ftp: bind: Address already in use

症状:

在脚本进行FTP远程数据传输时,老是出现如下错误:ftp: bind: Address already in use

解决办法:

1) 防火墙原因(测试不成功)

最初检查发现好几个vsftpd进程,以为是这个原因,杀掉所有相关进程,重启,问题依旧

ftp:500 Illegal PORT command.
ftp: bind: Address already in use
主要是由于Iptables防火墙不支持(lsmod | grep 来检查)
ip_nat_ftp
ip_conntrack_ftp
在linux的ftp服务器上执行下列命令即可解决

modprobe ip_nat_ftp
modprobe ip_conntrack_ftp

2)selinux原因

测试1)不成功,便查日志,在日志中发现如下信息:

Dec 16 19:29:04 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091216). For complete SELinux messages. run sealert -l b93e4f93-f554-4d79-b095-3e791ff2f6e1
Dec 16 19:29:05 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091216). For complete SELinux messages. run sealert -l dbdd78f5-786c-4e89-8006-d07e63a72c0a
Dec 16 19:29:05 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (./korea_liangdb.tar.gz.20091216). For complete SELinux messages. run sealert -l 726e861a-9cd8-4df9-8435-e3ae2117b133
Dec 16 19:29:05 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091216). For complete SELinux messages. run sealert -l 2b5c7159-3642-4c71-81eb-4c62f88f4e8d
Dec 17 12:38:26 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (./home). For complete SELinux messages. run sealert -l 60fef9a6-c90a-41c7-9bb8-93f1a671df16
Dec 17 12:41:12 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (./backup). For complete SELinux messages. run sealert -l 6f7d5696-3403-4229-9773-0e0cb92d527d
Dec 17 12:41:12 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091217). For complete SELinux messages. run sealert -l 9d56a99e-007d-4fbe-9a52-a8e1799d3fe5
Dec 17 12:41:12 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091217). For complete SELinux messages. run sealert -l 1bd2fe0e-2417-4108-b412-b04b23cf070b
Dec 17 12:41:12 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (./korea_liangdb.tar.gz.20091217). For complete SELinux messages. run sealert -l 161aaded-64b5-428a-a80e-0c1e25081c82
Dec 17 12:41:12 hostnamed setroubleshoot: SELinux is preventing the ftp daemon from reading users home directories (/korea_liangdb.tar.gz.20091217). For complete SELinux messages. run sealert -l 5d1200be-ef10-4e22-a675-2642d8b8e10d

重启之后,仍然不正常

3) 脚本原因:

BACKUPNAME="korea_liangdb.tar.gz"  
TIMESTAMP_TODAY="$(date +%Y%m%d)"  
FTPSERVER="ftpserver"  
FTPUSER="ftpuser"  
FTPPWD='93$#^Xahi>(b2'  
#FTPPWD="93$#^Xahi>(b2" # 不正常的赋值,因为密码中包含了$# 
ROMOTEPATH="/"  
LOCALPATH="/usr/mysqlbackup"  
ftp -n -d << !  
open ${FTPSERVER}  
user ${FTPUSER} ${FTPPWD}  
bin  
prompt  
cd ${ROMOTEPATH}  
lcd ${LOCALPATH}  
put ${BACKUPNAME}.${TIMESTAMP_TODAY}  
close  
bye  
! 

使用调试模式运行,发现:

[root@ryang2 adminshell]# sh -x ff.sh
+ BACKUPNAME=korea_liangdb.tar.gz
++ date +%Y%m%d
+ TIMESTAMP_TODAY=20091218
+ FTPSERVER=121.189.9.133
+ FTPUSER=gamebackup
+ FTPPWD='930^Xahi>(b2' # 注意此处密码与上面脚本代码之间的差别,原来在脚本中,将$#解析为了参数个数了,即将密码中的$#转换成了数字0
+ ROMOTEPATH=/
+ LOCALPATH=/usr/mysqlbackup
+ ftp -n -d
ftp: setsockopt: Bad file descriptor
---> AUTH GSSAPI
Please login with USER and PASS.
---> AUTH KERBEROS_V4
Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
cmds.c:276: verbose=0 debug=1 overbose=0
---> SYST
Please login with USER and PASS.
---> USER gamebackup
---> PASS XXXX
Login incorrect.
Login failed.
---> TYPE I
Please login with USER and PASS.
Interactive mode off.
---> CWD /
Please login with USER and PASS.
Local directory now /usr/mysqlbackup
---> PASV
Please login with USER and PASS.
Passive mode refused.  Turning off passive mode.
---> PORT 121,189,9,134,131,18
Please login with USER and PASS.
ftp: bind: Address already in use
---> QUIT

结论:如果在脚本中变量赋值中包含特殊意义的组合的话,用单引号来进行赋值

发表评论