EXPORTFS command, FTP introduction, use VSFTPD to build FTP

Exportfs command

• When the NFS server needs to increase the shared directory, after changing the configuration file, you need to restart the service, but the client is still using the shared directory, normally requires the client to uninstall the shared directory, and then operate on the server, if a large number of clients, you need to use the EXPORTFS command to quickly configure the
• Exportfs Common Options
  • -A all mount or uninstall all
  • -R Re-mount
  • -U Uninstalls a directory
  • -V Show shared directory
• Test
  • Service-side operations

    [[email protected] ~]# vim /etc/exports/home/nfstestdir  192.168.21.0/24(rw,sync,all_squash,anonuid=1000,anongid=1000)/tmp/ 192.168.21.0/24(rw,sync,no_root_squash)[[email protected] ~]# exportfs -arvexporting 192.168.21.0/24:/tmpexporting 192.168.21.0/24:/home/nfstestdirexportfs -arv //不用重启nfs服务，配置文件就会生效

  • Client actions

    [[email protected] ~]# showmount-e 192.168.21.128Export list for 192.168.21.128:/tmp 192.168.21.0/24/hom  E/nfstestdir 192.168.21.0/24[[email protected] ~]# mkdir/akui[[email protected] ~]# mount-t NFS 192.168.21.128:/tmp/akui[[email protected] ~]# touch/akui/12121.txt[[email protected] ~]# ll/akui/Total dosage 8-     rw-r--r--1 root root 0 June 21:52 12121.txtsrw-rw-rw-1 root root 0 June 21:02 aming.socksrwxrwxrwx 1 1001 1001 0 June 21:02 mysql.sock-rw-r--r--1 root root 3108 June 09:34 nginx_access.log-rw-r--r--1 root root 92 June 16 1 0:10 nginx_access.log-20180615drwxr-xr-x 3 root root 18 June 17:32 peardrwx------3 root root 17 June 21:02 system d-private-e422dd02155c4b309ecf7d899321d899-chronyd.service-z7tx4pdrwx------3 root root 17 June 21:02 systemd-private -e422dd02155c4b309ecf7d899321d899-vgauthd.service-qvztm6drwx------3 root root 17 June 21:02 systemd-private-e422dd02 155c4b309ecf7d899321d899-vmtoolsd.service-epZgupsrw-rw-rw-1 root root 0 June 21:02 www.sock 

    NFS Client Issues
• This issue occurs with NFS version 4
• When a client mounts a shared directory, whether it is a root user or a normal user, a new file is created with the owner and group nobody
• One method is to add-o nfsvers=3 when the client mounts

  重新挂载mount -t nfs -oremount,nfsvers=3 192.168.21.128:/tmp /akui

• The other is that both the client and the server need
  • vim/etc/idmapd.conf//change "#Domain = local.domain.edu" to "Domain = xxx.com" (Here xxx.com, feel free to define it), and then restart RPCIDMAPD Service FTP Introduction
• FTP is the abbreviation for the file Transfer Protocol (document Transfer Protocol), which is used to control the two-way transmission of files over the Internet.
• The primary role of FTP is to have the user connect to a remote computer (which runs an FTP server program), view the files on the remote computer, and then copy the files from the remote computer to the local computer, or transfer the files from the local computer to the remote computer.
• Small companies with many, large enterprises without FTP, because unsafe
• Large enterprises use an automated publishing platform to build FTP services using VSFTPD
• Bring your own vsftpd on CentOS
• Installing VSFTPD

  [[email protected] ~]# yum install -y vsftpd

• Create a virftp for normal user (map virtual user to upload download file) and set not to log in

  [[email protected] ~]# useradd -s /sbin/nologin virftp

• Edit the virtual user's password file in the format of odd-numbered user names, even-numbered behavior passwords, multiple users write multiple lines, and set permissions to 600

  [[email protected] ~]# vim /etc/vsftpd/vsftpd_loginuser1123456user2123456[[email protected] ~]# chmod 600 /etc/vsftpd/vsftpd_login

• Convert a text password file to a binary file

  [[email protected] ~]# db_load -T -t hash -f /etc/vsftpd/vsftpd_login /etc/vsftpd/vsftpd_login.db[[email protected] ~]# ls /etc/vsftpd/ftpusers  user_list  vsftpd.conf  vsftpd_conf_migrate.sh  vsftpd_login  vsftpd_login.db

• Create a virtual user profile directory

  [[email protected] ~]# mkdir /etc/vsftpd/vsftpd_user_conf

• Create a virtual user's profile with the name of the user named virtual user

  [[email protected] ~]# cd !$cd /etc/vsftpd/vsftpd_user_conf[[email protected] vsftpd_user_conf]# vim user1local_root=/home/virftp/user1 #定义虚拟用户的家目录anonymous_enable=NO #是否允许匿名用户write_enable=YES  #是否允许可写local_umask=022  #定义创建新文件和目录的权限anon_upload_enable=NO #是否允许匿名用户可上传anon_mkdir_write_enable=NO #是否允许匿名用户可写和创建目录idle_session_timeout=600 #连接ftp的空闲时间data_connection_timeout=120 #数据传输的超时时间max_clients=10 #最大客户端

• Create a virtual user's home directory and create a file

  [[email protected] ~]# mkdir /home/virftp/user1[[email protected] ~]# touch /home/virftp/user1/akui.txt

• Set up a virftp group of user home directories

  [[email protected] ~]# chown -R virftp:virftp /home/virftp/

• Define the password file inside the authentication file

  [[email protected] ~]# vim /etc/pam.d/vsftpd#%PAM-1.0auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_loginaccount sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login[[email protected] ~]# ls /lib64/security/pam_userdb.so/lib64/security/pam_userdb.so

• Edit Vsftp's Master profile
  • Vim/etc/vsftpd/vsftpd.conf
  • Change Anonymous_enable=yes to Anonymous_enable=no
  • Change #anon_upload_enable=yes to Anon_upload_enable=no
  • Change #anon_mkdir_write_enable=yes to Anon_mkdir_write_enable=no
  • Add the following:

    chroot_local_user=YESguest_enable=YES #允许映射guest_username=virftp #映射到virftpvirtual_use_local_privs=YES #告诉服务现在使用的是虚拟用户user_config_dir=/etc/vsftpd/vsftpd_user_conf #定义虚拟用户的配置文件目录allow_writeable_chroot=YES

• Systemctl start vsftpd starting service test
• Filezille client software can be installed on Windows
• On Linux

  [[email protected] ~]#  yum install -y lftp[[email protected] ~]# lftp [email protected]口令: lftp [email protected]:~> ls          -rw-r--r--    1 1003     1003            0 Jun 22 14:45 akui.txtlftp [email protected]:/> get akui.txt  #下载文件到当前目录，？回车可以查看可以使用的命令lftp [email protected]:/> quit[[email protected] ~]# ls1.txt  akui.txt  anaconda-ks.cfg

EXPORTFS command, FTP introduction, use VSFTPD to build FTP