vsftp权限控制
2015-07-03 10:58
549 查看
当virtual_use_local_privs=YES时,虚拟用户和本地用户有相同的权限;
当virtual_use_local_privs=NO时,虚拟用户和匿名用户有相同的权限,默认是NO。
当virtual_use_local_privs=YES,write_enable=YES时,虚拟用户具有写权限(上传、下载、删除、重命名)。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=YES,anon_upload_enable=YES时,虚拟用户不能浏览目录,只能上传文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=NO时,虚拟用户只能下载文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=YES时,虚拟用户只能上传和下载文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_mkdir_write_enable=YES时,虚拟用户只能下载文件和创建文件夹,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_other_write_enable=YES时,虚拟用户只能下载、删除和重命名文件,无其他权限。
************************************************************************
虚用户权限:只能上传文件、目录;下载文件、目录;不能删除文件、目录;不能对文件、目录改名字
***************************************************************************
List of raw FTP commands
(Warning: this is a technical document, not necessary for most FTP use.)
这篇技术文档中的命令,并不支持所有的FTP服务
Note that commands marked with a * are not implemented in a number of FTP servers.
文档中的命令凡是带*号的,表示不能被一些FTP服务器使用
转载:http://blog.sina.com.cn/s/blog_755da69701014c3r.html
当virtual_use_local_privs=NO时,虚拟用户和匿名用户有相同的权限,默认是NO。
当virtual_use_local_privs=YES,write_enable=YES时,虚拟用户具有写权限(上传、下载、删除、重命名)。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=YES,anon_upload_enable=YES时,虚拟用户不能浏览目录,只能上传文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=NO时,虚拟用户只能下载文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=YES时,虚拟用户只能上传和下载文件,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_mkdir_write_enable=YES时,虚拟用户只能下载文件和创建文件夹,无其他权限。
当virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_other_write_enable=YES时,虚拟用户只能下载、删除和重命名文件,无其他权限。
************************************************************************
虚用户权限:只能上传文件、目录;下载文件、目录;不能删除文件、目录;不能对文件、目录改名字
local_root=/opt/ftpsite/user2 idle_session_timeout=600 data_connection_timeout=120 max_clients=10 max_per_ip=5 local_max_rate=50000 local_umask=022 cmds_allowed=ABOR,CWD,LIST,MKD,MDTM,PASS,PASV,PORT,PWD,QUIT,RETR,SITE,SIZE,STOR,TYPE,USER,ACCT, APPE,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST
***************************************************************************
List of raw FTP commands
(Warning: this is a technical document, not necessary for most FTP use.)
这篇技术文档中的命令,并不支持所有的FTP服务
Note that commands marked with a * are not implemented in a number of FTP servers.
文档中的命令凡是带*号的,表示不能被一些FTP服务器使用
Common commands ABOR - abort a file transfer 关闭一个文件的传输 CWD - change working directory 改变目录 DELE - delete a remote file 删除远端文件(即ftp服务器上的文件) LIST - list remote files 显示出远端文件 MDTM - return the modification time of a file 返回一个文件的改变时间 MKD - make a remote directory 创建远端目录 NLST - name list of remote directory 远端目录名称列表 PASS - send password 发送密码 PASV - enter passive mode 被动模式 PORT - open a data port 打开数据端口 PWD - print working directory 显示路径 QUIT - terminate the connection 中断连接,退出服务器 RETR - retrieve a remote file 恢复一个远端文件 RMD - remove a remote directory 删除远端目录 RNFR - rename from 重命名到 RNTO - rename to 给...重命名 SITE - site-specific commands SIZE - return the size of a file 返回文件大小 STOR - store a file on the remote host 在远端主机存储一个文件 TYPE - set transfer type 改变传输类型(acsii,bin) USER - send username 发送用户名
Less common commands ACCT* - send account information APPE - append to a remote file CDUP - CWD to the parent of the current directory HELP - return help on using the server MODE - set transfer mode NOOP - do nothing REIN* - reinitialize the connection STAT - return server status STOU - store a file uniquely STRU - set file transfer structure SYST - return system type ABOR Syntax: ABOR Aborts a file transfer currently in progress. ACCT* Syntax: ACCT account-info This command is used to send account information on systems that require it. Typically sent after a PASS command. ALLO Syntax: ALLO size [R max-record-size] Allocates sufficient storage space to receive a file. If the maximum size of a record also needs to be known, that is sent as a second numeric parameter following a space, the capital letter "R", and another space. APPE Syntax: APPE remote-filename Append data to the end of a file on the remote host. If the file does not already exist, it is created. This command must be preceded by a PORT or PASV command so that the server knows where to receive data from. CDUP Syntax: CDUP Makes the parent of the current directory be the current directory. CWD Syntax: CWD remote-directory Makes the given directory be the current directory on the remote host. DELE Syntax: DELE remote-filename Deletes the given file on the remote host. HELP Syntax: HELP [command] If a command is given, returns help on that command; otherwise, returns general help for the FTP server (usually a list of supported commands). LIST Syntax: LIST [remote-filespec] If remote-filespec refers to a file, sends information about that file. If remote-filespec refers to a directory, sends information about each file in that directory. remote-filespec defaults to the current directory. This command must be preceded by a PORT or PASV command. MDTM Syntax: MDTM remote-filename Returns the last-modified time of the given file on the remote