Linux Miscellaneous (15th): ftp enterprise application-level configuration (2)

At the end of the previous article, we talked about the modification of the anonymous user's home directory. let's take a look at what other anonymous users can do today. 1. all functions of creating and deleting directories for anonymous users are described in the last part of this article. let's take a look at the changes to the directories of anonymous users.

1. create and delete directories by anonymous users

In fact, all functions are controlled by the parameters listed in the previous article. Generally, when you cannot remember them, you can view man's Manual (man vsftpd. conf), which lists all the parameters that can be modified. Parameters for creating and deleting directories for anonymous users are as follows:



Set these two parameters to YES, and anonymous users can create directories. remember to restart the/etc/init. d/vsftpd service every time the configuration file is modified.



It still cannot be created. why? In fact, we must consider the problem comprehensively. Although the configuration file has been modified, you can view the default release directory to find that the directory has no write permission for anonymous users, and the error prompt has already been told, therefore, we need to change the directory permissions and restart the service.





Here, we need to modify not only the directory permissions, but also the security context of the Directory. if you have any questions, we can see that the previous security context is public_content_t and you do not have the write permission, so we need to modify it.



In this case, anonymous users can create directories, but in reality we must carefully select this option.

Now that you can upload the file to the directory, you can also allow anonymous users to upload and download files and modify the configuration file:



Then we find that anonymous users can upload files ..

Then we will delete the file:



In this case, it seems that all the basic functions are available. Let's discuss some details. When we use thunder to download things, we sometimes find that the speed is always low. But in fact, your bandwidth is very large, so it is very likely that the server restricts the upload and download speeds of anonymous users. Today, let's take a look at the restrictions on upload:

Let's take a look at the speed before the modification. the comparison will be very detailed:



The speed is very fast and too late, basically 30 m per second. Then we will limit the upload speed of anonymous users:

Modify the configuration file (unit: KB ):




It was found that the speed was indeed slow, only 10 K per second. In this way, other people will download things as soon as the bandwidth is done.


2. local user settings

The above configuration is for anonymous users. generally, we also need to restrict local users. First, we need to restore all the previous configurations to the original state.



Take the server's local user test as an example to log on:



At this moment, it enters the home directory of test. we can modify the default release directory of local users.



Try again:



Now, the/var/ftp directory is displayed, and you can upload and download the directory:




Summary:

These two posts respectively set logon and operations for anonymous users and local users, but these functions are not comprehensive enough. Next, we will introduce the blacklist and whitelist, as well as some restrictions on intranet users and Internet users accessing ftp. Next time.