国产精品99免视看9,国产精品视频入口,红桃视频亚洲

关于“vsftpd 部分本地用户不能��d��”的问题解决

PariScamper — Wed, 27 Feb 2008 14:45:00 GMT

以下文章在我配置vsftpd时有帮助�Q�特转蝲�Q?br />
关于“vsftpd 部分本地用户不能��d��Q�部分可�?#8221;的问题，我重新做�?ji��n)一些实验，我把�q�个问题�l�合实验的结果再重新描述一下，请各位高?sh��)��，帮忙看看可能的原因�?谢谢�?ji��n)�?br />
�pȝ��中原来就有的本地帐号都不能登录，我的/etc/vsftpd/vsftpd.conf文�g的配�|�如下：(x��)
local_enable=YES
write_enable=YES
chroot_local_user=YES
pam_service_name=vsftpd
/etc/pam.d/vsftpd存在且正常�?br />
��d��旉��误信息都是一��L(f��ng)��Q?br /> 500 OOPS: cannot change directory:/home/xxxx
Login failed.
421 Service not available, remote server has closed connection

他们的home目录都是/home/xxxx�?home�?home/xxxx的权限都�?55�?br /> 以上�q�些帐号都不能ftp��d��Q�这些都是��^常经�怋�用的�Q�可以用shell��d��的�?br />
我新创徏�?ji��n)一个usr1帐号�Q?br /> # useradd -G test -d /tmp/usr1 usr1
能ftp��d��Q�他的home�?tmp/usr1,�?分区上。�?home我是mount�?dev/hda9上的�?br /> #mount
/dev/hdb1 on / type ext3 (rw)
/dev/hda9 on /home type ext2 (rw)

所以，我猜惻I��(x��)是否是由�?home分区的原因，而造成“�ȝ��录在/home分区的帐�?#8221;都不能登录呢�Q?br />
��Z��(ji��n)验证以上设想�Q�我试着再创��Z��(ji��n)一个帐��P��
useradd -G test -d /home/usr3 usr3
/home, /home/usr3 的权限都�?55�?br />
usr3 ftp��d��p�|�?
500 OOPS: cannot change directory:/home/usr3
Login failed.
421 Service not available, remote server has closed connection

��x(ch��ng)��Q�我觉得可以��定是由�?home分区的原因，而造成“�ȝ��录在/home分区的帐�?#8221;都不能登录�?br /> 参考文章：(x��)
-----------------------------------------------------------------------------------------
I finished my second upgrade to Fedora Core 4. Not everything is ironed out yet with the build of course. But one thing is for sure a lot has happened to the RedHat I knew before.

I must say of all the changes, for me the nicest addition is the new SELinux extensions. For deep background on the reasons for and theory of SELinux read, The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments

The more I work with SELinux the more I realize I need to know about it, and how exactly it does all its stuff. It certainly changes things relating to users, directories and access. As I am starting to learn it, I'm sure I'm doing things the hard-way. :)

The major difference, so far for me, in Red Hat's SELinux is the way ftp is handled. vsftpd is still the server which is great. However, it seems to be designed to run as a daemon rather than invoked via xinet.d. If you grab a working copy of the xinet.d file for vsftpd you can invoke it via xinet.d wrapper. I did my first server upgrade in this manner. The current one I am trying as a daemon. I certainly think I will miss some of the features that the xinet.d wrapper brings, and may yet return to it.

Of all the issues I saw most notable is if you want to enable chroot directory's outside of the normal /home/xxx vsftpd. These will fail with a

500 OOPS: cannot change directory: /mnt/xxxxx

I was able to use ftp if I logged in with an account with a directory in /home, but once I set a user account to have a home drive outside of /home (in this case on a mounted secondary disk) vsftpd barfs the above.

I found information at the NSA that indicates you can disable SELinux protection of the ftp daemon.

setsebool -P ftpd_disable_trans 1

This seems a bit drastic. It certainly works for now though.

I think ultimately the issue resides with policies, but as SELinux policies are new to me, it will take time before it all gets sorted out. As I spend time with the new SELinux extensions in Fedora Core 4 I will keep you updated on my thoughts and configuration lessons.

