Chinaunix

标题: 求助:red hat 5 vsftp 虚拟账户不能登录 [打印本页]
作者: dyanlinux    时间: 2011-05-04 21:59
标题: 求助:red hat 5 vsftp 虚拟账户不能登录
root@localhost ~]# ftp localhost
Connected to localhost.localdomain.
220 Welcome to blah FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): test
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> mkdir problem
257 "/home/test/problem" created
ftp>
没配置虚拟用户之前匿名用户和本地用户均可以登录。

下面的虚拟用户的配置:

[root@localhost ~]# cat /etc/vsftpd/vsftpd.conf
#anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
#anon_upload_enable=YES
#anon_mkdir_write_enable=YES
#dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
#chown_uploads=YES
#chown_username=whoever
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
#idle_session_timeout=600
#data_connection_timeout=120
#nopriv_user=ftpsecure
#async_abor_enable=YES
#ascii_upload_enable=YES
#ascii_download_enable=YES
ftpd_banner=Welcome to blah FTP service.
#deny_email_enable=YES
#banned_email_file=/etc/vsftpd/banned_emails
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
#ls_recurse_enable=YES
listen=YES
#listen_ipv6=YES
pam_service_name=vvsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=yes
guest_username=test
virtual_use_local_privs=yes
[root@localhost ~]# cat /etc/pam.d/vvsftpd
auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vuserdb
accound required /lib/security/pam_userdb.so db=/etc/vsftpd/vuserdb
[root@localhost ~]# cat /etc/vsftpd/vuserdb
tp1
123
ftp2
123
[root@localhost ~]# cat /etc/vsftpd/chroot_list
ftp1
ftp2
[root@localhost test]# cat /etc/passwd
test:501:501::/home/test:/sbin/nologin
[root@localhost test]# ll /home
drwx------ 2 dhost dhost  4096 Apr 16 14:51 dhost
drwx------ 2 root  root  16384 Apr 16 14:32 lost+found
drwxr--r-- 2 test  test   4096 May  4 13:29 test
[root@localhost test]# ftp localhost
Connected to localhost.localdomain.
220 Welcome to blah FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): ftp1
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp>
[root@localhost sysconfig]# cat selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

执行过setsebool ftpd_disable_trans 1了

都两天了,一点进展都没有,大家分析分析是什么问题?谢谢!
作者: chenyx    时间: 2011-05-04 22:16
db文件生成了没有?就是用db_load转换你的那个文件
作者: cjavavb    时间: 2011-05-04 22:41
以前我做的时候主要是虚拟用户生成错误(chenyx提到的DB文件)一般重新生成一遍就ok了

tp1
123
ftp2
123
如果以上格式不行,我就换用:
tp1/123
ftp2/123



祝好运,请LZ记得结贴,并将错误原因说出来
作者: dyanlinux    时间: 2011-05-05 09:19
回复 2# chenyx


    用db_load -T -f hash -f /etc/vsftpd/vuserdb  /etc/vsftpd /vuserdb.db 转换了,有这个文件。
作者: dyanlinux    时间: 2011-05-05 09:21
回复 3# cjavavb


    一定一定。。
作者: chenyx    时间: 2011-05-05 09:34
楼主试试用setenforce 0 暂时关闭selinux,重启下vsftp,看看
作者: taojie2000    时间: 2011-05-05 10:59
回复 1# dyanlinux


    accound required     应为  account required



欢迎光临 Chinaunix (http://bbs.chinaunix.net/) Powered by Discuz! X3.2