~]$ su - root Password: [root@test ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup-lv_root 29G 25G 2.3G 92% / tmpfs 16G 15M 16G 1% /dev/shm /dev/sda1 477M 84M 364M 19% /boot /dev/mapper/VolGroup-lv_home 9.5G 1.5G 7.6G 17% /home /dev/mapper/VolGroup-lv_oracle 29G 6.3G 21G 23% /oracle /dev/mapper/VolGroup-lv_oradata 3.8T 2.1T 1.6T 58% /oradata [root@test ~]# pwd /root [root@test ~]# [root@test ~]# [root@test ~]# yum install vsftpd -y Loaded plugins: refresh-packagekit, security, ulninfo Setting up Install Process ftp-ol6 | 3.7 kB 00:00 Resolving Dependencies --> Running transaction check ---> Package vsftpd.x86_64 0:2.2.2-24.el6 will be installed --> Processing Dependency: libssl.so.10(libssl.so.10)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10(libcrypto.so.10)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.1_EC)(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libssl.so.10()(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Processing Dependency: libcrypto.so.10()(64bit) for package: vsftpd-2.2.2-24.el6.x86_64 --> Running transaction check ---> Package openssl.x86_64 0:1.0.1e-57.el6 will be installed --> Finished Dependency ResolutionDependencies Resolved
=================================================================================================================================================================================================
Package Arch Version Repository Size ================================================================================================================================================================================================= Installing: vsftpd x86_64 2.2.2-24.el6 ftp-ol6 155 k Installing for dependencies: openssl x86_64 1.0.1e-57.el6 ftp-ol6 1.5 MTransaction Summary
================================================================================================================================================================================================= Install 2 Package(s)Total download size: 1.7 M
Installed size: 4.4 M Downloading Packages: (1/2): openssl-1.0.1e-57.el6.x86_64.rpm | 1.5 MB 00:00 (2/2): vsftpd-2.2.2-24.el6.x86_64.rpm | 155 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 17 MB/s | 1.7 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : openssl-1.0.1e-57.el6.x86_64 1/2 Installing : vsftpd-2.2.2-24.el6.x86_64 2/2 Verifying : openssl-1.0.1e-57.el6.x86_64 1/2 Verifying : vsftpd-2.2.2-24.el6.x86_64 2/2Installed:
vsftpd.x86_64 0:2.2.2-24.el6Dependency Installed:
openssl.x86_64 0:1.0.1e-57.el6Complete!
[root@test ~]# vi /etc/vsftpd/vsftpd.conf # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=NO # # Uncomment this to allow local users to log in.local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. #anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log #xferlog_file=/var/log/xferlog # # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot().chroot_local_user=YES #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list "/etc/vsftpd/vsftpd.conf" 119L, 4597C written [root@test ~]# useradd ftpuser [root@test ~]# echo "ftp_1234"| passwd ftpuser --stdin Changing password for user ftpuser. passwd: all authentication tokens updated successfully. [root@test ~]# mkdir -p /oradata/ftpuser [root@test ~]# chmod a-w /oradata/ftpuser && chmod 777 -R /oradata/ftpuser [root@test ~]# usermod -d /oradata/ftpuser ftpuser [root@test ~]# service vsftpd start Starting vsftpd for vsftpd: [ OK ] ["/etc/vsftpd/chroot_list" [New] 1L, 8C written
[root@test ~]# cat /etc/vsftpd/chroot_list ftpuser [root@test ~]# service vsftpd restart Shutting down vsftpd: [ OK ] Starting vsftpd for vsftpd: [ OK ] [jyc@test ~]$ ftp 192.168.52.111 Connected to 192.168.52.111 (192.168.52.111). 220 (vsFTPd 2.2.2) Name (192.168.52.111:jyc): ftpuser 331 Please specify the password. Password: 530 Login incorrect. Login failed. ftp> user ftpuser 331 Please specify the password. Password: 230 Login successful. ftp> ls 227 Entering Passive Mode (10,62,233,213,230,65). 150 Here comes the directory listing. 226 Directory send OK. ftp> mkdir t 257 "/t" created ftp> cd t 250 Directory successfully changed. ftp> ls 227 Entering Passive Mode (10,62,233,213,105,10). 150 Here comes the directory listing. 226 Directory send OK. ftp> bye 221 Goodbye. [jyc@test ~]$ pwd /home/jyc [jyc@test ~]$ ls -l /home total 72 drwx------ 4 bdcs bdcs 4096 Aug 23 2019 bdcs drwx------ 5 bjtel bjtel 4096 Jan 17 2019 bjtel drwx------ 4 ftpuser ftpuser 4096 Dec 30 10:59 ftpuser drwx------ 6 jyc jyc 4096 Nov 10 08:52 jyc drwx------. 2 litx litx 4096 May 23 2017 litx drwx------. 2 liyuhe liyuhe 4096 May 23 2017 liyuhe drwx------. 2 root root 16384 May 23 2017 lost+found drwx------ 6 oracle oinstall 4096 Nov 10 08:59 oracle drwxr-xr-x 2 root root 4096 Apr 17 2019 security drwx------. 2 songyz songyz 4096 May 23 2017 songyz drwx------. 2 suiyi suiyi 4096 May 23 2017 suiyi drwx------. 2 sunyue sunyue 4096 May 23 2017 sunyue drwxr-xr-x 5 root root 4096 Dec 25 2019 upgrade drwx------. 2 wanglei wanglei 4096 May 23 2017 wanglei drwx------. 2 yanglch yanglch 4096 Jan 17 2019 yanglch [jyc@test ~]$ more /etc/vsftpd/chroot_list ftpuser [jyc@test ~]$参考:
转载地址:http://acsof.baihongyu.com/