A. Installation
1. Install
yum install -y vsftpd
2. Set the boot
systemctl enable vsftpd.service
3. Start
systemctl start vsftpd.service
4. Stop
systemctl stop vsftpd.service
5. View Status
systemctl status vsftpd.service
II. Configuration
1. Open the configuration file
vim /etc/vsftpd/vsftpd.conf
2. Display line numbers
:set number
3. Set
Cancel anonymous login #
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
# Chroot_local_user no local user chroot_list_enable: chroot enable users to customize, chroot_list_file: user custom configuration file location
chroot_local_user = NO
chroot_list_enable = YES
the chroot_list_file = / etc / the vsftpd / chroot_list
Note # ip6 turned out listen
listen = YES
pam_service_name=vsftpd
userlist_enable=YES
= YES tcp_wrappers
#### new new new config own
# Configure access to user-specified directory
user_config_dir = / etc / vsftpd / userconfig
# Chroot allows users to write
allow_writeable_chroot = YES
# Set ftp access the root directory
local_root = / Home / ftpuser
4. Other configuration settings needed to find online
use_localtime=YES listen_port=21 idle_session_timeout=300 guest_enable=YES guest_username=vsftpd user_config_dir=/etc/vsftpd/vconf data_connection_timeout=1 virtual_use_local_privs=YES pasv_min_port=40000 pasv_max_port=40010 accept_timeout=5 connect_timeout=1
allow_writeable_chroot=YES
III. Different users configure different root directory
1.cd /etc/vsftpd/
2.mkdir userconfig
3.cd userconfig/
4. configure different for different users in the root directory of the directory userconfig:
I came test1
local_root=/home/ftpuser/test1/
I came test2
local_root=/home/ftpuser/test2/
IV. Create a user access ftp directory
cd /home
mkdir ftpuser
cd ftpuser
mkdir test1
mkdir test2
V. firewall settings
1. Add 21 port configurations
vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
2.firewall-cmd --zone=public --add-service=ftp --permanent
3.firewall-cmd --zone=public --add-port=21/tcp --permanent
4.firewall-cmd --reload
VI. When you create or delete files can not be uploaded, set permissions
1.getsebool -a | grep ftp
getsebool, list all selinux bool value inventory list and content.
2. setsebool allow_ftpd_anon_write 1
setsebool allow_ftpd_full_access 1
To this result
allow_ftpd_anon_write --> on
allow_ftpd_full_access --> off
Finally, all the settings have systemctl restart vsftpd