设为首页收藏本站

LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
LinuxSir.cn,穿越时空的Linuxsir!»论坛 运维技术 —— LinuxSir.cn 服务器架设、应用、维护 proftp的匿名登录无法设置目录权限 Unable to set anony ...
返回列表 发新帖
查看: 2647|回复: 1

proftp的匿名登录无法设置目录权限 Unable to set anonymous privileges.

[复制链接]
发表于 2007-12-1 23:26:29 | 显示全部楼层 |阅读模式
Gentoo Linux
kernel 2.6.22
proftpd-1.3.1

匿名登录在客户端总是提示说:
530-Unable to set anonymous privileges.

用过proftpd安装后默认的配置,也是同样的错误。已经检查过目录的权限了
也试过设为chmod -R 777 <ftp_home>
但是问题都是一样。

/   hda2            reiserfs
/home/ftp  hda3     reiserfs

系统已存在以下两个用户:
proftpd
ftp

使用系统一般用户帐号登录ftp服务器是没有问题的。

------------------------------------------------------------------------------------------
proftpd服务器输出:
  2. LittleBoy ~ # proftpd --config=/etc/proftpd/proftpd.conf -n -d 10
  3. - mod_facl/0.3: registered 'facl' FS
  4. - mod_tls/2.1.2: using OpenSSL 0.9.8e 23 Feb 2007
  5. - retrieved UID 102 for user 'proftpd'
  6. - retrieved GID 1003 for group 'proftpd'
  7. - <Directory upload>: adding section for resolved path '/upload'
  8. LittleBoy -
  9. LittleBoy - Config for LittleBoy:
  10. LittleBoy - /home/ftp/
  11. LittleBoy -  /upload
  12. LittleBoy -   Limit
  13. LittleBoy -    AllowAll
  14. LittleBoy -   Limit
  15. LittleBoy -    DenyAll
  16. LittleBoy -   Umask
  17. LittleBoy -   DirUmask
  18. LittleBoy -   RequireValidShell
  19. LittleBoy -   DirFakeUser
  20. LittleBoy -   DirFakeGroup
  21. LittleBoy -   MaxClients
  22. LittleBoy -   MaxClientsPerHost
  23. LittleBoy -   TransferRate
  24. LittleBoy -   TransferRate
  25. LittleBoy -   DisplayLogin
  26. LittleBoy -   AllowRetrieveRestart
  27. LittleBoy -   AllowStoreRestart
  28. LittleBoy -  Limit
  29. LittleBoy -   DenyAll
  30. LittleBoy -  RequireValidShell
  31. LittleBoy -  UserName
  32. LittleBoy -  GroupName
  33. LittleBoy -  UserAlias
  34. LittleBoy -  AnonRequirePassword
  35. LittleBoy -  DirFakeUser
  36. LittleBoy -  DirFakeGroup
  37. LittleBoy -  MaxClients
  38. LittleBoy -  MaxClientsPerHost
  39. LittleBoy -  TransferRate
  40. LittleBoy -  TransferRate
  41. LittleBoy -  DisplayLogin
  42. LittleBoy -  AllowRetrieveRestart
  43. LittleBoy -  AllowStoreRestart
  44. LittleBoy -  Umask
  45. LittleBoy - DefaultServer
  46. LittleBoy - ServerIdent
  47. LittleBoy - RequireValidShell
  48. LittleBoy - AuthPAM
  49. LittleBoy - AuthPAMConfig
  50. LittleBoy - AllowRetrieveRestart
  51. LittleBoy - AllowStoreRestart
  52. LittleBoy - TimeoutNoTransfer
  53. LittleBoy - TimeoutStalled
  54. LittleBoy - TimeoutIdle
  55. LittleBoy - Umask
  56. LittleBoy - UserID
  57. LittleBoy - UserName
  58. LittleBoy - GroupID
  59. LittleBoy - GroupName
  60. LittleBoy - ExtendedLog
  61. LittleBoy - ExtendedLog
  62. LittleBoy - ROOT PRIVS at mod_delay.c:299
  63. LittleBoy - RELINQUISH PRIVS at mod_delay.c:301
  64. LittleBoy - ROOT PRIVS at mod_ctrls.c:1618
