# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
# uname -r
3.10.0-514.el7.x86_64
# setenforce 0
# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# firewall-cmd --get-service //查看在firewall中的服务名称
# firewall-cmd --zone=public --permanent --add-service=ftp //打开ftp服务
# firewall-cmd --reload //重新载入,更新防火墙规则
# systemctl restart firewalld //重启防火墙
# firewall-cmd --state //查看firewall的状态
# yum -y install vsftpd
# getsebool -a | grep ftp
getsebool: SELinux is disabled
# yum -y install pam* libdb-utils libdb*
# cat /etc/vsftpd/ftpusers.txt
ftpuser001
ftp2345
ftpuser002
ftp2345
# db_load -T -t hash -f /etc/vsftpd/ftpusers.txt /etc/vsftpd/vsftpd_login.db
# chmod 700 /etc/vsftpd/vsftpd_login.db
# cat /etc/pam.d/vsftpd
auth required pam_userdb.so db=/etc/vsftpd/vsftpd_login
account required pam_userdb.so db=/etc/vsftpd/vsftpd_login
# useradd -s /sbin/nologin ftpuser
//完整配置文件如下
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/xferlog
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=ftpuser
user_config_dir=/etc/vsftpd/vsftpd_user_conf
virtual_use_local_privs=YES
pam_service_name=vsftpd
guest_enable=YES
guest_username=ftpuser
user_config_dir=/etc/vsftpd/vsftpd_user_conf
virtual_use_local_privs=YES
# mkdir -p /etc/vsftpd/vsftpd_user_conf
# cat /etc/vsftpd/vsftpd_user_conf/ftpuser001
local_root=/home/ftpuser/ftpuser001
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
# cat /etc/vsftpd/vsftpd_user_conf/ftpuser002
local_root=/home/ftpuser/ftpuser002
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
# mkdir -p /home/ftpuser/{ftpuser001,ftpuser002}
# chown -R ftpuser:ftpuser /home/ftpuser/
local_root=/home/ftpuser/ftpuser001
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
# systemctl restart vsftpd.service
来源 http://www.linuxidc.com/Linux/2017-06/144886.htm