Я создал групповой вызов "Пермь", и у него есть пользователь apache & amp; Ruey.
[root@xxx ~]# groups apache
apache : apache perm
[root@xxx ~]# groups ruey
ruey : ruey perm
я установил группу "Пермь" в мою веб-папку,
sudo chgrp -R perm /var/www
& Амп; добавлено групповое разрешение для папок и их подпапок
sudo chmod -R g+w /var/www
[root@xxx ~]# ls -l /var/www
total 12
drwxrwsrwx+ 4 apache perm 4096 Mar 31 09:23 mydomain.com
drwxrwsrwx+ 2 apache perm 4096 Nov 14 18:05 cgi-bin
drwxrwsrwx+ 2 apache perm 4096 Mar 18 02:52 html
Когда я вошел в ftp, используя ruey, я не смог создать файлы в папке www. я получаю ответ об ошибке
Response: 553 Could not create file.
мой ftp текущий владелец / группа
48/1002
48 is apache
1002 is perm
мой SELinux отключен, кстати.
[root@xxxx ~]# sestatus
SELinux status: disabled
добавил настройку конфигурации vsftpd здесь
# Uncomment this to allow local users to log in.
# When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
журнал аудита после добавления файла в ftp
[root@xxxx ~]# sudo tail /var/log/audit/audit.log
type=USER_START msg=audit(1490967934.517:16331): pid=9646 uid=0 auid=0 ses=1961 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=183.171.64.24 addr=183.171.64.24 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1490967934.601:16332): pid=9648 uid=0 auid=0 ses=1961 msg='op=destroy kind=server fp=b1:31:92:fa:c9:2e:82:06:47:26:16:13:39:de:3a:ee direction=? spid=9648 suid=0 exe="/usr/sbin/sshd" hostname=? addr=183.171.64.24 terminal=pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1490967934.601:16333): pid=9648 uid=0 auid=0 ses=1961 msg='op=destroy kind=server fp=97:89:0d:ba:49:ee:57:0b:a5:16:4a:1e:00:8c:81:7c direction=? spid=9648 suid=0 exe="/usr/sbin/sshd" hostname=? addr=183.171.64.24 terminal=pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1490967934.601:16334): pid=9648 uid=0 auid=0 ses=1961 msg='op=destroy kind=server fp=32:fe:47:34:7c:8c:0f:e4:33:58:2b:4d:ac:69:e3:1c direction=? spid=9648 suid=0 exe="/usr/sbin/sshd" hostname=? addr=183.171.64.24 terminal=pts/1 res=success'
type=USER_LOGIN msg=audit(1490967934.601:16335): pid=9648 uid=0 auid=0 ses=1961 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=183.171.64.24 addr=183.171.64.24 terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1490967934.601:16336): pid=9648 uid=0 auid=0 ses=1961 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=183.171.64.24 addr=183.171.64.24 terminal=/dev/pts/1 res=success'
type=CRED_REFR msg=audit(1490967934.601:16337): pid=9648 uid=0 auid=0 ses=1961 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=183.171.64.24 addr=183.171.64.24 terminal=ssh res=success'
type=USER_CMD msg=audit(1490967986.453:16338): pid=9665 uid=0 auid=0 ses=1961 msg='cwd="/root" cmd=7461696C202F7661722F6C6F672F61756469742F61756469742E6C6F67 terminal=pts/1 res=success'
type=CRED_ACQ msg=audit(1490967986.453:16339): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1490967986.453:16340): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
[root@xxxxx ~]# sudo tail /var/log/audit/audit.log
type=CRED_ACQ msg=audit(1490967986.453:16339): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1490967986.453:16340): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_END msg=audit(1490967986.453:16341): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=CRED_DISP msg=audit(1490967986.453:16342): pid=9665 uid=0 auid=0 ses=1961 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_AUTH msg=audit(1490967997.906:16343): pid=9668 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_listfile,pam_shells,pam_unix acct="ruey" exe="/usr/sbin/vsftpd" hostname=::ffff:183.171.64.24 addr=::ffff:183.171.64.24 terminal=ftp res=success'
type=USER_ACCT msg=audit(1490967997.906:16344): pid=9668 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="ruey" exe="/usr/sbin/vsftpd" hostname=::ffff:183.171.64.24 addr=::ffff:183.171.64.24 terminal=ftp res=success'
type=CRED_ACQ msg=audit(1490967997.906:16345): pid=9668 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_listfile,pam_shells,pam_unix acct="ruey" exe="/usr/sbin/vsftpd" hostname=::ffff:183.171.64.24 addr=::ffff:183.171.64.24 terminal=ftp res=success'
type=USER_CMD msg=audit(1490968000.632:16346): pid=9671 uid=0 auid=0 ses=1961 msg='cwd="/root" cmd=7461696C202F7661722F6C6F672F61756469742F61756469742E6C6F67 terminal=pts/1 res=success'
type=CRED_ACQ msg=audit(1490968000.632:16347): pid=9671 uid=0 auid=0 ses=1961 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1490968000.632:16348): pid=9671 uid=0 auid=0 ses=1961 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
добавлен хвост xferlog
Fri Mar 31 11:42:48 2017 1 ::ffff:118.100.67.46 0 /var/www/example.com/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 11:50:02 2017 1 ::ffff:118.100.67.46 0 /var/www/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 13:32:23 2017 1 ::ffff:183.171.64.24 0 /var/www/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 13:33:38 2017 1 ::ffff:183.171.64.24 0 /var/www/google.txt b _ i r ruey ftp 0 * i
Fri Mar 31 13:46:38 2017 1 ::ffff:183.171.64.24 0 /var/www/lol.php b _ i r ruey ftp 0 * i
Fri Mar 31 14:57:34 2017 1 ::ffff:183.171.76.20 0 /var/www/example.com/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 14:57:48 2017 1 ::ffff:183.171.76.20 0 /var/www/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 15:39:06 2017 1 ::ffff:183.171.76.20 0 /var/www/example.com/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 15:45:12 2017 1 ::ffff:183.171.76.20 0 /var/www/example.com/htdocs/new1.html a _ i r ruey ftp 0 * i
Fri Mar 31 15:46:01 2017 1 ::ffff:183.171.76.20 0 /var/new1.html a _ i r ruey ftp 0 * i
все они возвращают Ответ: 553 Не удалось создать файл.
Помогите........
linux
permissions
centos
ftp
bravo net
источник
источник
Предоставьте нам ваш vsftpd.conf и, в частности, значение 'write_enable'
Ramhound
Хвост и очистить последние 20 строк /var/log/audit/audit.log после попытки создания файла
Ramhound
добавил в мой вопрос.
bravo net
А как насчет журнала?
Ramhound
@Ramhound мне только удается получить это - type = USER_START msg = аудит (1490967230.312: 16301): pid = 9636 uid = 0 auid = 0 ses = 1959 msg = 'op = PAM: session_open grantors = pam_keyinit, pam_limits acct = " root "exe =" / usr / bin / sudo "hostname =? адр =? терминал = / dev / pts / 1 res = успех '
bravo net