  65. LittleBoy - RELINQUISH PRIVS at mod_ctrls.c:1620
  66. LittleBoy - mod_lang/0.8: binding to text domain 'proftpd' using locale path '/usr/share/locale'
  67. LittleBoy - retrieved group ID: 1003
  68. LittleBoy - setting group ID: 1003
  69. LittleBoy - SETUP PRIVS at main.c:2824
  70. LittleBoy - ROOT PRIVS at main.c:1895
  71. LittleBoy - RELINQUISH PRIVS at main.c:1902
  72. LittleBoy - ROOT PRIVS at main.c:2228
  73. LittleBoy - opening scoreboard '/var/run/proftpd/proftpd.scoreboard'
  74. LittleBoy - RELINQUISH PRIVS at main.c:2254
  75. LittleBoy - ROOT PRIVS at inet.c:329
  76. LittleBoy - RELINQUISH PRIVS at inet.c:392
  77. LittleBoy - ProFTPD 1.3.1rc2 (devel) (built 2007年 12月 01日 星期六 23:03:52 UTC) standalone mode STARTUP
  78. LittleBoy - ROOT PRIVS at pidfile.c:42
  79. LittleBoy - RELINQUISH PRIVS at pidfile.c:44
  80. LittleBoy - ROOT PRIVS at main.c:1023
  81. LittleBoy - RELINQUISH PRIVS at main.c:1027
  82. LittleBoy - no matching vhost found for 192.168.0.254#21, using DefaultServer 'LittleBoy'
  83. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at main.c:872
  84. LittleBoy (LittleBoy[192.168.0.254]) - SETUP PRIVS at main.c:877
  85. LittleBoy (LittleBoy[192.168.0.254]) - FTP session requested from unknown class
  86. LittleBoy (LittleBoy[192.168.0.254]) - performing module session initializations
  87. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_delay.c:1221
  88. LittleBoy (LittleBoy[192.168.0.254]) - RELINQUISH PRIVS at mod_delay.c:1223
  89. LittleBoy (LittleBoy[192.168.0.254]) - mod_log: opening ExtendedLog '/var/log/proftpd/login.log'
  90. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_log.c:1230
  91. LittleBoy (LittleBoy[192.168.0.254]) - RELINQUISH PRIVS at mod_log.c:1232
  92. LittleBoy (LittleBoy[192.168.0.254]) - mod_log: opening ExtendedLog '/var/log/proftpd/transfer.log'
  93. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_log.c:1230
  94. LittleBoy (LittleBoy[192.168.0.254]) - RELINQUISH PRIVS at mod_log.c:1232
  95. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_auth.c:150
  96. LittleBoy (LittleBoy[192.168.0.254]) - opening scoreboard '/var/run/proftpd/proftpd.scoreboard'
  97. LittleBoy (LittleBoy[192.168.0.254]) - RELINQUISH PRIVS at mod_auth.c:152
  98. LittleBoy (LittleBoy[192.168.0.254]) - performing ident lookup
  99. LittleBoy (LittleBoy[192.168.0.254]) - ident lookup returned 'UNKNOWN'
  100. LittleBoy (LittleBoy[192.168.0.254]) - connected - local  : 192.168.0.254:21
  101. LittleBoy (LittleBoy[192.168.0.254]) - connected - remote : 192.168.0.254:56325
  102. LittleBoy (LittleBoy[192.168.0.254]) - FTP session opened.
  103. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'USER anonymous' to mod_tls
  104. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'USER anonymous' to mod_core
