v7 AP cpoy ftp文件到AC失败

AC旁挂核心，AP是二层注册

现场需要在将终结者本体上的问题传送到AC上，需要使用copyftp的方法。在AC上创建ftp server，并且创建本地用户，但是终结者本体上操作上传文件失败。报错Failed to finish the operation because of file transfer error.

看到报错后，检查copy的命令输入是否正确，同时在ac上查看ftp的配置是否正常，local user的用户名和密码是否正常。在检查前面几项都没有发现异常，但是看到本地用户authorization-attribute user-role network-operator，怀疑与用户权限有关。查看命令手册发现，该权限下没有copy ftp 的命令权限。

Role: network-operator

  Description: Predefined network operator role has access to all read commands on the device

  VLAN policy: Permit (default)

  Interface policy: Permit (default)

  VPN instance policy: Permit (default)

  Location policy: Permit (default)

  -------------------------------------------------------------------

  Rule    Perm   Type  Scope         Entity                         

  -------------------------------------------------------------------

  sys-1   permit       command       display *                      

  sys-2   permit       command       xml  

  sys-3   deny         command       display history-command all    

  sys-4   deny         command       display exception *            

  sys-5   deny         command       display cpu-usage configuration

                                     *                              

  sys-6   deny         command       display kernel exception *     

  sys-7   deny         command       display kernel deadloop *      

  sys-8   deny         command       display kernel starvation *    

  sys-9   deny         command       display kernel reboot *         

  sys-12  permit       command       system-view ; local-user *     

  sys-14  permit R--   web-menu      -                              

  sys-15  permit RW-   web-menu      m_device/m_maintenance/m_changep

                                     assword                        

  sys-16  permit R--   xml-element   -                              

  sys-17  deny         command       display security-logfile summary

  sys-18  deny         command       system-view ; info-center securi

                                     ty-logfile directory *         

  sys-19  deny         command       security-logfile save          

  sys-20  deny         command       system-view ; local-user-import

                                     *                               

  sys-21  deny         command       system-view ; local-user-export

                                     *                              

  sys-22  permit R--   oid           1                              

  R:Read W:Write X:Execute

将用户调整成authorization-attribute user-role level-15（最好权限）后，copy ftp可以正常使用。