通过修改改/etc/hosts.allow 来实现访问控制 但是有个小问题(详见155楼(第11页))

上网、浏览、聊天、下载等
回复
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: 按wiki上的vsftp教程在ubuntu13.04上运行会出bug 其他平台正常 求高人来看看解决下~

#136

帖子 243750496 » 2013-06-21 22:23

我再试试
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: 按wiki上的vsftp教程在ubuntu13.04上运行会出bug 其他平台正常 求高人来看看解决下~

#137

帖子 243750496 » 2013-06-22 21:54

网上搜到的
500 OOPS: cannot change directory:/home/xxx
500 OOPS: priv_sock_get_cmd
Connection closed by remote host.
SELINUX捣的鬼.....

解决方法:

//setsebool使用-P参数,无需每次开机都输入这个命令
# setsebool -P ftpd_disable_trans 1
或者
# setsebool -P ftp_home_dir 1
# service vsftpd restart
不知有没有用
决定再重装一遍
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: 按wiki上的vsftp教程在ubuntu13.04上运行会出bug 其他平台正常 求高人来看看解决下~

#138

帖子 243750496 » 2013-06-23 11:07

装了13.10还是不行 还是同样的配方还是同样的错误 。。。。。
状态: 正在连接 192.168.1.109:21...
状态: 连接建立,等待欢迎消息...
响应: 220 (vsFTPd 3.0.2)
命令: USER anonymous
响应: 331 Please specify the password.
命令: PASS **************
响应: 230 Login successful.
命令: SYST
响应: 215 UNIX Type: L8
命令: FEAT
响应: 211-Features:
响应: EPRT
响应: EPSV
响应: MDTM
响应: PASV
响应: REST STREAM
响应: SIZE
响应: TVFS
响应: UTF8
响应: 211 End
命令: OPTS UTF8 ON
响应: 200 Always in UTF8 mode.
状态: 已连接
状态: 读取目录列表...
命令: PWD
响应: 257 "/"
命令: TYPE I
响应: 200 Switching to Binary mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,109,242,201).
命令: LIST
响应: 150 Here comes the directory listing.
响应: 226 Directory send OK.
状态: 列出目录成功
状态: 读取目录列表...
命令: CWD 111
响应: 250 Directory successfully changed.
命令: PWD
响应: 257 "/111"
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,109,145,245).
命令: LIST
响应: 150 Here comes the directory listing.
响应: 226 Directory send OK.
状态: 列出目录成功
状态: 读取目录列表...
命令: CDUP
响应: 250 Directory successfully changed.
命令: PWD
响应: 257 "/"
状态: 列出目录成功
状态: 正在连接 192.168.1.102:21...
状态: 连接建立,等待欢迎消息...
响应: 220 (vsFTPd 3.0.2)
命令: USER anonymous
响应: 331 Please specify the password.
命令: PASS **************
响应: 230 Login successful.
命令: OPTS UTF8 ON
响应: 200 Always in UTF8 mode.
状态: 已连接
状态: 开始上传 /bin/bash
命令: CWD /111
响应: 250 Directory successfully changed.
命令: PWD
响应: 257 "/111"
命令: TYPE A
响应: 200 Switching to ASCII mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,109,41,226).
命令: STOR bash
错误: Could not write to transfer socket: ECONNRESET - Connection reset by peer
响应: 500 OOPS: priv_sock_get_cmd
错误: 严重文件传输错误
错误: 连接被服务器关闭
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: 按wiki上的vsftp教程在ubuntu13.04上运行会出bug 其他平台正常 求高人来看看解决下~

#139

帖子 243750496 » 2013-06-23 11:08

错误: Could not write to transfer socket: ECONNRESET - Connection reset by peer
这个以前也见过 用filezilla时 ,没大注意 这个是啥问题 咋解决
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#140

帖子 243750496 » 2013-06-23 13:18

我决定换个目录试试 谁能告诉我如何不让他用/srv/ftp这个目录???
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#141

帖子 243750496 » 2013-06-23 13:38

sudo gedit /etc/vsftpd/vsftpd.conf
添加anon_root=/home/cc/AAA即可
local_root表示使用本地用户登录到ftp时的默认目录
anon_root表示匿名用户登录到ftp时的默认目录
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#142

帖子 243750496 » 2013-06-23 13:39

不一样的配方,同样的错误,郁闷了。。。。
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#143

帖子 243750496 » 2013-06-23 13:43

状态: 开始上传 /bin/bzcat
命令: CWD /123
响应: 250 Directory successfully changed.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,115,121).
命令: STOR bzcat
响应: 500 OOPS: priv_sock_get_cmd
错误: 严重文件传输错误
错误: 连接被服务器关闭
无标题.png
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#144

