Article Title: Setting up an FTP server in Linux (4 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Message
"Message" sets the message that will be received when a user logs on or switches to a directory. You can set multiple messages. Command Format:
Message <path> <when>
<Path> indicates the complete path name of the file to be displayed, which is the same as <when> in <when> and "readme.
Note that the path name of the message file is also relative to the anonymous ftp directory.
For example:
Message/home/ftp/. welcome. msg LOGIN
Compress, tar, chmod, delete, overwrite, rename
If none of these settings are set, use the default value, that is, "yes" for everyone ". The settings in the following example indicate the permissions for the chmod, delete, overwrite, and rename files in the guest group. All users can use compress and tar.
For example:
Compress yes all
Tar yes all
Chmod yes guest
Delete yes guest
Overwrite yes guest
Rename yes guest
Log commands
For security reasons, every command used by the user must be recorded. The format of "log commands" is:
Log commands <typelist>
<Typelist> is a comma-separated string that indicates which user commands need to be recorded. The value of the string can be anonymous, guest, or real.
For example, to record every command of real and guest users, it can be expressed as follows:
Log commands real, guest
These records are stored in the "/var/log/message" file.
Log transfers
Because security files need to be recorded for transmission. The format of "log transfers" is:
Log transfers <typelist> <directions>
<Typelist> is a comma-separated string that indicates which user commands need to be recorded. The value of the string can be anonymous, guest, or real. <Direction> it is also a string separated by commas (,). Set the transmission direction of the file to be recorded. You can select "inbound" (inner) and "outbound" (outward ).
For example, use the following representation to record all real and guest users' "inbound" and "outbound" file transfers:
Log transfers real, guest inbound, outbound
These records are stored in the "/var/log/xferlog" file.
Guestgroup
This command is used to set the guest group. Each row can have only one member.
For example:
Guestgroup ftpadmin
Guestgroup webmaster
Log security
Used to set the behavior that records real, guest, or anonymous users for violating security rules.
Log security <typelist>
<Typelist> is a string separated by commas (,). The value of a string can be anonymous, guest, or real. "Real" indicates users with accounts on the ftp server, "anonymous" indicates anonymous users, and "guest" indicates guest users.
For example:
Log security real, guest
Restricted-uid, restricted-gid, guest-root
These are used to set whether real and guest users are allowed to access directories outside the home directory. Format:
Guest-root <root-dir>
Restricted-uid <uid-range>
Restricted-gid <gid-range>
For example:
Guest-root/home/ftp ftpadmin webmaster
Restricted-uid ftpadmin webmaster
Restricted-gid adminftp webmaster
<Root-dir> set the user path of the chroot environment. A row can have multiple uid ranges. If you have set guest-root for the user, the user's home directory is set in the "<root-dir>/etc/passwd" file, the settings in the "/etc/passwd" file are invalid. When "ftpadmin" and "webmaster" are changed to the root directory (chrooted) to the "/home/ftp" directory, they are restricted to their home directories and cannot access other people's files.
Greeting
Set the user's welcome information when logging on. Format:
Greeting full | brief | terse
"Greeting full" is the default setting to display the Host Name and ftp daemon version, "greeting brief" to display the host name, and "greeting terse" to simply display "FTP server ready ".
For example:
Greeting terse
Keepalive <yes | no>
Set the TCP SO_KEEPALIVE parameter of the socket. In this way, you can disconnect the network when necessary. "Yes" is valid, and "no" is invalid. It is best to set it to "yes ":
Keepalive yes
