Pureftpd的搭建和配置

ftp軟件有許多，比如wuftp,proftp,vsftpd等，但對虛擬用戶支持最好，且配置最爲簡單的我個人覺得非pureftp莫屬，下面就來介紹下如何編譯安裝pureftp和配置虛擬用戶！
下載相關包，並進行編譯安裝
[root@server ~]#cd /usr/local/src/tarbag/
[root@server tarbag]#tar -zxvf pure-ftpd-1.0.22.tar.gz -C ../software/
[root@server tarbag]#cd ../software/pure-ftpd-1.0.22/
[root@server pure-ftpd-1.0.22]#./configure --prefix=/usr/local/pureftpd --with-everything
[root@server pure-ftpd-1.0.22]#make && make install
[root@server pure-ftpd-1.0.22]#cp configuration-file/pure-config.pl /usr/local/pureftpd/bin/
[root@server pure-ftpd-1.0.22]#cp configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/
[root@server pure-ftpd-1.0.22]#cp contrib/redhat.init /etc/init.d/pureftpd （這個腳本可以用來實現自啓動）

[root@server pure-ftpd-1.0.22]#ls ./*.conf
./pureftpd-ldap.conf ./pureftpd-mysql.conf ./pureftpd-pgsql.conf
[root@server pure-ftpd-1.0.22]#cp ./*.conf /usr/local/pureftpd/etc/
[root@server pure-ftpd-1.0.22]#chmod +x /usr/local/pureftpd/bin/pure-config.pl
修改相關配置文件如下：
[root@server ~]#grep -v '^#' /usr/local/pureftpd/etc/pure-ftpd.conf |sort |uniq

AllowAnonymousFXP           no
AllowUserFXP                no
AnonymousCanCreateDirs      no
AnonymousCantUpload         no
AnonymousOnly               no
AntiWarez                   yes
AutoRename                  no
BrokenClientsCompatibility no
ChrootEveryone              yes //鎖定所有用戶到家目錄中
CustomerProof               yes
Daemonize                   yes
DisplayDotFiles             yes            //顯示目錄下的隱含文件
DontResolve                 yes               //不進行反向解析
LimitRecursion              2000 8             //別表最大顯示2000個文件，最深8個目錄
MaxClientsNumber            50       //最大的客戶端數量
MaxClientsPerIP             8    //同一個IP允許8個鏈接
MaxDiskUsage                99       //磁盤的最大利用率
MaxIdleTime                 15       //最大空閒15分鐘
MaxLoad                     4               //最多可下載的數量
MinUID                      1000 //用戶ID至少要大於1000才能登陸
NoAnonymous                 yes    //不允許匿名用戶登錄
ProhibitDotFilesRead        no
ProhibitDotFilesWrite       no
PureDB                      /usr/local/pureftpd/etc/pureftpd.pdb //虛擬用戶數據庫
SyslogFacility              ftp
Umask                       133:022      //文件和目錄的umask
VerboseLog                  no       / /不記錄詳細的日誌信息

以上配置文件可根據實際需要進行調整，下面試啓動下服務！
[root@server ~]#/usr/local/pureftpd/bin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf
Running: /usr/local/pureftpd/sbin/pure-ftpd -A -c50 -B -C8 -D -E -fftp -H -I15 -lpuredb:/usr/local/pureftpd/etc/pureftpd.pdb -L2000:8 -m4 -s -U133:022 -u1000 -k99 -Z
[root@server ~]#netstat -ntpl |grep 21tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      9553/pure-ftpd (SER
tcp        0      0 :::21                       :::*                        LISTEN      9553/pure-ftpd (SER

關閉服務：
[root@server ~]#killall pure-ftpd
[root@server ~]#netstat -ntpl |grep 21

添加虛擬用戶在系統上所映射的用戶和組：
[root@server ~]#groupadd -g 1000 ftpgroup
[root@server ~]#useradd -g ftpgroup -u 1000 -d /dev/null -s /sbin/nologin ftpuser
添加虛擬用戶：
[root@server ~]#/usr/local/pureftpd/bin/pure-pw useradd yang -u ftpuser -d /usr/local/src/ -m
Password:
Enter it again:
查看虛擬用戶信息：
[root@server ~]#/usr/local/pureftpd/bin/pure-pw list
yang                /usr/local/src/./                                         
[root@server ~]#/usr/local/pureftpd/bin/pure-pw show yang

Login              : yang
Password           : $1$3/SblBu0$cs./Rn31HFaiOgRDo6le60
UID                : 1000 (ftpuser)
GID                : 1000 (ftpgroup)
Directory          : /usr/local/src/./
Full name          :
Download bandwidth : 0 Kb (unlimited)
Upload   bandwidth : 0 Kb (unlimited)
Max files          : 0 (unlimited)
Max size           : 0 Mb (unlimited)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local IPs :
Denied local IPs :
Allowed client IPs :
Denied client IPs :
Time restrictions : 0000-0000 (unlimited)
Max sim sessions   : 0 (unlimited)
設定自啓動，修改相關配置文件如下：
[root@server ~]#grep '/usr/local' /etc/init.d/pureftpd
fullpath=/usr/local/pureftpd/bin/$prog
pureftpwho=/usr/local/pureftpd/sbin/pure-ftpwho
$fullpath /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize
啓動服務：
[root@server ~]#service pureftpd start
啓動 pure-config.pl：Running: /usr/local/pureftpd/sbin/pure-ftpd --daemonize -A -c50 -B -C8 -D -E -fftp -H -I15 -lpuredb:/usr/local/pureftpd/etc/pureftpd.pdb -L2000:8 -m4 -s -U133:022 -u100 -k99 -Z

[root@server ~]#netstat -ntpl |grep 21
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      10166/pure-ftpd (SE
tcp        0      0 :::21                       :::*                        LISTEN      10166/pure-ftpd (SE
測試使用虛擬用戶登錄：
[root@server ~]#ftp 127.0.0.1
Connected to 127.0.0.1.
220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 16:07. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
500 This security scheme is not implemented
500 This security scheme is not implemented
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): yang
331 User yang OK. Password required
Password:
230-User yang has group access to: 1000     
230 OK. Current directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is your current location
ftp> ls
227 Entering Passive Mode (127,0,0,1,172,137)
150 Accepted data connection
drwxr-xr-x    5 0          0                4096 Jan 13 12:46 .
drwxr-xr-x    5 0          0                4096 Jan 13 12:46 ..
drwxrwxrwx    8 0          0                4096 Jan 22 18:08 share
drwxr-xr-x   13 0          0                4096 Jan 25 15:11 software
drwxr-xr-x    3 0          0                4096 Jan 25 15:09 tarbag
226-Options: -a -l
226 5 matches total

修改虛擬用戶的參數，更詳細的參數可以使用pure-pw --help查看：
[root@server ~]#/usr/local/pureftpd/bin/pure-pw usermod yang -R 192.168.90.20/24
[root@server ~]#/usr/local/pureftpd/bin/pure-pw show yang |grep 'IP'
Allowed local IPs :
Denied local IPs :
Allowed client IPs :
Denied client IPs : 192.168.90.20/24