帖子 243750496 » 2013-06-23 15:16

功夫不负有心人 重新按教程http://wiki.ubuntu.org.cn/Vsftpd走了一遍流程:另加上
anon_root=/home/cc/AAA
anon_umask=022
并按照这个地址https://bbs.archlinux.org/viewtopic.php?id=147074所言
加上了seccomp_sandbox=NO
成功解决了
状态: 正在连接 192.168.1.102:21...
状态: 连接建立,等待欢迎消息...
响应: 220 (vsFTPd 3.0.2)
命令: USER anonymous
响应: 331 Please specify the password.
命令: PASS **************
响应: 230 Login successful.
命令: SYST
响应: 215 UNIX Type: L8
命令: FEAT
响应: 211-Features:
响应: EPRT
响应: EPSV
响应: MDTM
响应: PASV
响应: REST STREAM
响应: SIZE
响应: TVFS
响应: UTF8
响应: 211 End
命令: OPTS UTF8 ON
响应: 200 Always in UTF8 mode.
状态: 已连接
状态: 读取目录列表...
命令: PWD
响应: 257 "/"
命令: TYPE I
响应: 200 Switching to Binary mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,151,21).
命令: LIST
响应: 150 Here comes the directory listing.
响应: 226 Directory send OK.
状态: 列出目录成功
状态: 读取目录列表...
命令: CWD 111
响应: 250 Directory successfully changed.
命令: PWD
响应: 257 "/111"
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,224,98).
命令: LIST
响应: 150 Here comes the directory listing.
响应: 226 Directory send OK.
状态: 列出目录成功
状态: 正在连接 192.168.1.102:21...
状态: 连接建立,等待欢迎消息...
响应: 220 (vsFTPd 3.0.2)
命令: USER anonymous
响应: 331 Please specify the password.
命令: PASS **************
响应: 230 Login successful.
命令: OPTS UTF8 ON
响应: 200 Always in UTF8 mode.
状态: 已连接
状态: 开始上传 /bin/busybox
命令: CWD /111
响应: 250 Directory successfully changed.
命令: PWD
响应: 257 "/111"
命令: TYPE A
响应: 200 Switching to ASCII mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,190,125).
命令: STOR busybox
响应: 150 Ok to send data.
响应: 226 Transfer complete.
状态: 文件传输成功,传输了 2.1 MB (用时1 秒)
状态: 读取目录列表...
命令: TYPE I
响应: 200 Switching to Binary mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,111,225).
命令: LIST
响应: 150 Here comes the directory listing.
响应: 226 Directory send OK.
状态: 计算服务器时差...
命令: MDTM busybox
响应: 213 20130623151038
状态: 时差: 服务器为 0 秒。 本地: 28800 秒。 相差: 28800 秒。
状态: 列出目录成功
状态: 开始下载 /111/busybox
状态: 跳过下载 /111/busybox
状态: 文件传输被跳过
状态: 开始下载 /111/busybox
命令: TYPE A
响应: 200 Switching to ASCII mode.
命令: PASV
响应: 227 Entering Passive Mode (192,168,1,102,177,39).
命令: RETR busybox
响应: 550 Failed to open file.
错误: 严重文件传输错误
属主也更改了:
屏幕截图.png
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#145

帖子 243750496 » 2013-06-23 15:16

配置文件
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
#
# Run standalone? vsftpd can run either from an inetd or as a standalone
# daemon started from an initscript.
listen=YES
#
# Run standalone with IPv6?
# Like the listen parameter, except vsftpd will listen on an IPv6 socket
# instead of an IPv4 one. This parameter and the listen parameter are mutually
# exclusive.
#listen_ipv6=YES
#
# Allow anonymous FTP? (Disabled by default)
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# If enabled, vsftpd will display directory listings with the time
# in your local time zone. The default is to display GMT. The
# times returned by the MDTM FTP command are also affected by this
# option.
use_localtime=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
chown_username=root
anon_umask=022
seccomp_sandbox=NO
anon_root=/home/cc/AAA
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may restrict local users to their home directories. See the FAQ for
# the possible risks in this before using chroot_local_user or
# chroot_list_enable below.
#chroot_local_user=YES
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
# the user does not have write access to the top level directory within the
# chroot)
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# Customization
#
# Some of vsftpd's settings don't fit the filesystem layout by
# default.
#
# This option should be the name of a directory which is empty. Also, the
# directory should not be writable by the ftp user. This directory is used
# as a secure chroot() jail at times vsftpd does not require filesystem
# access.
secure_chroot_dir=/var/run/vsftpd/empty
#
# This string is the name of the PAM service vsftpd will use.
pam_service_name=vsftpd
#
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
# This option specifies the location of the RSA key to use for SSL
# encrypted connections.
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#146

帖子 243750496 » 2013-06-23 15:18

相应文件夹权限
幕截图.png
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#147

帖子 243750496 » 2013-06-23 15:19

去掉 seccomp_sandbox=NO后:
错误: Could not write to transfer socket: ECONNRESET - Connection reset by peer
响应: 500 OOPS: priv_sock_get_cmd
错误: 严重文件传输错误
错误: 连接被服务器关闭
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#148

帖子 243750496 » 2013-06-23 15:23

推断之前加上这条都不管用原因:之前不小心在根目录(当时还是/srv/ftp时也没添加seccomp_sandbox=NO 只是按教程修改文件只是加上anon_umask=022而已(可以看我之前的配置文件))上传了个文件结果也没报错 然后filezilla就崩溃了 然后也许引起了vsftpd崩溃 然后加上也不管用了
现在做法:一开始 就设置好新目录及权限 以及seccomp_sandbox=NO 仔细小心的的打开根目录下的文件夹上传文件 而不是不小心直接打开根目录上传 然后导致无法修复的崩溃
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#149

帖子 243750496 » 2013-06-23 15:57

唉~又重装了一遍 又重装了一遍 想弄崩溃都崩溃不了 真是的 在捣鼓成功之前咋招都不行 现在想不行都不行啊 唉~
243750496
帖子: 1037
注册时间: 2012-06-09 15:40
送出感谢: 0
接收感谢: 7 次

Re: vsftp 500 OOPS: priv_sock_get_cmd 错误: 严重文件传输错误(123楼 求高人来

#150

帖子 243750496 » 2013-06-25 13:41

新加了
chroot_local_user=YES

local_root=/home/AAA/BBB
更改默认/home/cc目录
结果filezilla确是
响应: 500 OOPS: cannot change directory:/home/AAA/BBB
错误: 严重错误
错误: 无法连接到服务器
相应权限如下:没有写的权限
截图.png
回复

回到 “互联网相关软件”