LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
查看: 1380|回复: 14

Slackware12 的vsftpd不能用本地用户登陆

[复制链接]
发表于 2008-1-14 19:39:01 | 显示全部楼层 |阅读模式
新装了个Slackware 12.0,想开其vsftpd功能时,发现无法用本地用户登陆,但匿名或者用ftp登陆(都不用密码)却正常。配置文件/etc/vsfptd.conf就只改了少少,基本上没怎么改过。以下是配置文件的内容:


  1. # Example config file /etc/vsftpd.conf
  2. #
  3. # The default compiled in settings are fairly paranoid. This sample file
  4. # loosens things up a bit, to make the ftp daemon more usable.
  5. # Please see vsftpd.conf.5 for all compiled in defaults.
  6. #
  7. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
  8. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
  9. # capabilities.
  10. #
  11. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
  12. anonymous_enable=YES

  13. #
  14. # Uncomment this to allow local users to log in.
  15. local_enable=YES

  16. #
  17. # Uncomment this to enable any form of FTP write command.
  18. write_enable=YES

  19. #
  20. # Default umask for local users is 077. You may wish to change this to 022,
  21. # if your users expect that (022 is used by most other ftpd's)
  22. local_umask=022

  23. #
  24. # Uncomment this to allow the anonymous FTP user to upload files. This only
  25. # has an effect if the above global write enable is activated. Also, you will
  26. # obviously need to create a directory writable by the FTP user.
  27. #anon_upload_enable=YES

  28. #
  29. # Uncomment this if you want the anonymous FTP user to be able to create
  30. # new directories.
  31. #anon_mkdir_write_enable=YES

  32. #
  33. # Activate directory messages - messages given to remote users when they
  34. # go into a certain directory.
  35. dirmessage_enable=YES

  36. #
  37. # Activate logging of uploads/downloads.
  38. xferlog_enable=YES

  39. #
  40. # Make sure PORT transfer connections originate from port 20 (ftp-data).
  41. connect_from_port_20=YES

  42. #
  43. # If you want, you can arrange for uploaded anonymous files to be owned by
  44. # a different user. Note! Using "root" for uploaded files is not
  45. # recommended!
  46. #chown_uploads=YES
  47. #chown_username=whoever

  48. #
  49. # You may override where the log file goes if you like. The default is shown
  50. # below.
  51. xferlog_file=/var/log/vsftpd.log

  52. #
  53. # If you want, you can have your log file in standard ftpd xferlog format
  54. xferlog_std_format=YES

  55. #
  56. # You may change the default value for timing out an idle session.
  57. #idle_session_timeout=600

  58. #
  59. # You may change the default value for timing out a data connection.
  60. #data_connection_timeout=120

  61. #
  62. # It is recommended that you define on your system a unique user which the
  63. # ftp server can use as a totally isolated and unprivileged user.
  64. #nopriv_user=ftpsecure

  65. #
  66. # Enable this and the server will recognise asynchronous ABOR requests. Not
  67. # recommended for security (the code is non-trivial). Not enabling it,
  68. # however, may confuse older FTP clients.
  69. #async_abor_enable=YES

  70. #
  71. # By default the server will pretend to allow ASCII mode but in fact ignore
  72. # the request. Turn on the below options to have the server actually do ASCII
  73. # mangling on files when in ASCII mode.
  74. # Beware that on some FTP servers, ASCII support allows a denial of service
  75. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
  76. # predicted this attack and has always been safe, reporting the size of the
  77. # raw file.
  78. # ASCII mangling is a horrible feature of the protocol.
  79. #ascii_upload_enable=YES
  80. #ascii_download_enable=YES

  81. #
  82. # You may fully customise the login banner string:
  83. ftpd_banner=Welcome to eashow FTP service.