---------------------------------------------------------------------------------------

解决办法�Q?br /> --------------------------------------------------------------------------------------
# setsebool ftpd_disable_trans 1
# service vsftpd restart
我用的是FC4�Q�按照你上一帖子里的�Ҏ(gu��)��试了(ji��n)�Q�马上就解决�?ji��n)。所以，可以��定原因��在SELinux�?br /> ------------------------------------------------------------------------------------

PariScamper 2008-02-27 22:45 发表评论

commons-logging和Log4j 日志��理 (zz)

PariScamper — Wed, 12 Dec 2007 06:48:00 GMT

什么要用日志（Log?
System.out.println()?
commons-loggingLog4j?Commons-logginJavaSimpleLog?Log4jJavaLog4jLog4jcommons-logginLog4jcommons-loggingLog4j       commons-loggingLog4jLog4j我想�q�也是�ؓ(f��)什�?#8220;所有用�?/span>Log4jcommons-logginCommons-loggingl         al         l         �q�里看一下它怎么“‘很脓(chu��ng)�?j��)�?#8217;帮我�?#8216;自动选择’‘适当�?#8217;日志实现�pȝ��”�Q?/span>
1)        classpathcommons-logging.propertiesLog2)        commons-logging.propertiesorg.apache.commons.logging.LogLog3)        classpathLog4jLog4j4)        JDKJDK1.45)        commons-loggingSimpleLog�Q�以上顺序不保证完全准确�Q�请参考官�Ҏ(gu��)��档）(j��)

commons-logging12Log4j3SimpleLog       commons-loggingLog4j       commons-loggingcommons-loggingcommons-loggingLog4jJarclasspashcommons-loggingLog4j如果不想�?/span>Log4jclasspathLog4jJar��p��么简单！

代码应该怎么写？

1commongs-loggingimport org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.apache.commons.logging.*;

2org.apache.commons.logging.Logprivate static Log log = LogFactory.getLog(YouClassName.class);

staticLogFactory.getLog()classLogFactory.getLog(this.getClass())staticthis3org.apache.commons.logging.Loglog.debug("111");
log.info("222");
log.warn("333");
log.error("444");
log.fatal("555");

logorg.apache.commons.logging.Logstdoutlog4j.propertiesl         debug()   l         info()      l         warn()    l         error()     l         fatal()      �Ҏ(gu��)��不同的性质�Q�日志信息通常被分成不同的�U�别�Q�从低到高�(sh��)��ơ是�Q?#8220;调试�Q?/span>DEBUGINFOWARNERRORFATAL��Z��么要把日志信息分成不同的�U�别呢？�q�实际上是方便我们更好的控制它。比如，通过Log4j       debug()info()warn()error()fatal()

commons-loggingLog, LogFactory上面所介绍的方法是目前被普通应用的�Q�可以说是被标准化了(ji��n)的方法，几乎所有的人都是这么用。如果不信，或想��认一下，��去下蝲几个知名�?/span>Java

Javapackage liigo.testlog;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class TestLog {
    private static Log log = LogFactory.getLog(TestLog.class);
    public void test()     {
        log.debug("111");
        log.info("222");
        log.warn("333");
        log.error("444");
        log.fatal("555");
    }

    public static void main(String[] args)     {
        TestLog testLog = new TestLog();
        testLog.test();
    }
}

commons-loggingjarclasspath

Log4j应该注意刎ͼ�我们上面�l�出的源代码�Q�完全没有涉�?qi��ng)�?/span>Log4jcommons-logging可是�Q�怎么才能�?/span>Log4jclasspathLog4jjarcommons-loggingLog4jcommons-logging注意�Q�配�|�文�?/span>log4j.propertiesLog4jclasspath       Log4jlog4j.propertiesJavalog4j.propertiesJavalog4j.propertieslog4j.properties
关于Log4j比较全面的配�|?/h5>

LOG4J的配�|�之��单��它遍�?qi��ng)于��来��多的应用中了(ji��n)�?x��)Log4J配置文�g实现�?ji��n)输出到控制台、文件�?/span>

回滚文�g、发送日志邮件、输出到数据库日志表、自定义标签�{�全套功能。择其一二��用就够用�?/span>

log4j.rootLogger=DEBUG,CONSOLE,A1,im
log4j.addivity.org.apache=true

# 应用于控制台
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
log4j.appender.Threshold=DEBUG
log4j.appender.CONSOLE.Target=System.out
log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout
log4j.appender.CONSOLE.layout.ConversionPattern=[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n
#log4j.appender.CONSOLE.layout.ConversionPattern=[start]%d{DATE}[DATE]%n%p[PRIORITY]%n%x[NDC]%n%t[THREAD] n%c[CATEGORY]%n%m[MESSAGE]%n%n

#应用于文�?/font>
log4j.appender.FILE=org.apache.log4j.FileAppender
log4j.appender.FILE.File=file.log
log4j.appender.FILE.Append=false
log4j.appender.FILE.layout=org.apache.log4j.PatternLayout
log4j.appender.FILE.layout.ConversionPattern=[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n
# Use this layout for LogFactor 5 analysis

