當virtual_use_local_privs=YES時,虛擬用戶和本地用戶有相同的權限;
當virtual_use_local_privs=NO時,虛擬用戶和匿名用戶有相同的權限,默認是NO。
當virtual_use_local_privs=YES,write_enable=YES時,虛擬用戶具有寫權限(上傳、下載、刪除、重命名)。
當virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=YES,anon_upload_enable=YES時,虛擬用戶不能瀏覽目錄,只能上傳文件,無其他權限。
當virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=NO時,虛擬用戶只能下載文件,無其他權限。
當virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_upload_enable=YES時,虛擬用戶只能上傳和下載文件,無其他權限。
當virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_mkdir_write_enable=YES時,虛擬用戶只能下載文件和創建文件夾,無其他權限。
當virtual_use_local_privs=NO,write_enable=YES,anon_world_readable_only=NO,anon_other_write_enable=YES時,虛擬用戶只能下載、刪除和重命名文件,無其他權限。
************************************************************************
虛用戶權限:只能上傳文件、目錄;下載文件、目錄;不能刪除文件、目錄;不能對文件、目錄改名字
local_root=/opt/ftpsite/user2
idle_session_timeout=600
data_connection_timeout=120
max_clients=10
max_per_ip=5
local_max_rate=50000
local_umask=022
cmds_allowed=ABOR,CWD,LIST,MKD,MDTM,PASS,PASV,PORT,PWD,QUIT,RETR,SITE,SIZE,STOR,TYPE,USER,ACCT,
APPE,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST
***************************************************************************
List of raw FTP commands
(Warning: this is a technical document, not necessary for most FTP use.)
這篇技術文檔中的命令,並不支持所有的FTP服務
Note that commands marked with a * are not implemented in a number of FTP servers.
文檔中的命令凡是帶*號的,表示不能被一些FTP服務器使用
Common commands
ABOR - abort a file transfer 關閉一個文件的傳輸
CWD - change working directory 改變目錄
DELE - delete a remote file 刪除遠端文件(即ftp服務器上的文件)
LIST - list remote files 顯示出遠端文件
MDTM - return the modification time of a file 返回一個文件的改變時間
MKD - make a remote directory 創建遠端目錄
NLST - name list of remote directory 遠端目錄名稱列表
PASS - send password 發送密碼
PASV - enter passive mode 被動模式
PORT - open a data port 打開數據端口
PWD - print working directory 顯示路徑
QUIT - terminate the connection 中斷連接,退出服務器
RETR - retrieve a remote file 恢復一個遠端文件
RMD - remove a remote directory 刪除遠端目錄
RNFR - rename from 重命名到
RNTO - rename to 給...重命名
SITE - site-specific commands
SIZE - return the size of a file 返回文件大小
STOR - store a file on the remote host 在遠端主機存儲一個文件
TYPE - set transfer type 改變傳輸類型(acsii,bin)
USER - send username 發送用戶名
Less common commands
ACCT* - send account information
APPE - append to a remote file
CDUP - CWD to the parent of the current directory
HELP - return help on using the server
MODE - set transfer mode
NOOP - do nothing
REIN* - reinitialize the connection
STAT - return server status
STOU - store a file uniquely
STRU - set file transfer structure
SYST - return system type
ABOR
Syntax: ABOR
Aborts a file transfer currently in progress.
ACCT*
Syntax: ACCT account-info
This command is used to send account information on systems that require it. Typically sent after a PASS command.
ALLO
Syntax: ALLO size [R max-record-size]
Allocates sufficient storage space to receive a file. If the maximum size of a record also needs to be known, that is sent as a second numeric parameter following a space, the capital letter "R", and another space.
APPE
Syntax: APPE remote-filename
Append data to the end of a file on the remote host. If the file does not already exist, it is created. This command must be preceded by a PORT or PASV command so that the server knows where to receive data from.
CDUP
Syntax: CDUP
Makes the parent of the current directory be the current directory.
CWD
Syntax: CWD remote-directory
Makes the given directory be the current directory on the remote host.
DELE
Syntax: DELE remote-filename
Deletes the given file on the remote host.
HELP
Syntax: HELP [command]
If a command is given, returns help on that command; otherwise, returns general help for the FTP server (usually a list of supported commands).
LIST
Syntax: LIST [remote-filespec]
If remote-filespec refers to a file, sends information about that file. If remote-filespec refers to a directory, sends information about each file in that directory. remote-filespec defaults to the current directory. This command must be preceded by a PORT or PASV command.
