我有一台安装了 proftpd 的 freebsd 服务器。当我将目录的权限设置为 777 时,我可以覆盖文件,但是使用文件夹的 755 权限时,我无法覆盖文件夹中的文件。
在 conf 文件中:我将“AllowOverwrite”更改为“on”,将用户和组更改为“root”,但这没有帮助。
我该如何修复这个错误?
这是我的 proftpd.conf 文件:
ServerName "Servername"
ServerType standalone
ServerIdent on "Servers identifying string"
DeferWelcome on
DefaultServer on
DisplayLogin .welcome # Textfile to display on login
DisplayConnect .connect # Textfile to display on connection
#DisplayFirstChdir .firstchdir # Textfile to display on first changedir
UseReverseDNS off
IdentLookups off
Port 21
PassivePorts 60000 65000
Umask 022
MaxInstances 15
MaxClientsPerHost 10 "Only %m connections per host allowed"
MaxClients 10 "Only %m total simultanious logins allowed"
MaxHostsPerUser 1
User root
Group root
ScoreboardFile /var/log/scoreboard
# Some logging formats
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
# Define log-files to use
TransferLog /var/log/proftpd.xferlog
ExtendedLog /var/log/proftpd.access_log WRITE,READ write
ExtendedLog /var/log/proftpd.auth_log AUTH auth
ExtendedLog /var/log/proftpd.paranoid_log ALL default
SQLLogFile /var/log/proftpd.mysql
# Set up authentication via SQL
# ===========
AuthOrder mod_sql.c
SQLAuthTypes Backend
SQLConnectInfo proftpd_admin@localhost proftpd Icl0ud
SQLUserInfo usertable userid passwd uid gid homedir shell
SQLGroupInfo grouptable groupname gid members
SQLUserWhereClause "disabled=0 and (NOW()<=expiration or expiration=-1 or expiration=0)"
# Log the user logging in
SQLLog PASS counter
SQLNamedQuery counter UPDATE "lastlogin=now(), count=count+1 WHERE userid='%u'" usertable
# logout log
SQLLog EXIT time_logout
SQLNamedQuery time_logout UPDATE "lastlogout=now() WHERE userid='%u'" usertable
# display last login time when PASS command is given
SQLNamedQuery login_time SELECT "lastlogin from usertable where userid='%u'"
SQLShowInfo PASS "230" "Last login was: %{login_time}"
# xfer Log in mysql
SQLLog RETR,STOR transfer1
SQLNamedQuery transfer1 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now(), 'c', NULL" xfer_stat
SQLLOG ERR_RETR,ERR_STOR transfer2
SQLNamedQuery transfer2 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now(), 'i', NULL" xfer_stat
AllowStoreRestart on
AllowRetrieveRestart on
RequireValidShell off
PathDenyFilter "\\.ftp)|\\.ht)[a-z]+$"
DefaultRoot ~
DenyFilter \*.*/
<Directory /usr/home/*>
AllowOverwrite on
HideNoAccess off
<Limit READ>
AllowAll
</Limit>
<Limit WRITE>
DenyGroup !admins
</Limit>
</Directory>
<Directory /*>
AllowOverwrite on
HideNoAccess on
<Limit READ>
DenyGroup !admins
</Limit>
<Limit STOR MKD>
AllowAll
</Limit>
</Directory>
答案1
您在管理员群组吗?
DenyGroup !管理员
答案2
我sudo journalctl -ae proftpd
的输出(Debian)是
… systemd[1]: Starting proftpd.service - ProFTPD FTP Server...
… proftpd[2383423]: Checking syntax of configuration file
… proftpd[2383423]: mod_dso/0.5: unable to load 'mod_rewrite.c'; check to see if '/usr/lib/proftpd/mod_rewrite.la' exists
… proftpd[2383423]: fatal: LoadModule: error loading module 'mod_rewrite.c': No such file or directory on line 74 of '/etc/proftpd/modules.conf'
… proftpd[2383423]: warning: unable to include '/etc/proftpd/modules.conf': Operation not permitted
… proftpd[2383423]: mod_memcache/0.1: compiled using libmemcached-1.0.18 headers, but linked to libmemcached-1.1.3 library
… proftpd[2383424]: mod_dso/0.5: unable to load 'mod_rewrite.c'; check to see if '/usr/lib/proftpd/mod_rewrite.la' exists
… proftpd[2383424]: fatal: LoadModule: error loading module 'mod_rewrite.c': No such file or directory on line 74 of '/etc/proftpd/modules.conf'
… proftpd[2383424]: warning: unable to include '/etc/proftpd/modules.conf': Operation not permitted
… proftpd[2383424]: mod_memcache/0.1: compiled using libmemcached-1.0.18 headers, but linked to libmemcached-1.1.3 library
… proftpd[2383425]: localhost - ProFTPD 1.3.8 (stable) (built Thu Dec 15 2022 21:47:50 UTC) standalone mode STARTUP
… systemd[1]: Started proftpd.service - ProFTPD FTP Server.
如上所示fatal
。由于它/etc/proftpd/proftpd.conf
从未加载,因此使用了默认的内置配置。
就我而言,我必须:
- 注释掉
LoadModule mod_rewrite.c
/etc/proftpd/modules.conf
- 然后
sudo systemctl restart proftpd
proftpd 被编程为在发生致命错误后继续加载并忽略所有配置,这是非常糟糕的(特别是出于安全原因)。