問題:在AIX操作系統中,用root用戶ftp文件到AIX上后,文件的默認權限是rw-r-----,Oracle用戶無法讀取。有沒有辦法指定上傳文件的權限呢?
環境: AIX 6.1
解決方法:
1、在客戶端設置。
關鍵要看客戶端是否支持site命令,執行site umask 022進行設置。
[sycms1@root]/etc>ftp 138.*.*.*
Connected to 138.*.*.*.
220 gywlapp FTP server (Version 4.2 Wed Dec 23 11:06:15 CST 2009) ready.
Name (138.*.*.*:root): root
331 Password required for root.
Password:
230-Last unsuccessful login: Tue Feb 22 10:03:46 CST 2011 on /dev/pts/1 from 192.168.100.111
230-Last login: Tue Mar 1 17:44:36 CST 2011 on ftp from ::ffff:138.*.*.*
230 User root logged in.
ftp> ?
Commands may be abbreviated. Commands are:
Connected to 138.*.*.*.
220 gywlapp FTP server (Version 4.2 Wed Dec 23 11:06:15 CST 2009) ready.
Name (138.*.*.*:root): root
331 Password required for root.
Password:
230-Last unsuccessful login: Tue Feb 22 10:03:46 CST 2011 on /dev/pts/1 from 192.168.100.111
230-Last login: Tue Mar 1 17:44:36 CST 2011 on ftp from ::ffff:138.*.*.*
230 User root logged in.
ftp> ?
Commands may be abbreviated. Commands are:
! image reget
$ lcd reinitialize
account local remotehelp
append ls rename
ascii macdef reset
bell mdelete restart
binary mdir rhelp
block mget rmdir
bye mkdir rstatus
carriage-control mls runique
case mode safe
cd modtime send
cdup mount sendport
clear mput site
close nmap size
copylocal nlist status
cr non-print stream
delete ntrans struct
debug open sunique
dir passive system
disconnect private telnet
ebcdic prompt tenex
epsv protect trace
exp_cmd proxy type
file put user
form pwd verbose
get quit ?
glob quote clearcom
hash record
help recv
-- 可以看到aix的默認工具支持site
$ lcd reinitialize
account local remotehelp
append ls rename
ascii macdef reset
bell mdelete restart
binary mdir rhelp
block mget rmdir
bye mkdir rstatus
carriage-control mls runique
case mode safe
cd modtime send
cdup mount sendport
clear mput site
close nmap size
copylocal nlist status
cr non-print stream
delete ntrans struct
debug open sunique
dir passive system
disconnect private telnet
ebcdic prompt tenex
epsv protect trace
exp_cmd proxy type
file put user
form pwd verbose
get quit ?
glob quote clearcom
hash record
help recv
-- 可以看到aix的默認工具支持site
ftp> lcd /etc
Local directory now /etc
ftp> cd /tmp
250 CWD command successful.
-- 測試建設目錄
ftp> mkdir www
257 MKD command successful.
-- 測試上傳文件
ftp> mput hosts
mput hosts? y
200 PORT command successful.
150 Opening data connection for hosts.
226 Transfer complete.
2221 bytes sent in 0.003818 seconds (568.1 Kbytes/s)
local: hosts remote: hosts
-- 修改默認的mask,執行之后umask變成了022(默認是027),下面再建一個目錄和文件進行對比。
ftp> site umask 022
200 UMASK set to 022 (was 027)
-- 測試建設目錄www2
ftp> mkdir www2
257 MKD command successful.
-- 測試上傳文件rc.net
ftp> mput rc.net
mput rc.net? y
200 PORT command successful.
150 Opening data connection for rc.net.
226 Transfer complete.
9085 bytes sent in 0.005395 seconds (1644 Kbytes/s)
local: rc.net remote: rc.net
ftp>
再切換到服務器看下權限。
mput hosts? y
200 PORT command successful.
150 Opening data connection for hosts.
226 Transfer complete.
2221 bytes sent in 0.003818 seconds (568.1 Kbytes/s)
local: hosts remote: hosts
-- 修改默認的mask,執行之后umask變成了022(默認是027),下面再建一個目錄和文件進行對比。
ftp> site umask 022
200 UMASK set to 022 (was 027)
-- 測試建設目錄www2
ftp> mkdir www2
257 MKD command successful.
-- 測試上傳文件rc.net
ftp> mput rc.net
mput rc.net? y
200 PORT command successful.
150 Opening data connection for rc.net.
226 Transfer complete.
9085 bytes sent in 0.005395 seconds (1644 Kbytes/s)
local: rc.net remote: rc.net
ftp>
再切換到服務器看下權限。
執行umask前,文件默認是-rw-r-----目錄是drwxr-x---,
執行umask后,文件默認是-rw-r--r--目錄是drwxr-xr-x,。
# cd /tmp
# ls -ltr
total 260920
drwx------ 2 root system 256 Jul 02 2010 lost+found
# ls -ltr
total 260920
drwx------ 2 root system 256 Jul 02 2010 lost+found
……
drwxr-x--- 2 root system 256 Mar 01 18:14 www
drwxr-xr-x 2 root system 256 Mar 01 18:15 www2
-rw-r----- 1 root system 2154 Mar 01 18:15 hosts
-rw-r--r-- 1 root system 8873 Mar 01 18:16 rc.net
drwxr-xr-x 2 root system 256 Mar 01 18:15 www2
-rw-r----- 1 root system 2154 Mar 01 18:15 hosts
-rw-r--r-- 1 root system 8873 Mar 01 18:16 rc.net
ps:為啥是umask 022就會自動對應rw-r-r呢?這個說起來有點長了,簡單說吧。
以umask 022為例 :
目錄為777-022=755
文件為666-022=644
執行"ls -l",會顯示以下權限,(r=4, w=2, x=1)
目錄:rwxr-xr-x
文本文件:rw-r--r--
2、在服務器端設置。
本方法適用AIX操作系統,修改/etc/inetd.conf,將ftp一行改為:
ftp --stream tcp6 --nowait root-- /usr/sbin/ftpd ftpd -u xxx
其中-u是新的umask。
然后運行refresh -s inetd。
ps:這種方法對所有使用ftp的用戶有效,已經連接的用戶需要重新連接才能生效。