Slackware12 的vsftpd不能用本地用户登陆

GavinLan

新装了个Slackware 12.0，想开其vsftpd功能时，发现无法用本地用户登陆，但匿名或者用ftp登陆(都不用密码)却正常。配置文件/etc/vsfptd.conf就只改了少少，基本上没怎么改过。以下是配置文件的内容：

1. 
   
2. # Example config file /etc/vsftpd.conf
   
3. #
   
4. # The default compiled in settings are fairly paranoid. This sample file
   
5. # loosens things up a bit, to make the ftp daemon more usable.
   
6. # Please see vsftpd.conf.5 for all compiled in defaults.
   
7. #
   
8. # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
   
9. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
   
10. # capabilities.
    
11. #
    
12. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
    
13. anonymous_enable=YES
    
14. 
    
15. #
    
16. # Uncomment this to allow local users to log in.
    
17. local_enable=YES
    
18. 
    
19. #
    
20. # Uncomment this to enable any form of FTP write command.
    
21. write_enable=YES
    
22. 
    
23. #
    
24. # Default umask for local users is 077. You may wish to change this to 022,
    
25. # if your users expect that (022 is used by most other ftpd's)
    
26. local_umask=022
    
27. 
    
28. #
    
29. # Uncomment this to allow the anonymous FTP user to upload files. This only
    
30. # has an effect if the above global write enable is activated. Also, you will
    
31. # obviously need to create a directory writable by the FTP user.
    
32. #anon_upload_enable=YES
    
33. 
    
34. #
    
35. # Uncomment this if you want the anonymous FTP user to be able to create
    
36. # new directories.
    
37. #anon_mkdir_write_enable=YES
    
38. 
    
39. #
    
40. # Activate directory messages - messages given to remote users when they
    
41. # go into a certain directory.
    
42. dirmessage_enable=YES
    
43. 
    
44. #
    
45. # Activate logging of uploads/downloads.
    
46. xferlog_enable=YES
    
47. 
    
48. #
    
49. # Make sure PORT transfer connections originate from port 20 (ftp-data).
    
50. connect_from_port_20=YES
    
51. 
    
52. #
    
53. # If you want, you can arrange for uploaded anonymous files to be owned by
    
54. # a different user. Note! Using "root" for uploaded files is not
    
55. # recommended!
    
56. #chown_uploads=YES
    
57. #chown_username=whoever
    
58. 
    
59. #
    
60. # You may override where the log file goes if you like. The default is shown
    
61. # below.
    
62. xferlog_file=/var/log/vsftpd.log
    
63. 
    
64. #
    
65. # If you want, you can have your log file in standard ftpd xferlog format
    
66. xferlog_std_format=YES
    
67. 
    
68. #
    
69. # You may change the default value for timing out an idle session.
    
70. #idle_session_timeout=600
    
71. 
    
72. #
    
73. # You may change the default value for timing out a data connection.
    
74. #data_connection_timeout=120
    
75. 
    
76. #
    
77. # It is recommended that you define on your system a unique user which the
    
78. # ftp server can use as a totally isolated and unprivileged user.
    
79. #nopriv_user=ftpsecure
    
80. 
    
81. #
    
82. # Enable this and the server will recognise asynchronous ABOR requests. Not
    
83. # recommended for security (the code is non-trivial). Not enabling it,
    
84. # however, may confuse older FTP clients.
    
85. #async_abor_enable=YES
    
86. 
    
87. #
    
88. # By default the server will pretend to allow ASCII mode but in fact ignore
    
89. # the request. Turn on the below options to have the server actually do ASCII
    
90. # mangling on files when in ASCII mode.
    
91. # Beware that on some FTP servers, ASCII support allows a denial of service
    
92. # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
    
93. # predicted this attack and has always been safe, reporting the size of the
    
94. # raw file.
    
95. # ASCII mangling is a horrible feature of the protocol.
    