  105. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'USER anonymous' to mod_core
  106. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'USER anonymous' to mod_delay
  107. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'USER anonymous' to mod_auth
  108. LittleBoy (LittleBoy[192.168.0.254]) - dispatching CMD command 'USER anonymous' to mod_ratio
  109. LittleBoy (LittleBoy[192.168.0.254]) - dispatching CMD command 'USER anonymous' to mod_auth
  110. LittleBoy (LittleBoy[192.168.0.254]) - dispatching POST_CMD command 'USER anonymous' to mod_delay
  111. LittleBoy (LittleBoy[192.168.0.254]) - dispatching LOG_CMD command 'USER anonymous' to mod_log
  112. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
  113. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
  114. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
  115. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
  116. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
  117. LittleBoy (LittleBoy[192.168.0.254]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
  118. LittleBoy (LittleBoy[192.168.0.254]) - dispatching CMD command 'PASS (hidden)' to mod_auth
  119. LittleBoy (LittleBoy[192.168.0.254]) - retrieved UID 21 for user 'ftp'
  120. LittleBoy (LittleBoy[192.168.0.254]) - retrieved group ID: 21
  121. LittleBoy (LittleBoy[192.168.0.254]) - retrieved group name: ftp
  122. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_auth.c:478
  123. LittleBoy (LittleBoy[192.168.0.254]) - RELINQUISH PRIVS at mod_auth.c:480
  124. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_auth.c:965
  125. LittleBoy (LittleBoy[192.168.0.254]) - setting group ID: 21
  126. LittleBoy (LittleBoy[192.168.0.254]) - SETUP PRIVS at mod_auth.c:980
  127. LittleBoy (LittleBoy[192.168.0.254]) - ROOT PRIVS at mod_auth.c:1000
  128. LittleBoy (LittleBoy[192.168.0.254]) - setting group ID: 1003
  129. LittleBoy (LittleBoy[192.168.0.254]) - SETUP PRIVS at mod_auth.c:1015
  130. LittleBoy (LittleBoy[192.168.0.254]) - ftp: Directory /home/ftp/ is not accessible.
  131. LittleBoy (LittleBoy[192.168.0.254]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
  132. LittleBoy (LittleBoy[192.168.0.254]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
  133. LittleBoy (LittleBoy[192.168.0.254]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
  134. LittleBoy (LittleBoy[192.168.0.254]) - FTP session closed.
  135. LittleBoy - ROOT PRIVS at mod_ctrls.c:1180
  136. LittleBoy - RELINQUISH PRIVS at mod_ctrls.c:1184
  137. LittleBoy - ProFTPD terminating (signal 2)
  138. LittleBoy - ROOT PRIVS at main.c:1758
  139. LittleBoy - ROOT PRIVS at mod_delay.c:1084
  140. LittleBoy - RELINQUISH PRIVS at mod_delay.c:1086
  141. LittleBoy - RELINQUISH PRIVS at main.c:1780
  142. LittleBoy - ProFTPD 1.3.1rc2 standalone mode SH
复制代码

