【问题说明】
重启vsftpd服务失败:
[root@data ~]# systemctl restart vsftpd
Job for vsftpd.service failed. See ‘systemctl status vsftpd.service’ and ‘journalctl -xe’ for details.
【查看日志】
首先,根据提示,查看vsftpd的进程状态,提示启动失败,code=exited, status=2:
[root@data ~]# systemctl status vsftpd.service
vsftpd.service – Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since 二 2019-03-12 11:25:39 CST; 1 day 5h ago
Process: 23209 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=2)
Main PID: 988 (code=killed, signal=TERM)
3月 12 11:25:39 qin systemd[1]: Starting Vsftpd ftp daemon…
3月 12 11:25:39 qin systemd[1]: vsftpd.service: control process exited, code=exited status=2
3月 12 11:25:39 qin systemd[1]: Failed to start Vsftpd ftp daemon.
3月 12 11:25:39 qin systemd[1]: Unit vsftpd.service entered failed state.
3月 12 11:25:39 qin systemd[1]: vsftpd.service failed.
其次,根据提示,查看journalctl -xe的内核日志和应用日志:
[root@data ~]# journalctl -xe
—
— Unit user-0.slice has begun shutting down.
3月 13 16:08:29 qin rhnsd[1016]: /etc/sysconfig/rhn/systemid does not exist or is unreadable
3月 13 16:12:27 qin sshd[25906]: Accepted password for root from 172.16.. port 45676 ssh2
3月 13 16:12:27 qin systemd[1]: Created slice user-0.slice.
— Subject: Unit user-0.slice has finished start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit user-0.slice has finished starting up.
—
— The start-up result is done.
3月 13 16:12:27 qin systemd[1]: Starting user-0.slice.
— Subject: Unit user-0.slice has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit user-0.slice has begun starting up.
3月 13 16:12:27 qin systemd-logind[700]: New session 136 of user root.
— Subject: A new session 136 has been created for user root
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
— Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
—
— A new session with the ID 136 has been created for the user root.
—
— The leading process of the session is 25906.
3月 13 16:12:27 qin systemd[1]: Started Session 136 of user root.
— Subject: Unit session-136.scope has finished start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit session-136.scope has finished starting up.
—
— The start-up result is done.
3月 13 16:12:27 qin systemd[1]: Starting Session 136 of user root.
— Subject: Unit session-136.scope has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
—
— Unit session-136.scope has begun starting up.
3月 13 16:12:27 qin sshd[25906]: pam_unix(sshd:session): session opened for user root by (uid=0)
3月 13 16:20:01 qin sz[25937]: [root] vsftpd.conf/ZMODEM: 5075 Bytes, 62389 BPS
3月 13 16:28:40 qin sz[25953]: [root] vsftpd.conf/ZMODEM: 5075 Bytes, 428956 BPS
【解决方法参考】
方法一,vsftpd默认用的21端口被占用,关掉占用进程,以释放21端口:
命令1,查看21端口使用情况:
[root@data ~]# netstat -anp|grep 21
如果有进程在使用21端口,可以用命令2,关掉该进程:
[root@data ~]# kill PID(占用21端口的进程PID)
方法二,当前网络环境不支持IPv6,将配置文件/etc/vsftpd/vsftpd.conf中的listen_ipv6=YES配置为listen_ipv6=NO,或者在该行前用#注释掉;
命令1:vi /etc/vsftpd/vsftpd.conf
命令2:找到listen_ipv6=YES所在行,点击i(vi编辑器里的insert编辑)编辑,关闭或注释掉;
命令3:点击Esc,:wq保存即可。
方法三,虚拟用户配置文件中,文件名与虚拟用户名不一致导致,修改为一致即可。
如果有其他方法,欢迎互相分享难题,交流进步!
附/etc/vsftpd/vsftpd.conf:
Example config file /etc/vsftpd/vsftpd.conf
The default compiled in settings are fairly paranoid. This sample file
loosens things up a bit, to make the ftp daemon more usable.
Please see vsftpd.conf.5 for all compiled in defaults.
READ THIS: This example file is NOT an exhaustive list of vsftpd options.
Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd’s
capabilities.
Allow anonymous FTP? (Beware – allowed by default if you comment this out).
anonymous_enable=YES
Uncomment this to allow local users to log in.
