Linux class 0719 vsftp 加密 ESlinux label setup

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (172,25,0,11,116,128).

150 Here comes the directory listing.

drwxr-xr-x    2 0        0               6 Mar 07  2014 pub

226 Directory send OK.

ftp> cd pub

250 Directory successfully changed.

ftp> ls

227 Entering Passive Mode (172,25,0,11,204,202).

150 Here comes the directory listing.

226 Directory send OK.

ftp> ls

227 Entering Passive Mode (172,25,0,11,88,149).

150 Here comes the directory listing.

drwxrwxrwt    2 0        0               6 Jul 19 13:17 upload

on serverX **********************************************************

[root@server0 vsftpd]# getsebool -a|grep ftp

ftp_home_dir --> on

ftpd_anon_write --> off

ftpd_connect_all_unreserved --> off

ftpd_connect_db --> off

ftpd_full_access --> off

ftpd_use_cifs --> off

ftpd_use_fusefs --> off

ftpd_use_nfs --> off

ftpd_use_passive_mode --> off

httpd_can_connect_ftp --> off

httpd_enable_ftp_server --> off

sftpd_anon_write --> off

sftpd_enable_homedirs --> off

sftpd_full_access --> off

sftpd_write_ssh_home --> off

tftp_anon_write --> off

tftp_home_dir --> off

[root@server0 vsftpd]# setsebool -P ftp_home_dir on

vim /etc/vsftpd.conf add the following

  allow_writeable_chroot=YES

[root@server0 vsftpd]# systemctl restart vsftpd

[root@server0 vsftpd]# ll /home/mary/

總計 0

drwxr-xr-x. 2 mary mary 6  7月 19 21:41 www

----------------------------------------------

[root@server0 vsftpd]# cd /var/ftp/pub/

[root@server0 pub]# ll

總計 0

drwxrwxrwt. 2 root root 6  7月 19 21:17 upload

[root@server0 pub]# ll -Z

drwxrwxrwt. root root unconfined_u:object_r:public_content_t:s0 upload

[root@server0 pub]# setsebool -P anon_write_enable on

Boolean anon_write_enable is not defined

[root@server0 pub]# setsebool -P ftpd_anon_write on

[root@server0 pub]# chcon -t public_content_rw_t upload/

[root@server0 pub]# ll -Z

drwxrwxrwt. root root unconfined_u:object_r:public_content_rw_t:s0 upload