vsftp出现str_getpwnam: nobody错误

whtlly

ftp客户端连接出现如下错误
500 OOPS: str_getpwnam: nobody
500 OOPS: child died

为什么啊？是什么原因？
google上转了一圈，有的说是运行权限不够，有的说是没有nobody这个用户，可我是root运行的，也有nobody这个用户啊。请各位大侠帮忙。

下面是我的配置

# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are very paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
#
# Allow anonymous FTP?
anonymous_enable=NO
#no_anon_password=NO
#user_config_dir=/tmp
local_root=/tmp
#anon_root=/tmp/anon
#anon_upload_enable=NO
ftp_username=ftp
#
# Uncomment this to allow local users to log in.
local_enable=YES
listen_port=2021
#
# Uncomment this to enable any form of FTP write command.
write_enable=NO
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=100
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command "SIZE /big/file" in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
secure_chroot_dir=/usr/ftp_secure
#passwd_chroot_enable=YES
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES

pam_service_name=vsftpd
userlist_enable=YES
userlist_deny=NO
#enable for standalone mode
listen=YES
tcp_wrappers=NO

whtlly

忘了说了，我是这样运行的

[root@lfs /]# ( /mnt/lfs/usr/sbin/chroot /lfs /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf & )

出现了上面说的错误，但是如下运行就没有问题

[root@lfs /]# ( /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf & )

下面是/lfs目录下所以文件

[root@lfs lfs]# ls -ARl
.:
total 40
drwxr-xr-x    2 root     root         4096 Oct 23 18:29 bin
drwxr-xr-x    3 root     root         4096 Oct 23 18:10 dev
drwxr-xr-x    3 root     root         4096 Nov  4 17:29 etc
drwxr-xr-x    4 root     root         4096 Nov  4 17:49 home
drwxr-xr-x    2 root     root         4096 Oct 23 18:26 lib
drwxr-x---    5 root     root         4096 Oct 23 18:20 root
drwxr-xr-x    2 root     root         4096 Nov  4 17:23 sbin
drwxrwxrwx    3 root     root         4096 Nov  4 17:08 tmp
drwxr-xr-x    7 root     root         4096 Nov  4 14:59 usr
drwxr-xr-x    3 root     root         4096 Nov  4 14:55 var

./bin:
total 716

./dev:
total 4
crw-r--r--    1 root     root       1,   3 Oct 23 17:51 null
crw-rw-rw-    1 root     root       5,   2 Oct 23 18:02 ptmx
drwxr-xr-x    2 root     root         4096 Oct 23 17:51 pts
crw-------    1 root     root      30,  36 Oct 23 18:09 tcp
crw-------    1 root     root      30,  39 Oct 23 18:10 udp
crw-rw-rw-    1 root     root       1,   5 Oct 23 18:10 zero

./dev/pts:
total 0
crw-------    1 root     root     136,   0 Oct 23 17:51 0

./etc:
total 68
-rw-r--r--    1 root     root          151 Oct 23 17:51 hosts
-rw-r--r--    1 root     root          161 Nov  4 17:29 hosts.allow
-rw-r--r--    1 root     root         1686 Oct 23 17:51 nsswitch.conf
-rw-r--r--    1 root     root         1345 Nov  4 15:19 passwd
-rw-r--r--    1 root     root        19935 Oct 23 17:51 services
-r--------    1 root     root          966 Nov  4 15:19 shadow
drwxr-xr-x    2 root     root         4096 Nov  4 17:47 vsftpd
-rw-r--r--    1 root     root           18 Nov  4 16:46 vsftpd.chroot_list
-rw-------    1 root     root         3916 Nov  4 16:46 vsftpd.conf
-rw-------    1 root     root           63 Nov  4 16:46 vsftpd.ftpusers
-rw-------    1 root     root          300 Nov  4 16:46 vsftpd.user_list

./etc/vsftpd:
total 4
-rw-------    1 root     root         4061 Nov  4 17:15 vsftpd.conf

./home:
total 8
drwx------    2 ws       root         4096 Nov  4 17:50 ws


./home/ws:
total 16
-rw-------    1 root     root           19 Nov  4 17:50 .bash_history
-rw-r--r--    1 root     root           24 Nov  4 17:50 .bash_logout
-rw-r--r--    1 root     root          191 Nov  4 17:50 .bash_profile
-rw-r--r--    1 root     root          124 Nov  4 17:50 .bashrc

./lib:
total 4508
-rwxr-xr-x    1 root     root       103044 Oct 23 17:59 ld-2.3.2.so
-rwxr-xr-x    1 root     root       103044 Oct 23 18:05 ld-linux.so.2
-rwxr-xr-x    1 root     root      1549556 Oct 23 18:00 libc-2.3.2.so
-rwxr-xr-x    1 root     root        10916 Oct 23 18:26 libcap.so.1
-rwxr-xr-x    1 root     root        10916 Oct 23 18:26 libcap.so.1.10
-rwxr-xr-x    1 root     root        23668 Oct 23 18:00 libcrypt-2.3.2.so
-rwxr-xr-x    1 root     root        23668 Oct 23 18:04 libcrypt.so.1
-rwxr-xr-x    1 root     root      1549556 Oct 23 18:04 libc.so.6
-rwxr-xr-x    1 root     root        15084 Oct 23 18:00 libdl-2.3.2.so
-rwxr-xr-x    1 root     root        15084 Oct 23 18:04 libdl.so.2
-rwxr-xr-x    1 root     root       211876 Oct 23 17:59 libm-2.3.2.so
-rwxr-xr-x    1 root     root       211876 Oct 23 18:03 libm.so.6
-rwxr-xr-x    1 root     root       255300 Oct 23 18:04 libncurses.so.5
-rwxr-xr-x    1 root     root        91604 Oct 23 17:59 libnsl-2.3.2.so
-rwxr-xr-x    1 root     root        91604 Oct 23 18:04 libnsl.so.1
-rwxr-xr-x    1 root     root        18416 Oct 23 18:01 libnss_dns-2.3.2.so
-rwxr-xr-x    1 root     root        52472 Oct 23 18:01 libnss_files-2.3.2.so
-rwxr-xr-x    1 root     root        30448 Oct 23 18:03 libpam.so.0
-rwxr-xr-x    1 root     root        30448 Oct 23 17:59 libpam.so.0.75
-rwxr-xr-x    1 root     root        76552 Oct 23 18:01 libresolv-2.3.2.so
-rwxr-xr-x    1 root     root        11784 Oct 23 18:04 libtermcap.so.2
-rwxr-xr-x    1 root     root        11784 Oct 23 18:00 libtermcap.so.2.0.8
-rwxr-xr-x    1 root     root        12696 Oct 23 18:00 libutil-2.3.2.so
-rwxr-xr-x    1 root     root        12696 Oct 23 18:04 libutil.so.1