96. #ascii_upload_enable=YES
    
97. #ascii_download_enable=YES
    
98. 
    
99. #
    
100. # You may fully customise the login banner string:
     
101. ftpd_banner=Welcome to eashow FTP service.
     
102. 
     
103. #
     
104. # You may specify a file of disallowed anonymous e-mail addresses. Apparently
     
105. # useful for combatting certain DoS attacks.
     
106. #deny_email_enable=YES
     
107. # (default follows)
     
108. #banned_email_file=/etc/vsftpd.banned_emails
     
109. 
     
110. #
     
111. # You may specify an explicit list of local users to chroot() to their home
     
112. # directory. If chroot_local_user is YES, then this list becomes a list of
     
113. # users to NOT chroot().
     
114. chroot_local_user=YES
     
115. chroot_list_enable=YES
     
116. # (default follows)
     
117. chroot_list_file=/etc/vsftpd.chroot_list
     
118. 
     
119. #
     
120. # You may activate the "-R" option to the builtin ls. This is disabled by
     
121. # default to avoid remote users being able to cause excessive I/O on large
     
122. # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
     
123. # the presence of the "-R" option, so there is a strong case for enabling it.
     
124. ls_recurse_enable=YES
     
125. 
     
126. #
     
127. # To run vsftpd in standalone mode (rather than through inetd), uncomment
     
128. # the line below.
     
129. listen=YES
     
130. 
     
131. userlist_enable=YES
     
132. userlist_deny=YES
     
133. userlist_file=/etc/vsftpd.denyuser
     

复制代码

有没有人遇过同样的问题？ 哪位大大可否帮忙看看？:thank

GavinLan

另外，vsftpd.denyuser文件只有一个用户：root，就是为了限制root用户用ftp登陆。

jazzly

问一上，你改了这配置后，重启vsftpd了不？

GavinLan

Post by jazzly;1807171
问一上，你改了这配置后，重启vsftpd了不？

vsftpd肯定是重启了的，而且连系统都重启过了。:question:

lxy_bhbh

都提示什么错了？

maitr

开selinux了没 - -

GavinLan

Post by lxy_bhbh;1807958
都提示什么错了？

在SSH下登陆：

1. 
   
2. gavin@slackware:~$ ftp localhost
   
3. Connected to localhost.
   
4. 220 Welcome to eashow FTP service.
   
5. Name (localhost:gavin): gavin   
   
6. 331 Please specify the password.
   
7. Password:
   
8. 530 Login incorrect.
   
9. Login failed.
   
10. ftp>
    

复制代码

用FlashFXP登陆：

1. 
   
2. WinSock 2.0 -- OpenSSL 0.9.8e 23 Feb 2007
   
3. [左] 正在连接到 eashow.3322.org -> IP=61.141.182.191 端口=21
   
4. [左] 已连接到 eashow.3322.org
   
5. [左] 220 Welcome to eashow FTP service.
   
6. [左] USER gavin
   
7. [左] 331 Please specify the password.
   
8. [左] PASS (hidden)
   
9. [左] 530 Login incorrect.
   
10. [左] 连接失败
    
11. [左] 正在延迟 31 秒，在此之后将尝试第 1 次重新连接
    

复制代码

用户名和密码用系统帐号和其密码。

zhoun

猜测:
会不会是chroot的问题,
chroot_local_user=YES
改为NO试试

GavinLan

Post by maitr;1808037
开selinux了没 - -

Slackware 12.0有selinux么？怎么查看有没有？
我find的时候，找到：
#find / -name selinux
/usr/src/linux-2.6.21.5/security/selinux

但不知selinux是否安装在slk12上，查看进程也没看到相关的进程。

GavinLan

Post by zhoun;1808148
猜测:
会不会是chroot的问题,
chroot_local_user=YES
改为NO试试

刚试过了，不是这个原因，改成NO后一样的效果