systemctl stop firewalld
systemctl disable firewalld
yum install vsftpd
yum install psmisc net-tools systemd-devel libdb-devel perl-DBI
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=vsftp
user_config_dir=/etc/vsftpd/user
allow_writeable_chroot=YES
chroot_local_user=YES
cd /etc/vsftpd
mkdir user
cd user
vi vsftpuser.txt
guowang1
111111
guowang2
222222
guowang3
333333
db_load -T -t hash -f /etc/vsftpd/user/vsftpuser.txt /etc/vsftpd/user/vsftpuser.db
vi /etc/pam.d/vsftpd
#%PAM-1.0
#session optional pam_keyinit.so force revoke
#auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth required pam_shells.so
#auth include password-auth
#account include password-auth
#session required pam_loginuid.so
#session include password-auth
auth required /lib64/security/pam_userdb.so db=/etc/vsftpd/user/vsftpuser
account required /lib64/security/pam_userdb.so db=/etc/vsftpd/user/vsftpuser
vi guowang1(管理员权限)
local_root=/opt/vsftpd
write_enable=YES
anon_world_readable_only=NO
anon_mkdir_write_enable=YES
anon_upload_enable=YES
anon_other_write_enable=YES
vi guowang3(下载权限)
local_root=/opt/vsftpd
anon_world_readable_only=NO
cd /opt
mkdir vsftpd
chmod 777 /opt/vsftpd
systemctl start vsftpd
systemctl status vsftpd
useradd -d /opt/www/web vsfp -s /sbin/nologin
vi guowang
write_enable=YES
以下两个控制上传文件的权限
anon_umask=022
file_open_mode=0777
anon_world_readable_only=NO
anon_mkdir_write_enable=YES
anon_upload_enable=YES
anon_other_write_enable=YES
八、新建系统用户vsftpd,用户目录为/home/wwwroot, 用户登录终端设为/bin/false(即使之不能登录系统)
useradd vsftpd -d /home/wwwroot -s /bin/false
chown vsftpd:vsftpd /home/wwwroot -R
chown www:www /home/wwwroot -R #如果虚拟用户的宿主用户为www,需要这样设置。