host in the format "YYYYMMDDhhmmss": YYYY is the four-digit year, MM is the month from 01 to 12, DD is the day of the month from 01 to 31, hh is the hour from 00 to 23, mm is the minute from 00 to 59, and ss is the second from 00 to 59. MKD Syntax: MKD remote-directory Creates the named directory on the remote host. MODE Syntax: MODE mode-character Sets the transfer mode to one of: S - Stream B - Block C - Compressed The default mode is Stream. NLST Syntax: NLST [remote-directory] Returns a list of filenames in the given directory (defaulting to the current directory), with no other information. Must be preceded by a PORT or PASV command. NOOP Syntax: NOOP Does nothing except return a response. PASS Syntax: PASS password After sending the USER command, send this command to complete the login process. (Note, however, that an ACCT command may have to be used on some systems.) PASV Syntax: PASV Tells the server to enter "passive mode". In passive mode, the server will wait for the client to establish a connection with it rather than attempting to connect to a client-specified port. The server will respond with the address of the port it is listening on, with a message like: 227 Entering Passive Mode (a1,a2,a3,a4,p1,p2) where a1.a2.a3.a4 is the IP address and p1*256+p2 is the port number. PORT Syntax: PORT a1,a2,a3,a4,p1,p2 Specifies the host and port to which the server should connect for the next file transfer. This is interpreted as IP address a1.a2.a3.a4, port p1*256+p2. PWD Syntax: PWD Returns the name of the current directory on the remote host. QUIT Syntax: QUIT Terminates the command connection. REIN* Syntax: REIN Reinitializes the command connection - cancels the current user/password/account information. Should be followed by a USER command for another login. REST Syntax: REST position Sets the point at which a file transfer should start; useful for resuming interrupted transfers. For nonstructured files, this is simply a decimal number. This command must immediately precede a data transfer command (RETR or STOR only); i.e. it must come after any PORT or PASV command. RETR Syntax: RETR remote-filename Begins transmission of a file from the remote host. Must be preceded by either a PORT command or a PASV command to indicate where the server should send data. RMD Syntax: RMD remote-directory Deletes the named directory on the remote host. RNFR Syntax: RNFR from-filename Used when renaming a file. Use this command to specify the file to be renamed; follow it with an RNTO command to specify the new name for the file. RNTO Syntax: RNTO to-filename Used when renaming a file. After sending an RNFR command to specify the file to rename, send this command to specify the new name for the file. SITE* Syntax: SITE site-specific-command Executes a site-specific command. SIZE Syntax: SIZE remote-filename Returns the size of the remote file as a decimal number. STAT Syntax: STAT [remote-filespec] If invoked without parameters, returns general status information about the FTP server process. If a parameter is given, acts like the LIST command, except that data is sent over the control connection (no PORT or PASV command is required). STOR Syntax: STOR remote-filename Begins transmission of a file to the remote site. Must be preceded by either a PORT command or a PASV command so the server knows where to accept data from. STOU Syntax: STOU Begins transmission of a file to the remote site; the remote filename will be unique in the current directory. The response from the server will include the filename. STRU Syntax: STRU structure-character Sets the file structure for transfer to one of: F - File (no structure) R - Record structure P - Page structure The default structure is File. SYST Syntax: SYST Returns a word identifying the system, the word "Type:", and the default transfer type (as would be set by the TYPE command). For example: UNIX Type: L8 TYPE Syntax: TYPE type-character [second-type-character] Sets the type of file to be transferred. type-character can be any of: A - ASCII text E - EBCDIC text I - image (binary data) L - local format For A and E, the second-type-character specifies how the text should be interpreted. It can be: N - Non-print (not destined for printing). This is the default if second-type-character is omitted. T - Telnet format control (<CR>, <FF>, etc.) C - ASA Carriage Control For L, the second-type-character specifies the number of bits per byte on the local system, and may not be omitted. USER Syntax: USER username Send this command to begin the login process. username should be a valid username on the system, or "anonymous" to initiate an anonymous login.
转载:http://blog.sina.com.cn/s/blog_755da69701014c3r.html
相关文章推荐
- Linux socket 初步
- 10 篇对初学者和专家都有用的 Linux 命令教程
- Linux 与 Windows 对UNICODE 的处理方式
- Ubuntu12.04下QQ完美走起啊!走起啊!有木有啊!
- 解決Linux下Android开发真机调试设备不被识别问题
- 运维入门
- 运维提升
- Linux 自检和 SystemTap
- Ubuntu Linux使用体验
- c语言实现hashmap(转载)
- Linux 信号signal处理机制
- linux下mysql添加用户
- Scientific Linux 5.5 图形安装教程
- 基于 Linux 集群环境上 GPFS 的问题诊断
- 谁是桌面王者?Win PK Linux三大镇山之宝
- vivi下重新调整分区
- Linux VS Unix:Linux欲一统天下 Unix不死
- linux下设定环境变量
- Linux下修改MySQL编码的方法