[bash][linux]Linux开启vsftp
#!/bin/bash #开始安装vsftpd echo ">>> 1. Start install Vsftpd ......" yum -y install pam pam-devel db4 de4-devel db4-tcl vsftpd mkdir /var/ftp/virtual useradd vsftpd -M -s /sbin/nologin useradd ftpvload -d /var/ftp/ -s /sbin/nologin sleep 3 chown -R ftpvload.ftpvload /var/ftp/ sleep 5 #开始配置vsftpd echo ">>> 2. Start config Vsftpd ......" mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.back echo "anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 anon_upload_enable=NO anon_mkdir_write_enable=NO dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES chown_uploads=NO xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES async_abor_enable=YES ascii_upload_enable=YES ascii_download_enable=YES ftpd_banner=Welcome to FTP Server chroot_local_user=YES ls_recurse_enable=NO listen=YES hide_ids=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES guest_enable=YES guest_username=ftpvload virtual_use_local_privs=YES user_config_dir=/etc/vsftpd/vconf" > /etc/vsftpd/vsftpd.conf cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup sed -i s/^/#/g /etc/pam.d/vsftpd echo "auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers" >> /etc/pam.d/vsftpd sleep 3 #开始配置其它 echo ">>> 3. Start config other ......" touch /var/log/vsftpd.log chown vsftpd.vsftpd /var/log/vsftpd.log mkdir /etc/vsftpd/vconf/ -p sleep 3 #配置虚拟用户 echo ">>> 4. Start config vitual user" echo -e "cshiscshis2009" >> /etc/vsftpd/virtusers db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db mkdir /var/ftp/virtual/test echo "local_root=/var/ftp/virtual/username #指定虚拟用户的具体主路径 anonymous_enable=NO #设定不允许匿名用户访问 write_enable=YES #设定允许写操作 local_umask=022 #设定上传文件权限掩码 anon_upload_enable=NO #设定不允许匿名用户上传 anon_mkdir_write_enable=NO #设定不允许匿名用户建立目录 idle_session_timeout=600 #设定空闲连接超时时间 data_connection_timeout=120 #设定单次连续传输最大时间 max_clients=10 #设定并发客户端访问个数 max_per_ip=5 #设定单个客户端的最大线程数,这个配置主要来照顾Flashget、迅雷等多线程下载软件 #local_max_rate=50000 #设定该用户的最大传输速率,单位b/s" >> /etc/vsftpd/vconf/vconf.tmp cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/test sed -i s/username/test/g /etc/vsftpd/vconf/test echo "All OVER! "
vsftp上传553 Could not create file错误解决
先运行getsebool -a | grep ftp (查看selinux里有哪些关于ftp的)
allow_ftpd_anon_write –> off
allow_ftpd_full_access –> off
allow_ftpd_use_cifs –> off
allow_ftpd_use_nfs –> off
ftp_home_dir –> off
ftpd_connect_db –> off
httpd_enable_ftp_server –> off
sftpd_anon_write –> off
sftpd_enable_homedirs –> off
sftpd_full_access –> off
sftpd_write_ssh_home –> off
tftp_anon_write –> off
接下来我们allow_ftpd_anon_write allow_ftpd_full_access 这两个ON掉。
setsebool -P allow_ftpd_anon_write on
setsebool -P allow_ftpd_full_access on