Basically, I did it according to this article. Of course, I also referred to some other tutorials in the middle. Although I finally ran up, it was not all in my opinion, this is a simple way to play serveru and filezilla on windows. It's so complicated to be swollen on Linux ~~~
Basic Steps: install, configure, add (system user), add group, and Set Directory Permissions
If you run the job following the tutorial, these configuration files will eventually exist in your/etc directory:
1. Main configuration file vsftpd. conf
2. The configuration file introduced after vsftpd. allowed_users switches on userlist_enable. Configure to allow users in this file to log on. [Note: vsftpd. userlist is used in this tutorial, but vsftpd. allowed_users is used in the configuration file, so I keep the name of the configuration file ];
3. The configuration file introduced after the chroot_list_enable switch is enabled in sftd. chroot_list. Configure to allow the user in the file to log on to another directory after successful login (so you cannot jump to another directory, it is called jailed );
Notes for running:
1. After vsftpd is installed, the default folder is/srv/FTP;
2. If you log on to the local FTP localhost with the username and password, but you find that remote logon fails (you can handle the firewall by yourself) set the transmission mode to "Active Mode" (PASV) on the FTP client );
3. By default, the/srv/FTP directory does not have the permission to upload files. Do not go to chmod for the time being. problems may occur, only a sub-folder with full permissions is created (this problem has been resolved after the text );
4. the chroot problem is that the login user is allowed to jump to a directory outside the root directory. This problem is discussed separately below.
If your (FTP) User's root directory (for example, you do not have the write permission to point to the default directory), the user will get a "500 Oops: vsftpd: refusing to run with writable root inside chroot () "error.
1. Then you need to add this user to the Second Configuration File vsftpd mentioned above. if you go to the chroot_list and test the logon, it will be successful. This is not the purpose of chroot, but the above 500 error is solved objectively,Once you do this, the user will be able to access all directories on the computer.That's not what you want... (Figure 1)
(Figure 1)/srv/FTP/upload is the root directory of the user I set, but it is clear that other directories are visible to the user after chroot.
2. If you direct the root directory of the user to the FTP root directory (because the user belongs to the other group and has no write permission for the FTP root directory), no problem. But this is not what you want. Let's test it:
A. Create a/home/admin folder (mkdir ),
B. define it as the admin FTP user's root directory (usermod ),
C. Set admin as its owner (chown ),
D. Remove the admin user from the chroot_list file,
E. log on to FTP and the 500 error will appear as expected (figure 2)
F. Now the write permission of the home/Admin directory is removed (555), and the operation is successful. (Figure 3)
(Figure 2)
(Figure 3)
I tried to solve this problem online...
So I chose the above awkward solution:
Point to the unwritable root directory, and then do not allow chroot. In this directory, create a writable directory for users to upload ~~~ Tangle
PS ========
After writing this blog, I gave chown the root directory/srv/FTP to a user, and found that the root directory "has both write permissions and does not require chroot, you can still log on normally. "That is to say, you can upload files to the root directory. It's strange that you can continue the above test to reproduce the results I just made:
I won't go into the cause, and both tests have succeeded.