  84. #
  85. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
  86. # useful for combatting certain DoS attacks.
  87. #deny_email_enable=YES
  88. # (default follows)
  89. #banned_email_file=/etc/vsftpd.banned_emails

  90. #
  91. # You may specify an explicit list of local users to chroot() to their home
  92. # directory. If chroot_local_user is YES, then this list becomes a list of
  93. # users to NOT chroot().
  94. chroot_local_user=YES
  95. chroot_list_enable=YES
  96. # (default follows)
  97. chroot_list_file=/etc/vsftpd.chroot_list

  98. #
  99. # You may activate the "-R" option to the builtin ls. This is disabled by
  100. # default to avoid remote users being able to cause excessive I/O on large
  101. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
  102. # the presence of the "-R" option, so there is a strong case for enabling it.
  103. ls_recurse_enable=YES

  104. #
  105. # To run vsftpd in standalone mode (rather than through inetd), uncomment
  106. # the line below.
  107. listen=YES

  108. userlist_enable=YES
  109. userlist_deny=YES
  110. userlist_file=/etc/vsftpd.denyuser
复制代码


有没有人遇过同样的问题? 哪位大大可否帮忙看看?:thank
 楼主| 发表于 2008-1-14 20:10:30 | 显示全部楼层
另外,vsftpd.denyuser文件只有一个用户:root,就是为了限制root用户用ftp登陆。
回复 支持 反对

使用道具 举报

发表于 2008-1-14 21:43:09 | 显示全部楼层
问一上,你改了这配置后,重启vsftpd了不?
回复 支持 反对

使用道具 举报

 楼主| 发表于 2008-1-16 20:20:40 | 显示全部楼层
Post by jazzly;1807171
问一上,你改了这配置后,重启vsftpd了不?


vsftpd肯定是重启了的,而且连系统都重启过了。:question:
回复 支持 反对

使用道具 举报

发表于 2008-1-16 21:14:40 | 显示全部楼层
都提示什么错了?
回复 支持 反对

使用道具 举报

发表于 2008-1-16 22:55:58 | 显示全部楼层
开selinux了没 - -
回复 支持 反对

使用道具 举报

 楼主| 发表于 2008-1-17 10:30:17 | 显示全部楼层
Post by lxy_bhbh;1807958
都提示什么错了?


在SSH下登陆:

  1. gavin@slackware:~$ ftp localhost
  2. Connected to localhost.
  3. 220 Welcome to eashow FTP service.
  4. Name (localhost:gavin): gavin   
  5. 331 Please specify the password.
  6. Password:
  7. 530 Login incorrect.
  8. Login failed.
  9. ftp>
复制代码


用FlashFXP登陆:

  1. WinSock 2.0 -- OpenSSL 0.9.8e 23 Feb 2007
  2. [左] 正在连接到 eashow.3322.org -> IP=61.141.182.191 端口=21
  3. [左] 已连接到 eashow.3322.org
  4. [左] 220 Welcome to eashow FTP service.
  5. [左] USER gavin
  6. [左] 331 Please specify the password.
  7. [左] PASS (hidden)
  8. [左] 530 Login incorrect.
  9. [左] 连接失败
  10. [左] 正在延迟 31 秒,在此之后将尝试第 1 次重新连接
复制代码


用户名和密码用系统帐号和其密码。
回复 支持 反对

使用道具 举报

发表于 2008-1-17 11:10:57 | 显示全部楼层
猜测:
会不会是chroot的问题,
chroot_local_user=YES
改为NO试试
回复 支持 反对

使用道具 举报

 楼主| 发表于 2008-1-17 11:26:37 | 显示全部楼层
Post by maitr;1808037
开selinux了没 - -


Slackware 12.0有selinux么?怎么查看有没有?
我find的时候,找到:
#find / -name selinux
/usr/src/linux-2.6.21.5/security/selinux

但不知selinux是否安装在slk12上,查看进程也没看到相关的进程。
回复 支持 反对

使用道具 举报

 楼主| 发表于 2008-1-17 11:30:50 | 显示全部楼层
Post by zhoun;1808148
猜测:
会不会是chroot的问题,
chroot_local_user=YES
改为NO试试


刚试过了,不是这个原因,改成NO后一样的效果
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表