Simple virtual user mode of CentOS7 +vsftpd

Introduce a method to realize FTP user management through a user list file, virtual user mode

1. Create a virtual user

[root@localhost pub]# useradd -d /www/ftp -s /sbin/nologin vftpuser
[root@localhost pub]# chown vftpuser:vftpuser /www/ftp -R
[root@localhost pub]# cd /www/
[root@localhost www]# ls -al
总用量 0
drwxr-xr-x.  3 root     root      17 10月  6 01:41 .
dr-xr-xr-x. 18 root     root     235 10月  6 01:40 ..
drwxr-xr-x.  3 vftpuser vftpuser  17 10月  6 01:41 ftp
[root@localhost www]# cd ftp
[root@localhost ftp]# mkdir showmuweb
[root@localhost ftp]# mkdir showmuftp
[root@localhost ftp]# mkdir showmuguest

[root@localhost /]# yum install -y tree

[root@localhost /]# tree /www
/www
└── ftp
    ├── pub
    │?? └── upload
    ├── showmuftp
    │?? └── test.txt
    └── showmuweb

2. Create a user list

[root@localhost www]# vim /etc/vsftpd/vftpusers.txt
showmuftp
111111
showmuweb
222222
showmuguest
333333
[root@localhost www]# cd /etc/vsftpd

[root@localhost vsftpd]# ls
ftpusers   vftpusers.txt  vsftpd.conf_2017-10-05  vsftpd.conf.rpmsave
user_list  vsftpd.conf    vsftpd_conf_migrate.sh

[root@localhost vsftpd]# db_load -T -t hash -f /etc/vsftpd/vftpusers.txt /etc/vsftpd/vftpusers.db
[root@localhost vsftpd]# ls
ftpusers   vftpusers.db   vsftpd.conf             vsftpd_conf_migrate.sh
user_list  vftpusers.txt  vsftpd.conf_2017-10-05  vsftpd.conf.rpmsave

3. Modify the verification method

[root@localhost vsftpd]# vim /etc/pam.d/vsftpd

#%PAM-1.0
session    optional     pam_keyinit.so    force revoke
#auth       required    pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth       required    pam_shells.so
#auth       include     password-auth
#account    include     password-auth
auth required pam_userdb.so db=/etc/vsftpd/vftpusers
account required pam_userdb.so db=/etc/vsftpd/vftpusers
session    required     pam_loginuid.so
session    include      password-auth

Fourth, modify the vsftpd.conf settings

[root@localhost vsftpd]# vim /etc/vsftpd/vsftpd.conf
#结果如下
[root@localhost vsftpd]# grep -Ev '(^#\s.*|^#|^$)' vsftpd.conf
anonymous_enable=YES
anon_mkdir_write_enable=YES
anon_root=/www/ftp/pub
local_root=/www/ftp/pub
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=vftpuser
user_config_dir=/etc/vsftpd/vftpuser_conf
allow_writeable_chroot=YES

5. Create individual permissions for each user

root@localhost vsftpd]# mkdir vftpuser_conf
[root@localhost showmuftp]# vim /etc/vsftpd/vftpuser_conf/showmuweb
local_root=/www/ftp/showmuweb
root@localhost vsftpd]# mkdir vftpuser_conf
[root@localhost showmuftp]# vim /etc/vsftpd/vftpuser_conf/showmuftp
local_root=/www/ftp/showmuftp
[root@localhost showmuftp]# vim /etc/vsftpd/vftpuser_conf/showmuguest
local_root=/www/ftp/showmuguest

The above five steps can be completed, restart the vsftpd service.

6. Add or delete users

Repeat the second step and modify the permissions through the fifth step.

Reprinted from http://www.cnblogs.com/showmu/p/7632787.html