0%

CENTOS下pure-ftpd安装配置

最开始接触的ftp服务器vsftpd
本着探索的精神试着安装了下pure-ftpd
毕竟pure-ftpd也是linux下的三大ftp软件之一
先对比一下:

vsftpd pure-ftpd
设置空密码
支持插件
配置难度 简单
安全性 据说高点

安装配置

pure-ftpd安装配置较vsftpd要简单很多,直接附上脚本;

pure-ftpd.shview raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/bin/bash

## --------------------------------------
## 配置
## -------------------------------------
## 创建的账户
VUSER=ftp_user
## 账户的默认目录
DEFAULT_DIR=/data/ftp_user

function help(){
echo "-----------------------------"
echo " 1 - install"
echo " 2 - add user"
echo " ex. $0 2 username passwd"
echo " help: man pure-pw"
echo " 3 - uninstall"
echo "-----------------------------"

}

function uninstall(){
yum -y remove pure-ftpd
rm -rf /etc/pure-ftpd
}
function install(){
uninstall
yum -y install pure-ftpd
## 修改配置
cat > /etc/pure-ftpd/pure-ftpd.conf << EOF
ChrootEveryone yes
BrokenClientsCompatibility yes
MaxClientsNumber 50
Daemonize yes
MaxClientsPerIP 8
VerboseLog yes
DisplayDotFiles no
AnonymousOnly no
NoAnonymous yes
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
PureDB /etc/pure-ftpd/pureftpd.pdb
PAMAuthentication yes
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
PassivePortRange 6000 7000
AntiWarez yes
Umask 133:022
MinUID 100
UseFtpUsers no
AllowUserFXP no
AllowAnonymousFXP no
ProhibitDotFilesWrite no
ProhibitDotFilesRead no
AutoRename no
AnonymousCantUpload yes
AltLog clf:/var/log/pureftpd.log
CreateHomeDir yes
PIDFile /var/run/pure-ftpd.pid
MaxDiskUsage 99
CustomerProof yes
EOF
## 增加虚拟账号的user
useradd -d ${DEFAULT_DIR} -s /sbin/nologin ${VUSER}
## 增加端口
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 6000:7000 -j ACCEPT
}

function add_vuser(){
if [ "$1" == "" ]; then
echo "user can not empty."
exit
fi

if [ "$2" == "" ]; then
echo "pass can not empty."
exit
fi
ftp_user=$1
ftp_pass=$2
mkdir -p ${DEFAULT_DIR}/${ftp_user}
chown ${VUSER}:${VUSER} ${DEFAULT_DIR}/${ftp_user} -R
pure-pw useradd ${ftp_user} -u${VUSER} -d ${DEFAULT_DIR}/${ftp_user}
pure-pw mkdb
service pure-ftpd restart
echo "add finish"
}

case $1 in
[1]) install;;
[2]) add_vuser $2 $3;;
[3]) uninstall;;
*) help;;
esac

问题

  1. 如何设置目录只读权限?

参考文档

  1. http://www.lezhizhe.net/archives/129
  2. http://www.centoscn.com/image-text/install/2014/1120/4154.html