记录点点滴滴

0%

CENTOS下pure-ftpd安装配置

发表于 分类于 Disqus:

最开始接触的ftp服务器vsftpd
本着探索的精神试着安装了下pure-ftpd
毕竟pure-ftpd也是linux下的三大ftp软件之一
先对比一下:

vsftpd pure-ftpd
设置空密码
支持插件
配置难度 简单
安全性 据说高点

安装配置

pure-ftpd安装配置较vsftpd要简单很多,直接附上脚本;

pure-ftpd.shview raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/bin/bash

## --------------------------------------
## 配置
## -------------------------------------
## 创建的账户
VUSER=ftp_user
## 账户的默认目录
DEFAULT_DIR=/data/ftp_user

function help(){
    echo "-----------------------------"
    echo " 1 - install"
    echo " 2 - add user"
    echo "     ex. $0 2 username passwd"
    echo "     help: man pure-pw"
    echo " 3 - uninstall"
    echo "-----------------------------"

}

function uninstall(){
    yum -y remove pure-ftpd
    rm -rf /etc/pure-ftpd
}
function install(){
    uninstall
    yum -y install pure-ftpd
    ## 修改配置   
    cat > /etc/pure-ftpd/pure-ftpd.conf << EOF
ChrootEveryone              yes
BrokenClientsCompatibility  yes
MaxClientsNumber            50
Daemonize                   yes
MaxClientsPerIP             8
VerboseLog                  yes
DisplayDotFiles             no
AnonymousOnly               no
NoAnonymous                 yes
SyslogFacility              ftp
DontResolve                 yes
MaxIdleTime                 15
PureDB                      /etc/pure-ftpd/pureftpd.pdb
PAMAuthentication           yes
LimitRecursion              10000 8
AnonymousCanCreateDirs      no
MaxLoad                     4
PassivePortRange            6000 7000
AntiWarez                   yes
Umask                       133:022
MinUID                      100
UseFtpUsers                 no
AllowUserFXP                no
AllowAnonymousFXP           no
ProhibitDotFilesWrite       no
ProhibitDotFilesRead        no
AutoRename                  no
AnonymousCantUpload         yes
AltLog                      clf:/var/log/pureftpd.log
CreateHomeDir               yes
PIDFile                     /var/run/pure-ftpd.pid
MaxDiskUsage                99
CustomerProof               yes
EOF
    ## 增加虚拟账号的user
    useradd -d ${DEFAULT_DIR} -s /sbin/nologin ${VUSER}
    ## 增加端口
    iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
    iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 6000:7000 -j ACCEPT
}

function add_vuser(){
    if [ "$1" == "" ]; then
        echo "user can not empty."
        exit
    fi

    if [ "$2" == "" ]; then
        echo "pass can not empty."
        exit 
    fi
    ftp_user=$1
    ftp_pass=$2
    mkdir -p ${DEFAULT_DIR}/${ftp_user}
    chown ${VUSER}:${VUSER} ${DEFAULT_DIR}/${ftp_user} -R
    pure-pw useradd ${ftp_user} -u${VUSER} -d ${DEFAULT_DIR}/${ftp_user}
    pure-pw mkdb
    service pure-ftpd restart
    echo "add finish"
}

case $1 in
[1]) install;;
[2]) add_vuser $2 $3;;
[3]) uninstall;;
*) help;;
esac

问题

  1. 如何设置目录只读权限?

参考文档

  1. http://www.lezhizhe.net/archives/129
  2. http://www.centoscn.com/image-text/install/2014/1120/4154.html