Linux file server in combat of anonymous Users

1. Processes and threads

vsftp server

1. File Transfer Protocol (file transfer protocol,FTP)

Based on the protocol ftp client and server to achieve file sharing, upload and download files

FTP generates a virtual connection based on THE TCP protocol to control the ftp connection information. At the same time, an TCP connection is regenerated for FTP data transmission

2.ftp transmission mode

3.FTP installation configuration

a.yum mode installation

b. Source cheap installation

1)yum install -y vsftpd*

2) Configuration file path after vsftpd installation, start vsftpd service and check whether the process is started

　rpm -ql | more
　　systemctl start vsftpd
　　ps -ef | grep vsftpd

3)Vsftpd default configuration file

　　[xj@www ~]$ sudo cat /etc/vsftpd/vsftpd.conf |grep -v "^#"|grep -v "^$" Remove comments and blank lines

[

anonymous_enable=YES enables anonymous user access
local_enable=YES enables local system user access
write_enable=YES Local system user write permissions
local_umask=022 Local user creates file and directory default permissions mask
dirmessage_enable=YES prints the directory to display information for the user's first visit to the directory
xferlog_enable=YES Enable upload/download logging
connect_from_port_20=YES FTP: USES the 20 port number for data transmission
The xferlog_std_format=YES log file will be written according to the xferlog guaranteed format
listen=YESvsftp does not start as a standalone service. It is recommended to change to YES through xinetd service management
listen_ipv6=NO enables IPv6 listening
pam_service_name=vsftpd Log on the Ftp server and authenticate against the content in /etc/ pam.dvsftpd
userlist_enable= ES110enES111en. user_list and ftpusers configuration files are not accessible to users
tcp_wrappers=YES Sets vsftpd and tcp wrapper in combination for host access control. The vsftpd server checks the Settings in /etc/ hosts.allow and /etc/hosts/deny to determine whether the host requesting a link is allowed to access the ftp server

]

4)FTP defaults to active mode. The method of setting passive mode is as follows:

pasv_enable=YES
　　pasv_main_port=6000
　　pasv_max_port=60100

5) Configuration of anonymous user, access path is /var/ftp/pub, By default, you only have access to view. If you want to upload, download and delete, you need to add the following code:

anon_upload_enable=YES
　　anon_mkdir_write_enable=YES
　　anon_other_write_enable=YES

Since the default vsftp anonymous user has anonymous and ftp, if you want to upload, delete and modify permissions, you need to modify /var/ftp/pub to have write permissions (any of the following commands will do)

　chown -R ftp pub/
　　chown o+w pub/

The problem area

[

1.vsftpd.service: control process exited, code=exit...s=2

]

Since the vsftp configuration file in centos7 defaults to listen_ipv6=YES, and our current network environment does not support ipv6,

This causes an error and fails to start,

So the solution is to change listen_ipv6=YES to: listen_ipv6=NO, or comment out the 1 line

Click the above method to comment out listen_ipv6=YES and start vsftp successfully

When uploading a file:

[

2.553 Could not create file.
getsebool -a|grep ftp
setsebool allow_ftpd_full_access on

3.500 OOPS: vsftpd: refusing to run with writable root inside chroot ()
chmod a-w /var/ftp

]

conclusion

The above is the site to you Linux file server combat details (anonymous user), I hope to help you, if you have any questions welcome to leave a message, this site will promptly reply you!