一個proftpd的安裝配置實例。
目的:
安裝配置一個proftpd,達到以下要求
1 不允許匿名訪問。
2 開放一個帳號,只有在upload目錄有上傳權限,可以續傳,不能改名和刪除。
操作:
0 切換到root帳戶
su root //輸入root的密碼。
1 下載proftpd
地址:www.proftpd.org。這裏我們下載了1.2.9版本
wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.2.9.tar.gz
2 安裝proftpd
切換到下載目錄,假設爲/tmp/proftpd,然後
tar zxvf proftpd-1.2.9.tar.gz //解壓
cd proftpd-1.2.9
./configure --prefix=/var/proftpd --sysconfdir=/etc //設置安裝目錄/var/proftpd,配置文件目錄/etc
make
make install
3 新建ftp專用帳號
就是上面目的中提到的那個專用帳號,這裏以skate/skate(u/p)爲例。
groupadd skate
useradd skate -g skate -d /var/ftp -s /sbin/nologin //設置/var/ftp目錄爲ftp的目錄
passwd skate //設置skate用戶的密碼
mkdir /var/ftp/upload
chown skate.skate /var/ftp/upload //設置upload目錄skate用戶可寫
4 設置proftpd
proftpd的配置文件就一個,就是/etc/proftpd.conf
vi /etc/proftpd.conf //打開proftpd.conf
####具體配置如下######
ServerName "Test ftp server..."
ServerType standalone
DefaultServer on
#端口
Port 21
Umask 022
#最大線程數
MaxInstances 30
u ser skate
Group skate
#DNS反查
UseReverseDNS off
IdentLookups off
#最大嘗試連接次數
MaxLoginAttempts 3
#每用戶線程
MaxClientsPerHost 2
#最大用戶數
MaxClients 20
DirFakeUser On skate
DirFakeGroup On skate
DeferWelcome On
#日誌文件位置
SystemLog /var/log/proftpd.log
ServerIdent off
#限制skate組的skate用戶登錄時不能切換到其他目錄(只能呆在他的home目錄)
DefaultRoot ~ skate,skate
#設置只允許192.168.0的用戶登錄
#<limit LOGIN>;
#Order allow,deny
#Allow from 192.168.0.
#Deny from all
#</limit>;
#設置只允許skate用戶登錄,否則系統用戶也可以登錄ftp
#<limit LOGIN>;
#Order allow,deny
#DenyUser !skate
#</limit>;
#開起全盤的寫權限
<Directory />;
AllowOverwrite on
AllowStoreRestart on
#允許FXP
# AllowForeignAddress on
<Limit All>;
AllowAll
</Limit>;
</Directory>;
#設置skate用戶在upload的限制
#DELE刪除權限
#RNFR RNTO重命名權限
#RMD XRMD移動目錄權限
<Directory /var/ftp/upload>;
<Limit DELE RNFR RNTO RMD XRMD >;
DenyUser skate
</Limit>;
</Directory>;
#####結束######
編輯完以後按Esc,然後輸入:x保存。
5 啓動服務
編輯一個啓動腳本(這個是proftpd自帶的,做了一點小修改)
vi /etc/rc.d/init.d/proftpd
#####腳本內容開始########
#!/bin/sh
#
# Startup script for ProFTPD
#
# chkconfig: 345 85 15
# description: ProFTPD is an enhanced FTP server with \
# a focus toward simplicity, security, and ease of configuration. \
# It features a very Apache-like configuration syntax, \
# and a highly customizable server infrastructure, \
# including support for multiple 'virtual' FTP servers, \
# anonymous FTP, and permission-based directory visibility.
# processname: proftpd
# config: /etc/proftpd.conf
#
# By: Osman Elliyasa <[email protected]>;
# $Id: proftpd.init.d,v 1.7 2002/12/07 21:50:27 jwm Exp $
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/proftpd ]; then
. /etc/sysconfig/proftpd
fi
#下面這行設置環境變量,注意設置好你的proftpd的安裝目錄
PATH="$PATH:/usr/local/sbin:/var/proftpd/bin:/var/proftpd/sbin"
# See how we were called.
case "$1" in
start)
echo -n "Starting proftpd: "
daemon proftpd $OPTIONS
echo
touch /var/lock/subsys/proftpd
;;
stop)
echo -n "Shutting down proftpd: "
killproc proftpd
echo
rm -f /var/lock/subsys/proftpd
;;
status)
status proftpd
;;
restart)
$0 stop
$0 start
;;
reread)
echo -n "Re-reading proftpd config: "
killproc proftpd -HUP
echo
;;
suspend)
hash ftpshut >;/dev/null 2>;&1
if [ $? = 0 ]; then
if [ $# -gt 1 ]; then
shift
echo -n "Suspending with '$*' "
ftpshut $*
else
echo -n "Suspending NOW "
ftpshut now "Maintanance in progress"
fi
else
echo -n "No way to suspend "
fi
echo
;;
resume)
if [ -f /etc/shutmsg ]; then
echo -n "Allowing sessions again "
rm -f /etc/shutmsg
else
echo -n "Was not suspended "
fi
echo
;;
*)
echo -n "Usage: $0 {start|stop|restart|status|reread|resume"
hash ftpshut
if [ $? = 1 ]; then
echo '}'
else
echo '|suspend}'
echo 'suspend accepts additional arguments which are passed to ftpshut(8)'
fi
exit 1
esac
if [ $# -gt 1 ]; then
shift
$0 $*
fi
exit 0
#######腳本結束#########
按Esc,輸入:x保存。
修改權限,然後添加到系統服務並啓動
chmod +x /etc/rc.d/init.d/proftpd
chkconfig --add proftpd
service proftpd start
可以用service proftpd restart來重起proftpd。