在 centos 中配置 proftpd 用户访问 /var/www/

在 centos 中配置 proftpd 用户访问 /var/www/

我在配置 proftpd 以允许系统用户访问 centos 机器上的 /var/www/ 时遇到了麻烦。

proftpd配置文件

ServerName                      "ProFTPD server"
ServerIdent                     on "FTP Server ready."
ServerAdmin                     root@localhost
ServerType                      standalone
DefaultServer                   on
VRootEngine                     on
#DefaultRoot                    ~ !adm
DefaultRoot                     /var/www/
VRootAlias                      /etc/security/pam_env.conf etc/security/pam_env.conf
AuthPAMConfig                   proftpd
AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
#PersistentPasswd               off
UseReverseDNS                   off
User                            nobody
Group                           nobody
MaxInstances                    20
UseSendfile                     off
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

<Global>
  Umask                         022
  AllowOverwrite                yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>
</Global>

<Limit LOGIN>
AllowUser ftpuser
DenyALL
</Limit>

我创建了一个系统用户“ftpuser”,其主目录为 /var/www/,并有一个有效的 shell。我可以以该用户身份通过​​ ssh 进入并查看正确的目录等。

但是,当我尝试使用 ftp 客户端连接或甚至从 shell 连接到本地主机时,我收到错误:

Status: Connecting to 10.0.10.10:21...
Status: Connection established, waiting for welcome message...
Response:   220 FTP Server ready.
Command:    USER ftpuser
Response:   331 Password required for ftpuser
Command:    PASS *******
Response:   230 User ftpuser logged in
Command:    OPTS UTF8 ON
Response:   200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is the current directory
Command:    TYPE I
Response:   200 Type set to I
Command:    PASV
Response:   227 Entering Passive Mode (10,0,10,10,184,18).
Command:    MLSD
Response:   550 /: Invalid argument
Error:  Failed to retrieve directory listing

或者:

telnet localhost 21
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 FTP Server ready.
user ftpuser
331 Password required for ftpuser
pass PASSWD
230 User ftpuser logged in
LIST
425 Unable to build data connection: Invalid argument
MLSD
550 /: Invalid argument

有人知道这里发生了什么以及如何解决吗?

答案1

检查 SElinux 是否没有给你带来问题

setenforce 0

如果这解决了你的问题,那么重新打开 SELinux(setenforce 1),然后尝试设置 ftp_home_dir 布尔值

setsebool -P ftp_home_dir on

这将允许 ftp 守护进程访问用户主目录。

相关内容