./root:
total 72
-rw-r--r--    1 root     root         1094 Oct 23 18:20 anaconda-ks.cfg
-rw-------    1 root     root        10671 Oct 23 18:32 .bash_history
-rw-r--r--    1 root     root           24 Oct 23 18:20 .bash_logout
-rw-r--r--    1 root     root          234 Oct 23 18:20 .bash_profile
-rw-r--r--    1 root     root          176 Oct 23 18:20 .bashrc
-rw-r--r--    1 root     root          210 Oct 23 18:20 .cshrc
drwx------    2 root     root         4096 Oct 23 18:20 .gconfd
-rw-r--r--    1 root     root        11266 Oct 23 18:20 install.log
-rw-r--r--    1 root     root         2484 Oct 23 18:20 install.log.syslog
drwx------    2 root     root         4096 Oct 23 18:20 .ssh
drwxr-xr-x    2 root     root         4096 Oct 23 18:20 .ssh2
-rw-r--r--    1 root     root          196 Oct 23 18:20 .tcshrc
-rw-r--r--    1 root     root         1126 Oct 23 18:20 .Xresources

./root/.gconfd:
total 0

./root/.ssh:
total 4
-rw-r--r--    1 root     root         1116 Oct 23 18:20 known_hosts

./root/.ssh2:
total 4
-rw-------    1 root     root          512 Oct 23 18:20 random_seed

./sbin:
total 4
-rwxr-xr-x    1 root     root         2912 Nov  4 17:23 nologin

./tmp:
total 698376
drwxrwxrwx    2 ftp      root         4096 Oct 27 17:35 anon

./tmp/anon:
total 0

./usr:
total 20
d---------    2 root     root         4096 Nov  4 14:59 ftp_secure
drwxr-xr-x    2 root     root         4096 Oct 23 18:27 lib
drwxr-xr-x    4 root     root         4096 Oct 23 18:13 local
drwxr-xr-x    2 root     root         4096 Oct 23 18:28 sbin
drwxr-xr-x    3 root     root         4096 Oct 23 17:51 share

./usr/ftp_secure:
total 0

./usr/lib:
total 312
-rwxr-xr-x    1 root     root       255300 Oct 23 18:00 libncurses.so.5.3
-rwxr-xr-x    1 root     root        28452 Oct 23 18:27 libwrap.so.0
-rwxr-xr-x    1 root     root        28452 Oct 23 18:27 libwrap.so.0.7.6

./usr/local:
total 8
drwxr-xr-x    2 root     root         4096 Oct 23 17:51 lib
drwxr-xr-x    2 root     root         4096 Oct 23 18:13 sbin

./usr/local/lib:
total 0

./usr/local/sbin:
total 0

./usr/sbin:
total 88
-rwxr-xr-x    1 root     root        72512 Oct 23 18:28 vsftpd

./usr/share:
total 4
drwxr-xr-x    3 root     root         4096 Oct 23 17:51 lib

./usr/share/lib:
total 4
drwxr-xr-x    3 root     root         4096 Oct 23 17:51 zoneinfo

./usr/share/lib/zoneinfo:
total 4
drwxr-xr-x    2 root     root         4096 Oct 23 17:51 US

./usr/share/lib/zoneinfo/US:
total 0

./var:
total 4
drwxr-xr-x    2 root     root         4096 Nov  4 14:56 log

./var/log:
total 4
-rw-------    1 root     root            1 Nov  4 14:56 vsftpd.log
[root@lfs lfs]#

laixi781211

( /mnt/lfs/usr/sbin/chroot /lfs /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf & )
这样启动是什么意思?

whtlly

使用chroot啊

whtlly

up

whtlly

没人知道吗？

whtlly

最后顶一次

dragondk

vsftpd 应该不用这种方式来chroot
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
secure_chroot_dir=/usr/ftp_secure
#passwd_chroot_enable=YES
配置文件中设置就可以了。

而且你直接用
( /mnt/lfs/usr/sbin/chroot /lfs /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf & )来chroot是可能有问题的，比如/proc在chroot中也应该挂上啊

whtlly

原帖由 "dragondk" 发表：
vsftpd 应该不用这种方式来chroot
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT..........

看我的配置文件，你上面说的我已经配了，我就是想看看这种方式是否可行。

dragondk

可以看出你是用的lfs系统，在你建立lfs时应该清楚了chroot的用法，你可以用lfs的chroot用法来试一试，我没有试过，不知道vsftpd是否可以在chroot环境中使用。但我觉得没有必要这样使用vsftpd，因为vsftpd自己在程序中已经考虑使用chroot的方式了，没有必要使用两次（环境一次，程序自己一次）。