System version:Linux centos7_server 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@centos7_server ~]# ftp 1.1.1.1
Connected to 1.1.1.1(1.1.1.1).
220 (vsFTPd 3.0.2)
Name (1.1.1.1:root): MyD
331 Please specify the password.
Password:
500 OOPS: vsftpd: refusing to run with writable root inside chroot()
Login failed.
421 Service not available, remote server has closed connection
ftp>
[root@centos7_server ~]# vim /etc/vsftpd/vsftpd.conf
在配置文件内写入 allow_writeable_chroot=YES, 给账户加入写入权限。
随后重新启动vsftpd服务, 如果一次解决不了,那就两次。
[root@centos7_server ~]# ftp 1.1.1.1
Connected to 1.1.1.1(1.1.1.1).
220 (vsFTPd 3.0.2)
Name (1.1.1.1:root): MyD
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
特别补充说明,以上作业动作仅仅是关闭了 Iptables 及 Firewalld,SELinux是开启状态,对SELinux有做一项动作。
systemctl stop iptables 关闭iptables
systemctl stop fireawlld 关闭firewalld
[root@centos7_server ~]# getsebool -a | grep ftpd
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off 把ftpd_full_access 设置为 ftpd_full_access on
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
[root@centos7_server ~]# setsebool -P ftpd_full_access on 这个指令的大意为:开启SELinux域中对ftp服务的允许策略
[root@centos7_server ~]# getsebool -a | grep ftpd
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> offftpd_full_access --> on
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
[root@centos7_server ~]#