Vsftp set up virtual users different directories assign different permissions operation steps detailed

Last Update:2017-01-15 Source: Internet

Author: User

Tags ftp login

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

VSFTPD Server supports anonymous users, local Users and virtual users three types of user accounts, the use of virtual user account can provide a centrally managed FTP root directory, convenient for administrator management, while the user name for FTP login, password and system user account, Further enhance the security of the FTP server.

1. Add or change the following configuration statement in/etc/vsftpd/vsftpd.conf:

*************************************************************************************************************** ******

Note: Add a split file in vsftpd.conf. user_config_dir=/etc/vsftpd

Build a user with the same name in/etc/vsftpd, and write the following in it (upload only)

Write_enable=yes
Cmds_allowed=abor,cwd,list,mdtm,mkd,nlst,pass,pasv,port,pwd,quit,rnfr,rnto,size,stor,type,user,rest,cdup,help, Mode,noop,rein,stat,stou,stru,syst,feat
file_open_mode=0444

*************************************************************************************************************** ***********

Copy CodeThe code is as follows:
Anonymous_enable=no (Of course you can also set the Yes, while allowing anonymous users to log in)
Local_enable=yes (must be set to Yes, because the virtual user is mapped to the local user of Vsan to access)
Guest_enable=yes (Enable virtual user)
Guest_username=virtual (created in the 5th step, mapping the virtual user to a local virtual user)
Pam_service_name=vsftpd.vu (created in 2nd step, specify PAM configuration file, file already exists in/etc/pam.d/)
User_config_dir=/etc/vsftpd/user_conf (7th, 8-step creation, specifying the storage path for different virtual user profiles)

2, modify the file vsftpd.vu in/etc/pam.d/, compare the contents:

Copy CodeThe code is as follows:
Auth Required pam_userdb.so Db=/etc/vsftpd/vsftpd_login
Account Required Pam_userdb.so Db=/etc/vsftpd/vsftpd_login

(/etc/vsftpd/vsftpd_login in 3rd, 4 steps to create, user account password database file)

3, set up the user list/tmp/logins.txt content as follows

Copy CodeThe code is as follows:
Web (account number)
(User password)
Download (account number)
(User password)
Admin (account number)
(User password)

Note: Do not have a blank line, one line of account password; Odd behavior account number, even behavior password

4. Create Visitor data file (if not available: Yum install db4-utils)
#db_load-T-t hash-f/tmp/logins.txt/etc/vsftpd/vsftpd_login.db

5. Establish a local virtual user:

Copy CodeThe code is as follows:
#useradd-D/home/ftp-s/sbin/nologin virtual

6. Create a directory in/home/ftp/and change its properties and its host

Copy CodeThe code is as follows:
#chown virtual/home/ftp
#chmod 700/home/ftp

7. Create FTP User Configuration file directory:/etc/vsftpd/user_conf

Copy CodeThe code is as follows:
#mkdir/etc/vsftpd/user_conf

8. Create a user-named profile Web, download, admin in the/etc/vsftpd/user_conf directory

The contents of the "download" file are as follows:

Copy CodeThe code is as follows:
Local_root=/home/ftp (Of course, you can also be happy to set the other, but pay attention to the virtual user's permissions on this directory)
Anon_world_readable_only=no (enable download users to download, can only download; write Yes, you will not be able to list files and directories)

The contents of the "admin" file are as follows:

Copy CodeThe code is as follows:
Local_root=/home/ftp
Anon_world_readable_only=no
Write_enable=yes (Write permission)
Anon_mkdir_write_enable=yes (new directory permission)
Anon_upload_enable=yes (upload permission)
Anon_other_write_enable=yes (delete/rename permissions)

The contents of the Web file are as follows:

Copy CodeThe code is as follows:
Local_root=/var/www
Anon_world_readable_only=no
anon_umask=022 (due to the particularity of the Web page, so separate set upload file permission is 755, this mask value can be changed depending on the situation)
Write_enable=yes (Write permission)
Anon_mkdir_write_enable=yes (new directory permission)
Anon_upload_enable=yes (upload permission)
Anon_other_write_enable=yes (delete/rename permissions)

9. Finally, restart VSFTPD

Copy CodeThe code is as follows:
#/etc/init.d/vsftpd restart

Vsftp set up virtual users different directories assign different permissions operation steps detailed

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More