操作系统:suse 10 企业版
一共五个文件夹: caiwu,renshi,wendang,soft,pingtai
一共三个组角色:caiwu,renshi,pingtai
本ftp server要达到的目标是:
(1) wendang文件夹只能由组renshi来改动,其他用户只能下载
(2) Soft文件夹为公用文件夹,所有用户组都可以改动和下载
(3) caiwu,renshi和pingtai文件夹都分别只能由对应的aiwu,renshi,pingtai组来更改,其他用户彼此不可见
二、 安装standby:/srv # tar vjfx proftpd-1.3.2.tar.bz2
standby:/srv # cd proftpd-1.3.2/
standby:/srv/proftpd-1.3.2 # ./configure --prefix=/usr/local/proftpd --enable-shadow --enable-autoshadow --with-modules=mod_ratio:mod_readme --enable-nls standby:/srv/proftpd-1.3.2 # make
standby:/srv/proftpd-1.3.2 # make install
三、 设置用户和组standby:/usr/local/proftpd/etc # groupadd pingtai
standby:/usr/local/proftpd/etc # groupadd renshi
standby:/usr/local/proftpd/etc # groupadd caiwu
standby:/usr/local/proftpd/etc # useradd -M -g pingtai -s /bin/false pingtai
standby:/usr/local/proftpd/etc # useradd -M -g caiwu -s /bin/false caiwu
standby:/usr/local/proftpd/etc # useradd -M -g renshi -s /bin/false renshi
四、 分别给个用户设置密码standby:/usr/local/proftpd/etc # passwd pingtai
standby:/usr/local/proftpd/etc # passwd caiwu
standby:/usr/local/proftpd/etc # passwd renshi
五、 创建文件目录并且赋权standby:~ # mkdir -p /var/ftp{caiwu,pingtai,renshi,soft,wendang}
standby:/var/ftp # chown -R 755 /var/ftp/*
standby:/var/ftp # cd /var/ftp/
standby:/var/ftp # chown -R caiwu:caiwu caiwu/
standby:/var/ftp # chown -R renshi:renshi renshi/
standby:/var/ftp # chown -R renshi:renshi wendang/
standby:/var/ftp # chown -R pingtai:pingtai pingtai
六、 配置主配置文件standby:~ # cd /usr/local/proftpd/etc/
standby:/usr/local/proftpd/etc # vim proftpd.conf
ServerName "motone fileserver"
ServerType standalone
DefaultServer on
TransferLog /var/log/proftpd_transport.log
SystemLog /var/log/proftpd.log
Port 21
UseIPv6 off
Umask 022
MaxInstances 150
User nobody
Group nogroup
DefaultRoot /var/ftp
AllowOverwrite on
TimesGMT off
MaxClients 200
MaxClientsPerHost 5
AllowStoreRestart on
PassivePorts 65400 65420
RootLogin off
RequireValidShell off
UseReverseDNS off
IdentLookups off
MaxLoginAttempts 3
MaxClientsPerUser 5
MaxConnectionRate 4
MaxClientsPerHost 2
MaxStoreFileSize 20 Gb
DirFakeUser on
DirFakeGroup on
DirFakeMode 0600
<Anonymous /var/ftp>
User ftp
Group ftp
UserAlias anonymous ftp
MaxClients 10
#DisplayLogin welcome.msg
#DisplayChdir .message
TransferRate STOR 100 user anonymous,ftp
TransferRate RETR 50 user anonymous,ftp
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
<Directory /var/ftp/wendang/*>
<Limit WRITE MKD RNFR DELE RMD STOR>
DenyAll
AllowGroup renshi
</Limit>
<Limit DIRS CMD READ RETR >
AllowAll
</Limit>
</Directory>
<Directory /var/ftp/renshi/*>
<Limit DIRS CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
DenyAll
AllowGroup renshi
</Limit>
</Directory>
<Directory /var/ftp/caiwu/*>
<Limit DIRS CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
DenyAll
AllowGroup caiwu
</Limit>
</Directory>
<Directory /var/ftp/pingtai/*>
<Limit DIRS CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
DenyAll
AllowGroup pingtai
</Limit>
</Directory>
<Directory /var/ftp/soft/*>
Umask 011
<Limit DIRS CMD READ WRITE MKD RNFR DELE RMD RETR STOR ALL>
AllowAll
</Limit>
</Directory>
七、 设置启动脚本,并且注册系统服务
standby:/usr/local/proftpd/etc # vim /etc/init.d/proftpd
#!/bin/bash
FTPD_BIN=/usr/local/proftpd/sbin/proftpd
FTPD_CONF=/usr/local/proftpd/etc/proftpd.conf
PIDFILE=/usr/local/proftpd/var/proftpd.pid
if [ -f $PIDFILE ]; then
pid=`cat $PIDFILE`
fi
if [ ! -x $FTPD_BIN ]; then
echo "$0: $FTPD_BIN: cannot execute"
exit 1
fi
case $1 in
start)
if [ -n "$pid" ]; then
echo "$0: proftpd [PID $pid] already running"
exit
fi
if [ -r $FTPD_CONF ]; then
echo "Starting proftpd..."
$FTPD_BIN -c $FTPD_CONF
else
echo "$0: cannot start proftpd -- $FTPD_CONF missing"
fi
;;
stop)
if [ -n "$pid" ]; then
echo "Stopping proftpd..."
kill -TERM $pid
else
echo "$0: proftpd not running"
exit 1
fi
;;
restart)
if [ -n "$pid" ]; then
echo "Rehashing proftpd configuration"
kill -HUP $pid
else
echo "$0: proftpd not running"
exit 1
fi
;;
*)
echo "usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit 0
standby:/usr/local/proftpd/etc # chmod +x /etc/init.d/proftpd
standby:/usr/local/proftpd/etc # chkconfig --add proftpd
standby:/usr/local/proftpd/etc # chkconfig --levels 2345 proftpd on
八、 启动服务standby:/usr/local/proftpd/var # /etc/init.d/proftpd start