目前我用的系统是archlinux,所以在配置vsftpd是不是一帆风顺的,这里将安装配置过程记录下来,也无法确保是否还有其他错误。
安装命令如下
配置
这是我现在的配置(注释已去)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
| anonymous_enable=NO local_enable=YES write_enable=YES xferlog_enable=YES connect_from_port_20=YES
listen=YES
pam_service_name=vsftpd allow_writeable_chroot=YES local_root=/home/ftp_dir chroot_local_user=YES use_localtime=YES
# user_list_deny=NO # do not allow to login ftp userlist_enable=YES userlist_deny=NO userlist_file=/etc/vsftpd.user_list
# user free timeout # idle_session_timeout=30 data_connection_timeout=10 accept_timeout=120
# local user transfer rate local_max_rate=50000 max_clients=10 max_per_ip=2
pasv_enable=yes pasv_min_port=5000 pasv_max_port=6000
seccomp_sandbox=NO
# welcome message ftpd_banner=>>>>> Welcome to MineFTP <<<<< dirmessage_enable=YES
|
VSFTP用户和文件目录设置
| mkdir /home/ftp_dir useradd -d /home/ftp_dir mineftp passwd mineftp usermod -aG mineftp whos usermod -s /sbin/nologin mineftp chown mineftp:mineftp /home/ftp_dir echo mineftp >> /etc/vsftpd.user_list
|
问题
1. 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
把 chroot_local_user 和 allow_writeable_chroot 改为 YES,或者用 wiki上的 方法
| chroot_local_user=YES allow_writeable_chroot=YES systemctl restart vsftpd
|
2. 530 Login incorrect
修改/etc/pam.d/vsftpd
将 auth required pam_shells.so 修改为 auth required pam_nologin.so 即可
重启vsftpd
| $ nano /etc/pam.d/vsftpd
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_unix.so shadow nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_unix.so session required /lib/security/pam_unix.so
|
3. vsftpd.service: Main process exited, code=exited
一定要把 vsftpd.conf 文件所有者(owner) 改为 root,否则vsftpd无法启动
| sudo chown root:root /etc/vsftpd.conf
|
错误信息:
vsftpd.service - vsftpd daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2019-07-28 18:57:07 CST; 40s ago
Process: 6607 ExecStart=/usr/bin/vsftpd (code=exited, status=2)
Main PID: 6607 (code=exited, status=2)
7月 28 18:57:07 goo systemd[1]: Started vsftpd daemon.
7月 28 18:57:07 goo systemd[1]: vsftpd.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
7月 28 18:57:07 goo systemd[1]: vsftpd.service: Failed with result ‘exit-code’.
参考: