我使用 nginx 作为我的 Web 服务器,使用 vsftpd 进行 FTP 访问。我已完成所有设置,并运行了一个可从外部世界访问的测试站点。还有一个运行良好的 API 后端。
注意:我已删除一些适用的敏感信息,如域名和 IP。
我可以通过 FTP/FileZilla 连接到 FTP 服务器,浏览、创建文件夹以及通过 FTP 创建文件。但是,我在 vsftpd 日志中收到以下错误。当另一台机器上的工具通过 FTP 连接自动上传到文件夹时,就会发生这种情况,而我对此没有太多控制权。
Tue Feb 18 10:20:09 2020 [pid 2536] [FTP_USER_ID] FAIL MKDIR: Client "::ffff:88.215.0.185", "/dev.test.com/folder1/folder2/folder3"
我相信我的权限是正确的,但我会在这里列出它们,希望有人能发现我的错误。
将用户的 $HOME 设置为 /var/www
Command: getent passwd FTP_USER_ID
Result FTP_USER_ID :x:1001:1001:,,,:/var/www:/bin/bash
读取 FTP 用户的设置权限 命令: ls -l /var/www
total 8
drwxr-xr-x 15 FTP_USER_ID FTP_USER_ID 4096 Feb 17 22:48 dev.example.com
drwxr-xr-x 2 FTP_USER_ID FTP_USER_ID 4096 Feb 17 01:51 html
vsftpd 配置文件
listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
force_dot_files=YES
pasv_min_port=40000
pasv_max_port=50000
nginx.conf
server {
listen 80;
listen [::]:80;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/dev.example.com;
server_name dev. example.com;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /api/ {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
}
}
附言:无论谁解决了这个问题,都可以得到一杯啤酒:)
答案1
通过调整来修复:listen=YES listen_ipv6=NO