vsftpd
创建目标文件夹
$ cd /usr/local
$ mkdir docker
$ cd docker
$ mkdir vsftpd
$ cd vsftpd
$ vi docker-compose.yml
创建docker-compose.yml
内容如下:
version: '3.1'
services:
#服务名称
ftp:
#容器名称
container_name: ftp
#镜像名称
image: docker.io/fauria/vsftpd
#总是重启后启动
restart: always
#端口映射
ports:
- "21:21"
- "20:20"
- "55540-55550:55540-55550"
#挂载
volumes:
- ./data:/home/vsftpd/ycq
- ./conf/vsftpd.conf:/etc/vsftpd/vsftpd.conf
#环境变量
environment:
- FTP_USER=ycq
- FTP_PASS=123456
- PASV_ADDRESS=#宿主机IP
- PASV_MIN_PORT=55540
- PASV_MAX_PORT=55550
FTP_USER
、FTP_PASS
根据需要更改
FTP_USER
更改后,/home/vsftpd/ycq
也要跟着改动
PASV_ADDRESS
需要更改为宿主机IP
创建配置vsftpd.conf
$ mkdir conf
$ cd conf
$ vi vsftpd.conf
# Run in the foreground to keep the container running:
background=NO
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# Uncomment this to allow local users to log in.
local_enable=YES
## Enable virtual users
guest_enable=YES
## Virtual users will use the same permissions as anonymous
virtual_use_local_privs=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES
## PAM file name
pam_service_name=vsftpd_virtual
## Home Directory for virtual users
user_sub_token=$USER
local_root=/home/vsftpd/$USER
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_local_user=YES
# Workaround chroot check.
# See https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
# and http://serverfault.com/questions/362619/why-is-the-chroot-local-user-of-vsftpd-insecure
allow_writeable_chroot=YES
## Hide ids from user
hide_ids=YES
## Enable logging
xferlog_enable=YES
xferlog_file=/var/log/vsftpd/vsftpd.log
## Enable active mode
port_enable=YES
connect_from_port_20=YES
ftp_data_port=20
##?Disable seccomp filter sanboxing
seccomp_sandbox=NO
pasv_addr_resolve=YES
pasv_enable=YES
pasv_address=##宿主机IP
pasv_max_port=55550
pasv_min_port=55540
idle_session_timeout=0
pasv_enable=YES
xferlog_std_format=NO
reverse_lookup_enable=YES
pasv_promiscuous=NO
pasv_address=##宿主机IP
pasv_max_port=55550
pasv_min_port=55540
pasv_addr_resolve=YES
pasv_enable=YES
file_open_mode=0666
local_umask=077
xferlog_std_format=NO
reverse_lookup_enable=YES
pasv_promiscuous=NO
port_promiscuous=NO
pasv_address
需要更改为宿主机IP