vsftpd:500 OOPS: vsftpd: refusing to run with writable root inside chroot ()错误的解决方法

版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/bluishglc/article/details/42399439

当我们限定了用户不能跳出其主目录之后,使用该用户登录FTP时往往会遇到这个错误:

500 OOPS: vsftpd: refusing to run with writable root inside chroot ()

这个问题发生在最新的这是由于下面的更新造成的:

- Add stronger checks for the configuration error of running with a writeable root directory inside a chroot(). This may bite people who carelessly turned on chroot_local_user but such is life.

从2.3.5之后,vsftpd增强了安全检查,如果用户被限定在了其主目录下,则该用户的主目录不能再具有写权限了!如果检查发现还有写权限,就会报该错误。

 要修复这个错误,可以用命令chmod a-w /home/user去除用户主目录的写权限,注意把目录替换成你自己的。或者你可以在vsftpd的配置文件中增加下列两项中的一项:


allow_writeable_chroot=YES


vsftpd500 OOPS: cannot change directory:

09-09

使用的是linux centos7,selinux已经关闭。rn创建用户 xxx.com,指向 目录/var/virtual/xxx.com,开启vsftpd,可以直接ftp登录。rn修改目录 /var/virtual/xxx.com 的chown 为 xxx.com:apache,出现访问域名,提示403.rn将chown apache: -R /var/virtual/xxx.com,访问正常,但是vsftpd就登录不了了,因为目录不是该用户的。rn[code=perl]rnForbiddenrnrnYou don't have permission to access / on this server.rn[/code]rnrnrn打印的命令:rn[code=perl]rn[root@localhost ~]# ls -la /var/virtualrntotal 12rndrwxrwxr-x 3 root root 4096 Sep 9 00:50 .rndrwxr-xr-x 23 root root 4096 Sep 8 23:54 ..rndrwxrw---- 5 apache apache 4096 Sep 9 00:50 xxx.comrnrn[root@localhost ~]# ftp localhostrnTrying ::1...rnftp: connect to address ::1Connection refusedrnTrying 127.0.0.1...rnConnected to localhost (127.0.0.1).rn220 (vsFTPd 3.0.2)rnName (localhost:root): xxx.comrn331 Please specify the password.rnPassword:rn500 OOPS: cannot change directory:/var/virtual/xxx.comrnLogin failed.rnftp> exitrn[root@localhost ~]# uname -arnLinux localhost.localdomain 3.15.4-x86_64-linode45 #1 SMP Mon Jul 7 08:42:36 EDT rn 2014 x86_64 x86_64 x86_64 GNU/Linuxrn[root@localhost ~]#rnrnrn[root@localhost ~]# grep xxx.com /etc/passwdrnxxx.com:x:1000:48::/var/virtual/xxx.com:/bin/bashrn[root@localhost ~]# grep apache /etc/passwdrnapache:x:48:48:Apache:/usr/share/httpd:/sbin/nologinrn[root@localhost ~]# finger xxx.comrnLogin: xxx.com Name:rnDirectory: /var/virtual/xxx.com Shell: /bin/bashrnNever logged in.rnNo mail.rnNo Plan.rn[root@localhost ~]# finger apachernLogin: apache Name: ApachernDirectory: /usr/share/httpd Shell: /sbin/nologinrnNever logged in.rnNo mail.rnNo Plan.rn[/code]

没有更多推荐了,返回首页

私密
私密原因:
请选择设置私密原因
  • 广告
  • 抄袭
  • 版权
  • 政治
  • 色情
  • 无意义
  • 其他
其他原因:
120
出错啦
系统繁忙,请稍后再试