设为首页收藏本站

LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
LinuxSir.cn,穿越时空的Linuxsir!»论坛 运维技术 —— LinuxSir.cn 服务器架设、应用、维护 proftpd用户权限设置不起作用。附配置文件,请帮忙查错 ...
返回列表 发新帖
查看: 813|回复: 3

proftpd用户权限设置不起作用。附配置文件,请帮忙查错,谢谢。

[复制链接]
发表于 2004-10-9 12:30:32 | 显示全部楼层 |阅读模式
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "www.m-cool.cn FTP Server"
ServerType standalone
DefaultServer on

# Port 21 is the standard FTP port.
Port 2100
RootLogin off
AllowRetrieveRestart on
# "nobody" and "ftp" for normal operation and anon.

ServerName "www.m-cool.cn FTP Server"
ServerType standalone
DefaultServer on

# Port 21 is the standard FTP port.
Port 2100
ServerIdent off
RootLogin off
AllowRetrieveRestart on
AllowStoreRestart on
UseReverseDNS off
identLookups off
MaxLoginAttempts 5
#DirFakeUser On FTP #inorder to no show group and id info
DirFakeGroup On FTP
TimeoutLogin 30
TimeoutIdle 120
TimeoutNoTransfer 300
MaxClientsPerHost 5
#umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Set the user and group under which the server will run.
User nobody
Group nobody
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~ ftpusers
<Directory />
AllowOverwrite on
</Directory>

AllowForeignAddress on
PassivePorts 49152 65534
# Normally, we want files to be overwriteable.
AllowOverwrite on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
<Directory />
AllowOverwrite on
</Directory>
<Directory /data/system/ftp/test>
<Limit RMD RMD RNFR DELE RETR>
DenyUser tester
</Limit>
</Directory>

<Directory /data/system/ftp/ftp>
<Limit WRITE>
DenyUser movie
</Limit>
</Directory>

AllowForeignAddress on
PassivePorts 49152 65534
# Normally, we want files to be overwriteable.
AllowOverwrite on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>

我想起的作用:tester用户在/data/system/ftp/test目录下只能上传,不允许删除,改名,下载,但实际情况是可以上传,删除,下载,等同于这个限制不起作用,不知哪里出现了语法错误。请指点。
回复

使用道具 举报

faint
发表于 2004-10-9 22:50:00 | 显示全部楼层
<Directory /pub>
<Limit WRITE MKD DELE RMD>
Denyall
</Limit>
</Directory>
<Directory /incoming/temp>
<Limit WRITE>
Allowall
</Limit>
</Directory>


给你一个有关相关的资源吧。

#<LIMIT>容器内有以下权限:
#       CWD:改变所在目录
#       MKD/XMKD:新建目录
#       RNFR/RNTO:重命名目录的(一起使用)
#       DELE:删除文件
#       RMD/XRMD:删除目录
#       RETR:下载
#       STOR:上传
#       LOGIN:登陆
#       READ:包括了RETR,SITE,SIZE,STAT
#       WRITE:包括了APPE, DELE, MKD, RMD, RNTO, STOR, XMKD, XRMD
#       DIRS:包括了DUP, CWD, LIST, MDTM, NLST, PWD, RNFR, XCUP, XCWD, XPWD
#       ALL:包括了READ WRITE DIRS
#以上权限结合动作一起使用:
#       AllowUser:允许某个用户
#       DenyUser:禁止某个用户
#       AllowGroup:允许某个用户组
#       DenyGroup:禁止某个用户组
#       AllowAll:允许所有用户
#       DenyAll:禁止所有用户
回复 支持 反对

使用道具 举报

 楼主| 发表于 2004-10-10 08:59:37 | 显示全部楼层
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "www.m-cool.cn FTP Server"
ServerType                              standalone
DefaultServer                   on
RequireValidShell                       off     #匿名登陆没有shell可以进入
ServerIdent                     off     #不显示FTP信息
RootLogin                               off     #root用户不能进入
AllowRetrieveRestart            on      #允许断点下载
AllowStoreRestart               on      #允许断点续传
UseReverseDNS                   off     #加快连接速度
IdentLookups                    off     #加快连接速度
MaxLoginAttempts                5       #密码错误重复尝试次数
TimeoutLogin                    30
TimeoutIdle                     120
TimeoutNoTransfer               300
MaxClientsPerHost                5      "对不起,每个ip只允许有5个连接!" #5线程
MaxHostsPerUser                 100     "对不起,已经到达该用户最大连接数100,请您稍候再试!"
#RateReadBPS                    204800 #写速度限制为200k
#RateWriteBPS                   204800 #读速度限制为200k
AllowForeignAddress             on
PassivePorts 49152 65534


DefaultRoot ~ ftpusers

# Port 21 is the standard FTP port.
Port                            2100

#umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    100     #最大连接数

# Set the user and group under which the server will run.
User                    nobody
Group           nobody
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.



# Normally, we want files to be overwriteable.
AllowOverwrite          on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
#<Anonymous ~ftp>
# User                         ftp
# Group                                ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
  #UserAlias                    anonymous ftp

  # Limit the maximum number of anonymous logins
  #MaxClients                   10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  #DisplayLogin                 welcome.msg
  #DisplayFirstChdir            .message

  # Limit WRITE everywhere in the anonymous chroot
  #<Limit WRITE>
   # DenyAll
  #</Limit>
#</Anonymous>
<VirtualHost 202.103.25.185>
ServerAdmin webmaster@m-cool.cn
ServerName      "m-cool ftp server"

  # Limit WRITE everywhere in the anonymous chroot
  #<Limit WRITE>
   # DenyAll
  #</Limit>
#</Anonymous>
<Directory /data/system/ftp/ftp>
<Limit WRITE MKD DELE RMD>
Denyall
</Limit>
</Directory>
<Directory /data/system/ftp/incoming>
<Limit WRITE>
Allowall
</Limit>
</Directory>

权限还是不起作用。
我开pub帐号,主目录设为/data/system/ftp,此帐号在所以的目录下全可以上传,下载,删除操作。
回复 支持 反对

使用道具 举报

发表于 2005-4-10 21:18:11 | 显示全部楼层
我也遇到这样的问题,今天我把所有的配置都设置在anonymous里,就起作用了
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表