<p>今天把vsftpd升级到了v2.3.5,<wbr>配置文件还是使用原来的.允许本地用户登录ftp,<wbr>并且使用chroot限制ftp根目录.<wbr>启动登录之后发现如下错误:</p><div style="'margin:" 0px="0px" 0px="0px" 5px; padding: 0px; border: 1px="1px" solid="solid" rgb(195, 206, 217); width: auto; text-align: left; line-height: 24px; font-family: Fixedsys, "BitStream Vera="Vera" Sans="Sans" Mono", "Courier New", Courier, monospace; font-size: 13px; background-color: rgb(249, 251, 252);'><ol style="'margin:" 0px; padding: 0px="0px" 12px="12px" 0px="0px" 56px; border: 0px="0px" currentColor; background-image: url("http://www.centos.bz/wp-content/plugins/coolcode/images/hide.gif"); background-repeat: no-repeat no-repeat; background-color: transparent;' title="Double click="click" to="to" hide="hide" line="line" number."><li style="list-style: decimal="decimal" !important; margin: 0px="0px" !important; padding: 0px="0px" 0px="0px" 0px="0px" 12px="12px" !important; line-height: 20px="20px" !important; font-size: 12px="12px" !important; border-top-color: rgb(227, 238, 249) !important; border-left-color: rgb(195, 206, 217); border-top-width: 1px; border-left-width: 1px; border-top-style: solid; border-left-style: solid;">500 OOPS: vsftpd: refusing to run with writable root inside chroot()</li></ol></div><p>意思是不能使用chroot限制可写的根目录,<wbr>看了下vsftpd的更新日志:</p><div style="'margin:" 0px="0px" 0px="0px" 5px; padding: 0px; border: 1px="1px" solid="solid" rgb(195, 206, 217); width: auto; text-align: left; line-height: 24px; font-family: Fixedsys, "BitStream Vera="Vera" Sans="Sans" Mono", "Courier New", Courier, monospace; font-size: 13px; background-color: rgb(249, 251, 252);'><ol style="'margin:" 0px; padding: 0px="0px" 12px="12px" 0px="0px" 56px; border: 0px="0px" currentColor; background-image: url("http://www.centos.bz/wp-content/plugins/coolcode/images/hide.gif"); background-repeat: no-repeat no-repeat; background-color: transparent;' title="Double click="click" to="to" hide="hide" line="line" number."><li style="list-style: decimal="decimal" !important; margin: 0px="0px" !important; padding: 0px="0px" 0px="0px" 0px="0px" 12px="12px" !important; line-height: 20px="20px" !important; font-size: 12px="12px" !important; border-top-color: rgb(227, 238, 249) !important; border-left-color: rgb(195, 206, 217); border-top-width: 1px; border-left-width: 1px; border-top-style: solid; border-left-style: solid;">Add stronger checks for the configuration error of running with a writeable root directory inside a chroot(). This may bite people who carelessly turned on chroot_local_user but such is life.</li></ol></div><p>好吧,我们如果启用chroot,必须保证ftp根目录不可写,<wbr>这样对于ftp根直接为网站根目录的用户不方便,<wbr>所以建议假如ftp根目录是/home/<a style="color: rgb(1, 150, 227); text-decoration: none;" title="centos" href="http://www.centos.bz/" target="_blank">centos</a>,<wbr>那么网站结构可以这样分,/home/centos/<wbr>log为日志目录,/home/centos/<wbr>web为网站根目录,这样我们就可以去掉/home/<wbr>centos目录的写入权限而不影响网站的正常运行</p><div style="'margin:" 0px="0px" 0px="0px" 5px; padding: 0px; border: 1px="1px" solid="solid" rgb(195, 206, 217); width: auto; text-align: left; line-height: 24px; font-family: Fixedsys, "BitStream Vera="Vera" Sans="Sans" Mono", "Courier New", Courier, monospace; font-size: 13px; background-color: rgb(249, 251, 252);'><ol style="'margin:" 0px; padding: 0px="0px" 12px="12px" 0px="0px" 56px; border: 0px="0px" currentColor; background-image: url("http://www.centos.bz/wp-content/plugins/coolcode/images/hide.gif"); background-repeat: no-repeat no-repeat; background-color: transparent;' title="Double click="click" to="to" hide="hide" line="line" number."><li style="'list-style:" decimal="decimal" !important; margin: 0px="0px" !important; padding: 0px="0px" 0px="0px" 0px="0px" 12px="12px" !important; color: rgb(34, 34, 34); text-transform: none; line-height: 20px="20px" !important; text-indent: 0px; letter-spacing: normal; font-family: Fixedsys, "BitStream Vera="Vera" Sans="Sans" Mono", "Courier New", Courier, monospace; font-size: 12px="12px" !important; font-style: normal; font-variant: normal; font-weight: normal; word-spacing: 0px; border-top-color: rgb(227, 238, 249) !important; border-left-color: rgb(195, 206, 217); border-top-width: 1px; border-left-width: 1px; border-top-style: solid; border-left-style: solid; white-space: normal; orphans: 2; widows: 2; background-color: rgb(249, 251, 252); -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;'>chmod a-w /home/centos</li></ol></div> |