环境
[root@CentOS7 ~]# uname -a
Linux CentOS7 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
安装vsftp
1,检查是否安装
[root@CentOS7 ~]# rpm -q vsftpd
package vsftpd is not installed
[root@CentOS7 ~]# yum install vsftpd -y
2,查看版本
[root@CentOS7 ~]# rpm -q vsftpd
vsftpd-3.0.2-22.el7.x86_64
3,查看服务状态
[root@CentOS7 ~]# systemctl status vsftpd.service
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
配置
1,备份配置文件
[root@CentOS7 ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak
[root@CentOS7 ~]# ls /etc/vsftpd/
ftpusers user_list vsftpd.conf vsftpd.conf.bak vsftpd_conf_migrate.sh
2,修改配置
[root@CentOS7 ~]# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
chroot_local_user=YES
use_localtime=YES
listen_port=22222
chroot_local_user=YES
idle_session_timeout=300
guest_enable=YES
guest_username=vsftpd
user_config_dir=/etc/vsftpd/vconf
data_connection_timeout=1
virtual_use_local_privs=YES
pasv_min_port=10060
pasv_max_port=10090
accept_timeout=5
connect_timeout=1
3,查看是否安装db,没安装安装即可
[root@CentOS7 ~]# rpm –q db
4,生成db文件并设置权限
[root@CentOS7 ~]# db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db
[root@CentOS7 ~]# chmod 600 /etc/vsftpd/virtusers.db
5,修改/etc/pam.d/vsftpd文件
[root@CentOS7 ~]# cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
[root@CentOS7 ~]# vim /etc/pam.d/vsftpd
#%PAM-1.0
session optional pam_keyinit.so force revoke
#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth required pam_shells.so
#auth include password-auth
#account include password-auth
session required pam_loginuid.so
session include password-auth
auth sufficient/lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers
account sufficient/lib64/security/pam_userdb.so db=/etc/vsftpd/virtusers
用户设置
用户登录终端设为/bin/false(即:使之不能登录系统)
[root@CentOS7 ~]# useradd vsftpd -d/home/vsftpd -s /bin/false
[root@CentOS7 ~]# chown -R vsftpd:vsftpd /home/vsftpd
[root@CentOS7 ~]# mkdir /etc/vsftpd/vconf
[root@CentOS7 ~]# cd /etc/vsftpd/vconf
[root@CentOS7 vconf]# mkdir -p /home/vsftpd/heweiwei/
[root@CentOS7 vconf]# vim heweiwei
local_root=/home/vsftpd/heweiwei/write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
防火墙设置
[root@CentOS7 vconf]# firewall-cmd --permanent --zone=public --add-service=ftp
success
[root@CentOS7 vconf]#
[root@CentOS7 vconf]# firewall-cmd --reload
success
[root@CentOS7 vconf]# getsebool -a | grep ftp
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
httpd_can_connect_ftp --> off
httpd_enable_ftp_server --> off
tftp_anon_write --> off
tftp_home_dir --> off
[root@CentOS7 vconf]# setsebool -P ftpd_full_access on
启动ftp
[root@CentOS7 vconf]# systemctl stop vsftpd.service
[root@CentOS7 vconf]# systemctl start vsftpd.service
[root@CentOS7 vconf]# systemctl status vsftpd.service
● vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2018-11-13 10:25:52 CST; 7s ago
Process: 15155 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 15156 (vsftpd)
CGroup: /system.slice/vsftpd.service
└─15156 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
Nov 13 10:25:52 CentOS7 systemd[1]: Starting Vsftpd ftp daemon...
Nov 13 10:25:52 CentOS7 systemd[1]: Started Vsftpd ftp daemon.
[root@CentOS7 vconf]#
测试
[root@CentOS7 ftp]# cd /var/ftp
[root@CentOS7 ftp]# pwd
/var/ftp
[root@CentOS7 ftp]#mkdir dial edns_dial pub ymdial
[root@CentOS7 ftp]# ls
dial edns_dial pub ymdial
参考
https://www.cnblogs.com/jefflee168/p/6575014.html
https://blog.csdn.net/wst878882582/article/details/80402666