下載相關包,並進行編譯安裝
[root@server ~]#cd /usr/local/src/tarbag/
[root@server tarbag]#tar -zxvf pure-ftpd-1.0.22.tar.gz -C ../software/
[root@server tarbag]#cd ../software/pure-ftpd-1.0.22/
[root@server pure-ftpd-1.0.22]#./configure --prefix=/usr/local/pureftpd --with-everything
[root@server pure-ftpd-1.0.22]#make && make install
[root@server pure-ftpd-1.0.22]#cp configuration-file/pure-config.pl /usr/local/pureftpd/bin/
[root@server pure-ftpd-1.0.22]#cp configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/
[root@server pure-ftpd-1.0.22]#cp contrib/redhat.init /etc/init.d/pureftpd (這個腳本可以用來實現自啓動)
[root@server pure-ftpd-1.0.22]#ls ./*.conf
./pureftpd-ldap.conf ./pureftpd-mysql.conf ./pureftpd-pgsql.conf
[root@server pure-ftpd-1.0.22]#cp ./*.conf /usr/local/pureftpd/etc/
[root@server pure-ftpd-1.0.22]#chmod +x /usr/local/pureftpd/bin/pure-config.pl
修改相關配置文件如下:
[root@server ~]#grep -v '^#' /usr/local/pureftpd/etc/pure-ftpd.conf |sort |uniq
AllowAnonymousFXP
AllowUserFXP
AnonymousCanCreateDirs
AnonymousCantUpload
AnonymousOnly
AntiWarez
AutoRename
BrokenClientsCompatibili
ChrootEveryone
CustomerProof
Daemonize
DisplayDotFiles
DontResolve
LimitRecursion
MaxClientsNumber
MaxClientsPerIP
MaxDiskUsage
MaxIdleTime
MaxLoad
MinUID
NoAnonymous
ProhibitDotFilesRead
ProhibitDotFilesWrite
PureDB
SyslogFacility
Umask
VerboseLog
以上配置文件可根據實際需要進行調整,下面試啓動下服務!
[root@server ~]#/usr/local/pureftpd/bin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf
Running: /usr/local/pureftpd/sbin/pure-ftpd -A -c50 -B -C8 -D -E -fftp -H -I15 -lpuredb:/usr/local/pureftpd/etc/pureftpd.pdb -L2000:8 -m4 -s -U133:022 -u1000 -k99 -Z
[root@server ~]#netstat -ntpl |grep 21tcp
tcp
關閉服務:
[root@server ~]#killall pure-ftpd
[root@server ~]#netstat -ntpl |grep 21
添加虛擬用戶在系統上所映射的用戶和組:
[root@server ~]#groupadd -g 1000 ftpgroup
[root@server ~]#useradd -g ftpgroup -u 1000 -d /dev/null -s /sbin/nologin ftpuser
添加虛擬用戶:
[root@server ~]#/usr/local/pureftpd/bin/pure-pw useradd yang -u ftpuser -d /usr/local/src/ -m
Password:
Enter it again:
查看虛擬用戶信息:
[root@server ~]#/usr/local/pureftpd/bin/pure-pw list
yang
[root@server ~]#/usr/local/pureftpd/bin/pure-pw show yang
Login
Password
UID
GID
Directory
Full name
Download bandwidth : 0 Kb (unlimited)
Upload
Max files
Max size
Ratio
Allowed local IPs :
Denied local IPs :
Allowed client IPs :
Denied client IPs :
Time restrictions : 0000-0000 (unlimited)
Max sim sessions
設定自啓動,修改相關配置文件如下:
[root@server ~]#grep '/usr/local' /etc/init.d/pureftpd
fullpath=/usr/local/pureftpd/bin/$prog
pureftpwho=/usr/local/pureftpd/sbin/pure-ftpwho
$fullpath /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize
啓動服務:
[root@server ~]#service pureftpd start
啓動 pure-config.pl:Running: /usr/local/pureftpd/sbin/pure-ftpd --daemonize -A -c50 -B -C8 -D -E -fftp -H -I15 -lpuredb:/usr/local/pureftpd/etc/pureftpd.pdb -L2000:8 -m4 -s -U133:022 -u100 -k99 -Z
[root@server ~]#netstat -ntpl |grep 21
tcp
tcp
測試使用虛擬用戶登錄:
[root@server ~]#ftp 127.0.0.1
Connected to 127.0.0.1.
220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 16:07. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
500 This security scheme is not implemented
500 This security scheme is not implemented
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): yang
331 User yang OK. Password required
Password:
230-User yang has group access to: 1000
230 OK. Current directory is /
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> pwd
257 "/" is your current location
ftp> ls
227 Entering Passive Mode (127,0,0,1,172,137)
150 Accepted data connection
drwxr-xr-x
drwxr-xr-x
drwxrwxrwx
drwxr-xr-x
drwxr-xr-x
226-Options: -a -l
226 5 matches total
修改虛擬用戶的參數,更詳細的參數可以使用pure-pw --help查看:
[root@server ~]#/usr/local/pureftpd/bin/pure-pw usermod yang -R 192.168.90.20/24
[root@server ~]#/usr/local/pureftpd/bin/pure-pw show yang |grep 'IP'
Allowed local IPs :
Denied local IPs :
Allowed client IPs :
Denied client IPs : 192.168.90.20/24