运维人

vsftp-虚拟用户设置不同权限

1.system version

CentOS Linux release 7.2.1511 (Core)

2.install vsftpd

yum install -y vsftpd

3.create rootdir

mkdir /data/program/ftpdata && chmod a-w /data/program/ftpdata/

4.create local user(for map to virtualuser)

useradd -s /sbin/nologin -d /data/program/ftpdata ftpuser

5.install db(for auth)

yum install -y db*

6.create virtual users

cd /etc/vsftpd/
vim virtualuser.txt 
user1    # this username
1234qwer # this password
user2    # this username
123.com  # this password

7.create db

db_load -T -t hash -f virtualuser.txt /etc/vsftpd/virtualuser.db

8.create pam auth file

vim /etc/pam.d/vsftpd.vu
auth      required  /lib64/security/pam_userdb.so db=/etc/vsftpd/virtualuser
account   required  /lib64/security/pam_userdb.so db=/etc/vsftpd/virtualuser
# if your system is centos6.x release so use this configure:
auth      sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/virtualuser
account   sufficient  /lib64/security/pam_userdb.so db=/etc/vsftpd/virtualuser

9.configure vsftpd.conf

vim /etc/vsftpd.conf
anonymous_enable=NO
#allow_writeable_chroot # if your vsftpd version is 3.x
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=NO
listen_ipv6=YES
pam_service_name=ftpuser
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=ftp01
pam_service_name=vsftpd.vu
user_config_dir=/etc/vsftpd/user_conf

10.create each user config dir

cd /etc/vsftpd/ && mkdir user_conf && cd user_conf
# for user1 config
# this user can upload、wirte、download 
vim user1
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
/data/program/ftpdata/user1_home/  # virtual user's datadir

# for user2 config
# this user only can read、download, can't upload
vim user2
anon_world_readable_only=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
/data/program/ftpdata/user2_home # virtual user's datadir
    分享到:
码字很辛苦,转载请注明来自运维人《vsftp-虚拟用户设置不同权限》

评论