在客户端匿名登录的输出:
  2. 已连接到 192.168.0.254:21
  3. 220 192.168.0.254 FTP server ready
  4. USER anonymous
  6. 331 Anonymous login ok, send your complete email address as your password
  7. PASS xxxx
  8. 530-Unable to set anonymous privileges.
  9. 530 Login incorrect.
  10. 正在断开与站点 192.168.0.254 的连接
复制代码

配置文件:
/etc/proftpd.conf
  2. #ProFTPD 配置文件──修改时间:2005-04-27
  3. #############################################################################
  4. ServerName          "LittleBoy"
  5. ServerType           standalone
  6. DefaultServer        on
  8. #隐藏服务器版本信息
  9. ServerIdent off
  10. #FTP使用的端口,21是默认
  11. Port                                21
  12. ###############################################################################
  15. ###################################################################################
  16. RequireValidShell        off
  17. AuthPAM                                off
  18. AuthPAMConfig                ftp
  19. ###############################################################################
  22. ###############################################################################
  23. #续传文件
  24. AllowRetrieveRestart on
  25. AllowStoreRestart  on
  27. #超时限制
  28. TimeoutNoTransfer                600
  29. TimeoutStalled                        600
  30. TimeoutIdle                        1200
  32. #设置最大尝试次数
  33. #MaxLoginAttempts 3
  35. #防止DoS攻击,设置最大子进程数为20.如果你要一次多于这个进程数,增加下面的值
  36. #这个设置只有standalone 时有效,在inetd模式你应设置inetd服务器的每个服务数
  37. #量进程数,例如xinetd
  38. MaxInstances                        20
  39. ###############################################################################
  41. #掩码 Umask 022可以有效地防止文件被其他用户或同组用户改写
  42. Umask                                022
  44. #磁盘配额
  45. #Quotas                                on
  47. #上传与下载比率
  48. #Ratios                                on
  49. ###############################################################################
  51. # Set the user and group under which the server will run.
  52. User                proftpd
  53. Group                proftpd
  55. #禁止root登录
  56. #RootLogin off
  58. #DefaultRoot ~
  59. #禁止系统普通用户登录
  60. #<Limit LOGIN>
  61. #        DenyAll
  62. #</Limit>
  63. ###############################################################################
  66. ###############################################################################
  67. #启用日志
  68. LogFormat       auth            "IP:%a Name:%u PASSWD:%A %r At:%t"
  69. LogFormat       readwrite            "IP:%a Name:%u PASSWD:%A %m %F At:%t UsedTime:%T"
  71. #以write的日志格式记录READ,WRITE的日志
  72. ExtendedLog     /var/log/proftpd/transfer.log WRITE,READ readwrite
  74. #以auth的日志格式记录LOGIN的日志
  75. ExtendedLog     /var/log/proftpd/login.log AUTH auth
  77. ##根据自己的需要定制:
  78. ##       %a:客户ip
  79. ##       %A:匿名用户名
  80. ##       %b:发送请求的字节数
  81. ##       %d:目录名(相对路径)
  82. ##       %D:目录名(绝对路径)
  83. ##       %f:上传或下载的文件名(绝对路径)
  84. ##       %F:上传或下载的文件名(相对路径)
  85. ##       %h:客户的域名
  86. ##       %L:本服务器ip
  87. ##       %m:客户发送的命令
  88. ##       %p:本服务器的端口
  89. ##       %P:服务进程的id
  90. ##       %r:客户发送的整条命令
  91. ##       %t:本地时间
  92. ##       %T:传送文件所用的时间(秒)
  93. ##       %u:客户登陆的用户名
  94. ###############################################################################
  98. ###############################################################################
  99. #一个基本的匿名帐号,带有上传目录
  100. <Anonymous /home/ftp>
  101.    RequireValidShell        no
  102.    User                                ftp
  103.    Group                        ftp
  105.    # 用 "anonymous" 代替 "proftpd" 登录
  106.    UserAlias                anonymous      ftp
  107.    AnonRequirePassword off
  109.    # Cosmetic changes, all files belongs to ftp user
  110.    DirFakeUser        on      ftp
  111.    DirFakeGroup on                 ftp
  113.    # 限制每个匿名帐号连接数
  114.    MaxClients                        10        "最大连接10达到了,你等会再来"
  115.    MaxClientsPerHost         3         "对不起,一个IP只允许3个连接"
  116.    
  117.    #下载与上传速率的设置,单位为KByte/s
  118.    TransferRate RETR 4000 user ftp
  119.    TransferRate STOR 2000 user ftp
  121.    #登录时的欢迎信息
  122.    DisplayLogin                        .welcome.msg
  124.    #对这个服务器的根目录下的所有的子目录限制写操作
  125.    <Limit WRITE>
  126.               DenyAll
  127.    </Limit>
  129.    #开匿名上传目录,只能上传而不能下载及修改原有文件
  130.    <Directory upload>
  131.              Umask        022  022
  132.                        <Limit READ WRITE>
  133.                           DenyAll
  134.                       </Limit>
  135.                       <Limit MKD STOR>
  136.                           AllowAll
  137.                       </Limit>
  138.    </Directory>
  139. </Anonymous>
  140. #匿名设置完毕
  141. #
复制代码
回复

使用道具 举报

 楼主| 发表于 2007-12-2 11:38:04 | 显示全部楼层
问题原来在于:acl

USE="-acl" emerge proftpd
去掉proftpd的acl就没有这样的问题的。 内核里reiserfs也开了acl的:
ReiserFS POSIX Access Control Lists
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表