MDTM
Syntax: MDTM remote-filename
Returns the last-modified time of the given file on the remote host in the format "YYYYMMDDhhmmss": YYYY is the four-digit year, MM is the month from 01 to 12, DD is the day of the month from 01 to 31, hh is the hour from 00 to 23, mm is the minute from 00 to 59, and ss is the second from 00 to 59.
MKD
Syntax: MKD remote-directory
Creates the named directory on the remote host.
MODE
Syntax: MODE mode-character
Sets the transfer mode to one of:
S - Stream
B - Block
C - Compressed
The default mode is Stream.
NLST
Syntax: NLST [remote-directory]
Returns a list of filenames in the given directory (defaulting to the current directory), with no other information. Must be preceded by a PORT or PASV command.
NOOP
Syntax: NOOP
Does nothing except return a response.
PASS
Syntax: PASS password
After sending the USER command, send this command to complete the login process. (Note, however, that an ACCT command may have to be used on some systems.)
PASV
Syntax: PASV
Tells the server to enter "passive mode". In passive mode, the server will wait for the client to establish a connection with it rather than attempting to connect to a client-specified port. The server will respond with the address of the port it is listening on, with a message like:
227 Entering Passive Mode (a1,a2,a3,a4,p1,p2)
where a1.a2.a3.a4 is the IP address and p1*256+p2 is the port number.
PORT
Syntax: PORT a1,a2,a3,a4,p1,p2
Specifies the host and port to which the server should connect for the next file transfer. This is interpreted as IP address a1.a2.a3.a4, port p1*256+p2.
PWD
Syntax: PWD
Returns the name of the current directory on the remote host.
QUIT
Syntax: QUIT
Terminates the command connection.
REIN*
Syntax: REIN
Reinitializes the command connection - cancels the current user/password/account information. Should be followed by a USER command for another login.
REST
Syntax: REST position
Sets the point at which a file transfer should start; useful for resuming interrupted transfers. For nonstructured files, this is simply a decimal number. This command must immediately precede a data transfer command (RETR or STOR only); i.e. it must come after any PORT or PASV command.
RETR
Syntax: RETR remote-filename
Begins transmission of a file from the remote host. Must be preceded by either a PORT command or a PASV command to indicate where the server should send data.
RMD
Syntax: RMD remote-directory
Deletes the named directory on the remote host.
RNFR
Syntax: RNFR from-filename
Used when renaming a file. Use this command to specify the file to be renamed; follow it with an RNTO command to specify the new name for the file.
RNTO
Syntax: RNTO to-filename
Used when renaming a file. After sending an RNFR command to specify the file to rename, send this command to specify the new name for the file.
SITE*
Syntax: SITE site-specific-command
Executes a site-specific command.
SIZE
Syntax: SIZE remote-filename
Returns the size of the remote file as a decimal number.
STAT
Syntax: STAT [remote-filespec]
If invoked without parameters, returns general status information about the FTP server process. If a parameter is given, acts like the LIST command, except that data is sent over the control connection (no PORT or PASV command is required).
STOR
Syntax: STOR remote-filename
Begins transmission of a file to the remote site. Must be preceded by either a PORT command or a PASV command so the server knows where to accept data from.
STOU
Syntax: STOU
Begins transmission of a file to the remote site; the remote filename will be unique in the current directory. The response from the server will include the filename.
STRU
Syntax: STRU structure-character
Sets the file structure for transfer to one of:
F - File (no structure)
R - Record structure
P - Page structure
The default structure is File.
SYST
Syntax: SYST
Returns a word identifying the system, the word "Type:", and the default transfer type (as would be set by the TYPE command). For example: UNIX Type: L8
TYPE
Syntax: TYPE type-character [second-type-character]
Sets the type of file to be transferred. type-character can be any of:
A - ASCII text
E - EBCDIC text
I - image (binary data)
L - local format
For A and E, the second-type-character specifies how the text should be interpreted. It can be:
N - Non-print (not destined for printing). This is the default if second-type-character is omitted.
T - Telnet format control (<CR>, <FF>, etc.)
C - ASA Carriage Control
For L, the second-type-character specifies the number of bits per byte on the local system, and may not be omitted.
USER
Syntax: USER username
Send this command to begin the login process. username should be a valid username on the system, or "anonymous" to initiate an anonymous login.