When SELinux is enforcing check for SE bool ftp_home_dir
local_enable=YES
Uncomment this to enable any form of FTP write command.
write_enable=YES
Default umask for local users is 077. You may wish to change this to 022,
if your users expect that (022 is used by most other ftpd’s)
local_umask=022
Uncomment this to allow the anonymous FTP user to upload files. This only
has an effect if the above global write enable is activated. Also, you will
obviously need to create a directory writable by the FTP user.
When SELinux is enforcing check for SE bool allow_ftpd_anon_write, allow_ftpd_full_access
anon_upload_enable=YES
Uncomment this if you want the anonymous FTP user to be able to create
new directories.
anon_mkdir_write_enable=YES
Activate directory messages – messages given to remote users when they
go into a certain directory.
dirmessage_enable=YES
Activate logging of uploads/downloads.
xferlog_enable=YES
Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
If you want, you can arrange for uploaded anonymous files to be owned by
a different user. Note! Using “root” for uploaded files is not
recommended!
chown_uploads=YES
chown_username=whoever
You may override where the log file goes if you like. The default is shown
below.
xferlog_file=/var/log/xferlog
If you want, you can have your log file in standard ftpd xferlog format.
Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
You may change the default value for timing out an idle session.
idle_session_timeout=600
You may change the default value for timing out a data connection.
data_connection_timeout=120
It is recommended that you define on your system a unique user which the
ftp server can use as a totally isolated and unprivileged user.
nopriv_user=ftpsecure
Enable this and the server will recognise asynchronous ABOR requests. Not
recommended for security (the code is non-trivial). Not enabling it,
however, may confuse older FTP clients.
async_abor_enable=YES
By default the server will pretend to allow ASCII mode but in fact ignore
the request. Turn on the below options to have the server actually do ASCII
mangling on files when in ASCII mode.
Beware that on some FTP servers, ASCII support allows a denial of service
attack (DoS) via the command “SIZE /big/file” in ASCII mode. vsftpd
predicted this attack and has always been safe, reporting the size of the
raw file.
ASCII mangling is a horrible feature of the protocol.
ascii_upload_enable=YES
ascii_download_enable=YES
You may fully customise the login banner string:
You may specify a file of disallowed anonymous e-mail addresses. Apparently
useful for combatting certain DoS attacks.
deny_email_enable=YES
(default follows)
banned_email_file=/etc/vsftpd/banned_emails
You may specify an explicit list of local users to chroot() to their home
directory. If chroot_local_user is YES, then this list becomes a list of
users to NOT chroot().
(Warning! chroot’ing can be very dangerous. If using chroot, make sure that
the user does not have write access to the top level directory within the
chroot)
chroot_local_user=YES
chroot_list_enable=YES
(default follows)
chroot_list_file=/etc/vsftpd/chroot_list
You may activate the “-R” option to the builtin ls. This is disabled by
default to avoid remote users being able to cause excessive I/O on large
sites. However, some broken FTP clients such as “ncftp” and “mirror” assume
the presence of the “-R” option, so there is a strong case for enabling it.
ls_recurse_enable=YES
When “listen” directive is enabled, vsftpd runs in standalone mode and
listens on IPv4 sockets. This directive cannot be used in conjunction
with the listen_ipv6 directive.
listen=NO
This directive enables listening on IPv6 sockets. By default, listening
on the IPv6 “any” address (::) will accept connections from both IPv6
and IPv4 clients. It is not necessary to listen on both IPv4 and IPv6
sockets. If you want that (perhaps because you want to listen on specific
addresses) then you must run two copies of vsftpd with two configuration
files.
Make sure, that one of the listen options is commented !!
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
use_localtime=YES
reverse_lookup_enable=NO
方法四 ,根据上提示:/etc/vsftpd/vsftpd.conf 有问题,看来看去也没发现错误,几遍重启之后,觉可能能是文件里有空格,因为上次修改/etc/vsftpd/vsftpd.conf这个文件是,一不小心整只手按到了键盘上,我也不知道动了哪些字,所以就开始检查这个文件里面的空格 以及文件格式多看看:
通过以上方法大家可以试试,希望能帮助到大家!!!
Original: https://www.cnblogs.com/angelasp/p/13409382.html
Author: Angelasp
Title: CentOS7.2解决vsftpd启动失败,code=exited,status=2问题的几个方法参考
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/611232/
转载文章受原作者版权保护。转载请注明原作者出处!