centos 7.2下搭建vsftp 虚拟用户

虚拟用户搭建vsftp
要求一： 只允许上传 下载  不能删除   不能更换名称
yum install pam*
yum install db4* -y
yum install vsftpd
chkconfig vsftpd on

iptables -I INPUT -s 43.243.139.212 -p tcp --dport 21 -j ACCEPT
iptables -I INPUT -s 43.243.139.212 -p tcp --dport 20 -j ACCEPT
iptables -I INPUT  -p tcp --dport  30000:31000  -j ACCEPT
useradd duoniu

cd   /etc/vsftpd
[[email protected] vsftpd]# cat vsftpd.conf
allow_writeable_chroot=YES  （不能登录的话添加）
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
 
xferlog_enable=YES
xferlog_file=/etc/vsftpd/vsftpd.log
xferlog_std_format=YES
 
connect_from_port_20=YES
idle_session_timeout=600
listen=YES
 
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

pasv_min_port=30000
pasv_max_port=31000 

guest_enable=YES
guest_username=duoniu
user_config_dir=/etc/vsftpd/virtualuser_conf

[[email protected] vsftpd]# mkdir   virtualuser_conf
[[email protected] vsftpd]# chmod  755 virtualuser_conf
[[email protected] virtualuser_conf]# cd /etc/vsftpd/virtualuser_conf
[[email protected] virtualuser_conf]# cat dn 
local_root=/web/www/wx14/cms_html/html
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES

[[email protected] vsftpd]# cd /etc/vsftpd
[[email protected] vsftpd]# cat virtualuser_passwd.txt
dn
m2i3sc

[[email protected] vsftpd]# db_load -T -t hash -f /etc/vsftpd/virtualuser_passwd.txt /etc/vsftpd/virtualuser_passwd.db
 [[email protected] vsftpd]# cat /etc/pam.d/vsftpd
auth required pam_userdb.so db=/etc/vsftpd/virtualuser_passwd
account required pam_userdb.so db=/etc/vsftpd/virtualuser_passwd

[[email protected] vsftpd]#  cd /web/www/wx14/cms_html/html
[[email protected] html]# chown duoniu.duoniu .
[[email protected] html]# cat /etc/passwd
duoniu:x:500:500::/web/www/wx14/cms_html/html:/bin/bash
	
要求二： 只允许 只读权限 可以下载
[[email protected] vsftpd]# cat /etc/vsftpd/vsftpd.conf  
anonymous_enable=NO
local_enable=YES
write_enable=NO
local_umask=022
 
xferlog_enable=YES
xferlog_file=/etc/vsftpd/vsftpd.log
xferlog_std_format=YES
 
connect_from_port_20=YES
idle_session_timeout=600
listen=YES
 
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

pasv_min_port=30000
pasv_max_port=31000 

guest_enable=YES
guest_username=duoniu
user_config_dir=/etc/vsftpd/virtualuser_conf

[[email protected] virtualuser_conf]# pwd
/etc/vsftpd/virtualuser_conf
[[email protected] virtualuser_conf]# cat dn 
local_root=/web/www/wx14/pay.178.com
write_enable=NO
anon_world_readable_only=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO

要求三： 在原本有ftp 的账户下 只允许 读、下载文件
[[email protected] vsftpd]# pwd
/etc/vsftpd
[[email protected] vsftpd]# cat  account.txt 
lianyun
stargame2018
dn
m2i3sc

[[email protected] users]# pwd
/etc/vsftpd/users
[[email protected] users]# ls
dn  lianyun
[[email protected] users]# cat dn 
local_root=/web/www/wx17/game.stargame.com
write_enable=NO
anon_world_readable_only=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO

删除原来 accout.db文件，然后重新创建：
[[email protected] vsftpd]# pwd
/etc/vsftpd
[[email protected] vsftpd]#db_load -T -t hash -f /etc/vsftpd/account.txt  /etc/vsftpd/account.db
centos 7.2下搭建vsftp 虚拟用户

猜你在找的CentOS相关文章
