proftpd安装配置详解(实践)

一、 需求介绍:

操作系统:suse 10 企业版

一共五个文件夹: caiwu,renshi,wendang,soft,pingtai

一共三个组角色:caiwu,renshi,pingtai

本ftp server要达到的目标是:

(1) wendang文件夹只能由组renshi来改动,其他用户只能下载

(2) Soft文件夹为公用文件夹,所有用户组都可以改动和下载

(3) caiwu,renshi和pingtai文件夹都分别只能由对应的aiwu,renshi,pingtai组来更改,其他用户彼此不可见

二、 安装

standby:/srv # tar vjfx proftpd-1.3.2.tar.bz2

standby:/srv # cd proftpd-1.3.2/

standby:/srv/proftpd-1.3.2 # ./configure --prefix=/usr/local/proftpd --enable-shadow --enable-autoshadow --with-modules=mod_ratio:mod_readme --enable-nls standby:/srv/proftpd-1.3.2 # make

standby:/srv/proftpd-1.3.2 # make install

三、 设置用户和组

standby:/usr/local/proftpd/etc # groupadd pingtai

standby:/usr/local/proftpd/etc # groupadd renshi

standby:/usr/local/proftpd/etc # groupadd caiwu

standby:/usr/local/proftpd/etc # useradd -M -g pingtai -s /bin/false pingtai

standby:/usr/local/proftpd/etc # useradd -M -g caiwu -s /bin/false caiwu

standby:/usr/local/proftpd/etc # useradd -M -g renshi -s /bin/false renshi

四、 分别给个用户设置密码

standby:/usr/local/proftpd/etc # passwd pingtai

standby:/usr/local/proftpd/etc # passwd caiwu

standby:/usr/local/proftpd/etc # passwd renshi

五、 创建文件目录并且赋权

standby:~ # mkdir -p /var/ftp{caiwu,pingtai,renshi,soft,wendang}

standby:/var/ftp # chown -R 755 /var/ftp/*

standby:/var/ftp # cd /var/ftp/

standby:/var/ftp # chown -R caiwu:caiwu caiwu/

standby:/var/ftp # chown -R renshi:renshi renshi/

standby:/var/ftp # chown -R renshi:renshi wendang/

standby:/var/ftp # chown -R pingtai:pingtai pingtai

六、 配置主配置文件

standby:~ # cd /usr/local/proftpd/etc/

standby:/usr/local/proftpd/etc # vim proftpd.conf

ServerName                      "motone fileserver"
ServerType                      standalone
DefaultServer                   on
TransferLog                     /var/log/proftpd_transport.log
SystemLog                       /var/log/proftpd.log
Port                            21
UseIPv6                         off
Umask                           022
MaxInstances                    150
User                            nobody
Group                           nogroup
DefaultRoot                     /var/ftp
AllowOverwrite                  on
TimesGMT                        off
MaxClients                      200
MaxClientsPerHost               5
AllowStoreRestart               on
PassivePorts                    65400  65420
RootLogin                       off
RequireValidShell               off
UseReverseDNS                   off  
IdentLookups                    off
MaxLoginAttempts                 3
MaxClientsPerUser                5
MaxConnectionRate                4
MaxClientsPerHost                2
MaxStoreFileSize                 20 Gb
DirFakeUser                      on
DirFakeGroup                     on
DirFakeMode                     0600

<Anonymous /var/ftp>
  User                          ftp
  Group                         ftp
  UserAlias                     anonymous ftp
  MaxClients                    10
  #DisplayLogin                 welcome.msg
  #DisplayChdir                 .message
  TransferRate  STOR    100  user anonymous,ftp
  TransferRate  RETR    50   user anonymous,ftp
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>

<Directory /var/ftp/wendang/*>
         <Limit WRITE MKD RNFR DELE RMD STOR>
                  DenyAll
                  AllowGroup renshi
         </Limit>
         <Limit DIRS  CMD READ  RETR >
                  AllowAll
         </Limit>
</Directory>

<Directory /var/ftp/renshi/*>
         <Limit DIRS  CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
                  DenyAll
                  AllowGroup renshi
         </Limit>
</Directory>

<Directory /var/ftp/caiwu/*>
         <Limit DIRS  CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
                  DenyAll
                  AllowGroup caiwu
         </Limit>
</Directory>

<Directory /var/ftp/pingtai/*>
         <Limit DIRS  CMD READ WRITE MKD RNFR DELE RMD RETR STOR>
                  DenyAll
                  AllowGroup pingtai
         </Limit>
</Directory>

<Directory /var/ftp/soft/*>
        Umask 011
        <Limit DIRS  CMD READ WRITE MKD RNFR DELE RMD RETR STOR ALL>
                AllowAll
        </Limit>
</Directory>

 

七、 设置启动脚本,并且注册系统服务

standby:/usr/local/proftpd/etc # vim /etc/init.d/proftpd

#!/bin/bash
FTPD_BIN=/usr/local/proftpd/sbin/proftpd 
FTPD_CONF=/usr/local/proftpd/etc/proftpd.conf 
PIDFILE=/usr/local/proftpd/var/proftpd.pid 
if [ -f $PIDFILE ]; then 
pid=`cat $PIDFILE` 
fi 
if [ ! -x $FTPD_BIN ]; then 
echo "$0: $FTPD_BIN: cannot execute" 
exit 1 
fi 
case $1 in 
start) 
if [ -n "$pid" ]; then 
echo "$0: proftpd [PID $pid] already running" 
exit 
fi 
if [ -r $FTPD_CONF ]; then 
echo "Starting proftpd..." 
$FTPD_BIN -c $FTPD_CONF 
else 
echo "$0: cannot start proftpd -- $FTPD_CONF missing" 
fi 
;; 
stop) 
if [ -n "$pid" ]; then 
echo "Stopping proftpd..." 
kill -TERM $pid 
else 
echo "$0: proftpd not running" 
exit 1 
fi 
;; 
restart) 
if [ -n "$pid" ]; then 
echo "Rehashing proftpd configuration" 
kill -HUP $pid 
else 
echo "$0: proftpd not running" 
exit 1 
fi 
;; 
*) 
echo "usage: $0 {start|stop|restart}" 
exit 1 
;; 
esac 
exit 0 

 

 

standby:/usr/local/proftpd/etc # chmod +x /etc/init.d/proftpd

standby:/usr/local/proftpd/etc # chkconfig --add proftpd

standby:/usr/local/proftpd/etc # chkconfig --levels 2345 proftpd on

八、 启动服务

standby:/usr/local/proftpd/var # /etc/init.d/proftpd start