VSFTPD add users and Restrict directories and specify user access to specified directories

Development over there update speed if faster, every day there will be countless files or directories to the operation and maintenance of the updated online, this is more trouble, just give them a ride ftp let them upload changes themselves, but there is a problem, is the permissions, the company five sites have five directories, each person responsible for different sites, how to let each of them do not interfere with others, Or no one else's directory for "sabotage"! Solve this problem below!

One. Check the installation of VSFTPD in Linux.

It won't be long-winded.

Two. Turn off the SELinux in the system and reboot the computer (you can change the label if it's not closed)

Ways to turn off SELinux:

Modify the Selinux= "" in the/etc/selinux/config file as disabled and reboot.

If you do not want to reboot the system, use the command Setenforce 0

Note:

Setenforce 1 set SELinux to become enforcing mode

Setenforce 0 Set SELinux to become permissive mode

Increase in the boot parameters of Lilo or grub: selinux=0, or you can turn off SELinux

Setsebool Ftpd_disable_trans 1

Three. Creating a user and a specified directory

Note: To set the appropriate permissions for the directory, it is best to modify it before specifying the FTP home directory

Then change the value of Local_umask in the vsftpd.conf configuration file to 000, generate directory default 777, file default 666

#useradd-D/var/www-s/sbin/nologin FTP3

#passwd FTP3

Set up user Ftp3, and specify their home directory as/var/www, prohibit landing

#useradd-D/var/web-s/sbin/nologin FTP4

#passwd FTP4

Set up user FTP4, and specify their home directory as/var/web, prohibit landing

This allows FTP3 and FTP4 users to be assigned to the appropriate folder.

Four. modifying vsftpd.conf configuration Files

Change anonymous_enable to No to prevent anonymous uploads

Remove Chroot_list_enable and chroot_list_file comments to prevent users from accessing the parent directory

Five. Create chroot_list files under/ETC/VSFTPD

When the build is complete, add the user FTP3,FTP4 (one line) to allow access to the specified directory only.

Six. Start or restart the FTP service.

#service vsftpd Restart (start)

After the startup is successful, you can access the FTP service.

Here are some of the configurations attached to vsftpd.conf

1. Anonymous server connection (standalone server)

Add the following items to the/etc/vsftpd/vsftpd.conf configuration file:

Anonymous_enable=yes (Allow anonymous login)

Dirmessage_enable=yes (Displays the contents of the directory. Message when the directory is switched)

local_umask=022 (local file permissions on FTP, default is 077)

Connect_form_port_20=yes (data connection with FTP data port enabled) *

Xferlog_enable=yes (activation of upload and next log)

Xferlog_std_format=yes (using standard log format)

FTPD_BANNER=XXXXX (Welcome information)

PAM_SERVICE_NAME=VSFTPD (Verification method) *

Listen=yes (Standalone VSFTPD server) *

Function: can only connect FTP server, cannot upload and send down

Note: All of which are related to the log welcome information is optional, the asterisk is no matter what account to add, is the basic FTP option

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/Ftp/