由 bayonet 在 09-21-2004 21:35 发表:
请教vsftpd虚拟用户无法chroot问题!
我的服务器平台为debian,通过APT安装vsftpd后,与mysql建立PAM认证,现在出现如下问题,FTP客户端登陆时显示密码与用户均已通过认证,但是出现了"500 OOPS: cannot change directory:/home/username/test2"这个提示~test2的目录属性已改为ftpguest用户nogroup用户组。我的vsftpd配置如下:
Example config file /etc/vsftpd.conf
guest_enable=YES
guest_username=ftpguest
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd_user_conf
The default compiled in settings are fairly paranoid. This sample file
loosens things up a bit, to make the ftp daemon more usable.
Please see vsftpd.conf.5 for all compiled in defaults.
READ THIS: This example file is NOT an exhaustive list of vsftpd options.
Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
capabilities.
Run standalone? vsftpd can run either from an inetd or as a standalone
daemon started from an initscript.
listen=YES
Run standalone with IPv6?
Like the listen parameter, except vsftpd will listen on an IPv6 socket
instead of an IPv4 one. This parameter and the listen parameter are mutually
exclusive.
#listen_ipv6=YES
Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
Uncomment this to allow local users to log in.
local_enable=YES
Uncomment this to enable any form of FTP write command.
write_enable=YES
Default umask for local users is 077. You may wish to change this to 022,
if your users expect that (022 is used by most other ftpd's)
#local_umask=022
Uncomment this to allow the anonymous FTP user to upload files. This only
has an effect if the above global write enable is activated. Also, you will
obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
Uncomment this if you want the anonymous FTP user to be able to create
new directories.
anon_mkdir_write_enable=YES
Activate directory messages - messages given to remote users when they
go into a certain directory.
dirmessage_enable=YES
Activate logging of uploads/downloads.
xferlog_enable=YES
Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
If you want, you can arrange for uploaded anonymous files to be owned by
a different user. Note! Using "root" for uploaded files is not
recommended!
#chown_uploads=YES
#chown_username=whoever
You may override where the log file goes if you like. The default is shown
below.
xferlog_file=/var/log/vsftpd.log
If you want, you can have your log file in standard ftpd xferlog format
#xferlog_std_format=YES
You may change the default value for timing out an idle session.
#idle_session_timeout=600
You may change the default value for timing out a data connection.
#data_connection_timeout=120
It is recommended that you define on your system a unique user which the
ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
Enable this and the server will recognise asynchronous ABOR requests. Not
recommended for security (the code is non-trivial). Not enabling it,
however, may confuse older FTP clients.
#async_abor_enable=YES