# 应用于文件回�?/font>
log4j.appender.ROLLING_FILE=org.apache.log4j.RollingFileAppender
log4j.appender.ROLLING_FILE.Threshold=ERROR
log4j.appender.ROLLING_FILE.File=rolling.log
log4j.appender.ROLLING_FILE.Append=true
log4j.appender.ROLLING_FILE.MaxFileSize=10KB
log4j.appender.ROLLING_FILE.MaxBackupIndex=1
log4j.appender.ROLLING_FILE.layout=org.apache.log4j.PatternLayout
log4j.appender.ROLLING_FILE.layout.ConversionPattern=[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n

#应用于socket
log4j.appender.SOCKET=org.apache.log4j.RollingFileAppender
log4j.appender.SOCKET.RemoteHost=localhost
log4j.appender.SOCKET.Port=5001
log4j.appender.SOCKET.LocationInfo=true
# Set up for Log Facter 5
log4j.appender.SOCKET.layout=org.apache.log4j.PatternLayout
log4j.appender.SOCET.layout.ConversionPattern=[start]%d{DATE}[DATE]%n%p[PRIORITY]%n%x[NDC]%n%t[THREAD]%n%c[CATEGORY]%n%m[MESSAGE]%n%n

# Log Factor 5 Appender
log4j.appender.LF5_APPENDER=org.apache.log4j.lf5.LF5Appender
log4j.appender.LF5_APPENDER.MaxNumberOfRecords=2000

# 发送日志给邮�g
log4j.appender.MAIL=org.apache.log4j.net.SMTPAppender
log4j.appender.MAIL.Threshold=FATAL
log4j.appender.MAIL.BufferSize=10
log4j.appender.MAIL.From=web@www.wuset.com
log4j.appender.MAIL.SMTPHost=www.wusetu.com
log4j.appender.MAIL.Subject=Log4J Message
log4j.appender.MAIL.To=web@www.wusetu.com
log4j.appender.MAIL.layout=org.apache.log4j.PatternLayout
log4j.appender.MAIL.layout.ConversionPattern=[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n

# 用于数据�?/font>
log4j.appender.DATABASE=org.apache.log4j.jdbc.JDBCAppender
log4j.appender.DATABASE.URL=jdbc:mysql://localhost:3306/test
log4j.appender.DATABASE.driver=com.mysql.jdbc.Driver
log4j.appender.DATABASE.user=root
log4j.appender.DATABASE.password=
log4j.appender.DATABASE.sql=INSERT INTO LOG4J (Message) VALUES ('[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n')
log4j.appender.DATABASE.layout=org.apache.log4j.PatternLayout
log4j.appender.DATABASE.layout.ConversionPattern=[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n

log4j.appender.A1=org.apache.log4j.DailyRollingFileAppender
log4j.appender.A1.File=SampleMessages.log4j
log4j.appender.A1.DatePattern=yyyyMMdd-HH'.log4j'
log4j.appender.A1.layout=org.apache.log4j.xml.XMLLayout

#自定义Appender
log4j.appender.im = net.cybercorlin.util.logger.appender.IMAppender

log4j.appender.im.host = mail.cybercorlin.net
log4j.appender.im.username = username
log4j.appender.im.password = password
log4j.appender.im.recipient = corlin@cybercorlin.net

log4j.appender.im.layout=org.apache.log4j.PatternLayout
log4j.appender.im.layout.ConversionPattern =[framework] %d - %c -%-4r [%t] %-5p %c %x - %m%n

Trackback: http://tb.blog.csdn.net/TrackBack.aspx?PostId=1545873

PariScamper 2007-12-12 14:48 发表评论

PariScamper — Fri, 12 Oct 2007 11:33:00 GMT

SQL语句�?br /> insert into room(id,bid,name) values(room_seq.nextval,12,'1346S')�Q?br /> room_seq.nextval为取得room_seq的下一值后�Q�取完值后�?x��)自动增�?br /> select room_seq.nextval from dual则选出room_seq的nextval��|��取值后也会(x��)自动增长
select room_seq.currval from dual则选出room_seq的当前��|��取值后不会(x��)自动增长
另外�Q�Oracle不像其他数据库，NVARCHAR2的数据类型的取值居然是'abcd'�Q�单引号�Q�，既不是双引号�Q�也不是无引受��?/p>

PariScamper 2007-10-12 19:33 发表评论

国产精品99免视看9,国产精品视频入口,红桃视频亚洲

关于“vsftpd 部分本地用户不能��d��”的问题解决

commons-logging和Log4j 日志���理 (zz)

commons-logging和Log4j 日志��理 (zz)