Proftpd 配置

阅读更多

1、下载proftpd. 地址为: http://proftpd.org

2、编译安装

 

./configure --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql --with-includes=/usr/local/mysql/include/mysql --with-libraries=/usr/local/mysql/lib/mysql --enable-ctrls --enable-nls --enable-shadow --enable-dso --enable-autoshadow --enable-auth-pam

make 

make install

proftpd默认安装在/usr/local/sbin中,若需要换目录,则在编译时候指定 --prefix=/usr/local/proftpd

3、配置mysql

(1)修改配置,centos中默认mysql的配置地点在/etc/my.cnf,可以加上指定编码为UTF-8

 

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
character-set-server=UTF8

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

[mysql]
default-character-set=UTF8

(2)启动数据库

(3)修改数据库ROOT密码

 

mysqladmin -uroot password 'password'  --'password'为你想指定的密码

(4)创建数据库及增加用户

mysql -uroot -ppassword

 

create database proftpd default charset UTF8;
grant all privileges on proftpd.* to proftpd@localhost identified by 'proftpd'

(5)增加数据库表

 

CREATE TABLE `ftpuser` (
  `userid` text NOT NULL,
  `passwd` text NOT NULL,
  `uid` int(11) NOT NULL,
  `gid` int(11) NOT NULL,
  `homedir` text,
  `shell` text,
  `count` int(11) NOT NULL DEFAULT '0',
  `accessed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00'
) 

CREATE TABLE `ftpgroup` (
  `groupname` text NOT NULL,
  `gid` smallint(6) NOT NULL,
  `members` text NOT NULL
)

CREATE TABLE `quotalimits` (
  `quota_name` varchar(30) DEFAULT NULL,
  `quota_type` enum('user','group','class','all') NOT NULL,
  `per_session` enum('false','true') NOT NULL,
  `limit_type` enum('soft','hard') NOT NULL,
  `bytes_in_avail` float NOT NULL,
  `bytes_out_avail` float NOT NULL,
  `bytes_xfer_avail` float NOT NULL,
  `files_in_avail` int(10) unsigned NOT NULL,
  `files_out_avail` int(10) unsigned NOT NULL,
  `files_xfer_avail` int(10) unsigned NOT NULL
) 

CREATE TABLE `quotatallies` (
  `quota_name` varchar(30) NOT NULL,
  `quota_type` enum('user','group','class','all') NOT NULL,
  `bytes_in_used` float NOT NULL,
  `bytes_out_used` float NOT NULL,
  `bytes_xfer_used` float NOT NULL,
  `files_in_used` int(10) unsigned NOT NULL,
  `files_out_used` int(10) unsigned NOT NULL,
  `files_xfer_used` int(10) unsigned NOT NULL
) 

4、配置/usr/local/etc/proftpd.conf,完整配置如下:

 

# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"FTP Server in HK"
ServerType			standalone
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21

#UseEncoding UTF-8 GBK
# Don't use IPv6 support by default.
UseIPv6				off

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances			30

# Set the user and group under which the server will run.
User				ftpUser
Group				ftpGroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

# Bar use of SITE CHMOD by default

  DenyAll


# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire  section.
#
#  User				ftp
#  Group				ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
#  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
#  MaxClients			10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
#  DisplayLogin			welcome.msg
#  DisplayChdir			.message

  # Limit WRITE everywhere in the anonymous chroot
#  
#    DenyAll
#  
#

QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits "Kb"
QuotaLog "/usr/local/proftpd/var/quota"
QuotaShowQuotas on
SQLNamedQuery get-quota-limit SELECT "quota_name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes
_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE quota_name = '%{0}' AND quota_type = '%
{1}'"  
SQLNamedQuery get-quota-tally SELECT "quota_name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, 
files_out_used, files_xfer_used FROM quotatallies  WHERE quota_name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_
xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_
used = files_xfer_used + %{5} WHERE quota_name = '%{6}' AND quota_type = '%{7}'" quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

SQLConnectInfo proftpd@localhost:3366 proftpd proftpd
SQLAuthTypes Backend Plaintext
SQLUserInfo ftpuser userid passwd uid gid homedir shell
SQLGroupInfo ftpgroup groupname gid members
RequireValidShell off
SQLAuthenticate users groups usersetfast groupsetfast
CreateHome on
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
SQLLog STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
DeferWelcome on
RootLogin off

6、创建FTP用的用户和群组,在配置文件中使用的。

 

groupadd –g 2012 ftpGroup
useradd –u 2012 –g ftpGroup –d /data ftpUser

7、插入用户至数据库表中(这是实际使用当中的FTP账号)

 

INSERT INTO `proftpd`.`ftpuser`
(`userid`,
`passwd`,
`uid`,
`gid`,
`homedir`,
`shell`,
`count`,
`accessed`,
`modified`)
VALUES
(
'proftpd',
password('proftpd'),
2012,
2012,
'/data/ftp/proftpd',
'/bin/nologin',
0,
'0000-00-00 00:00:00',
'0000-00-00 00:00:00'
);

INSERT INTO `proftpd`.`ftpgroup`
(`groupname`,
`gid`,
`members`)
VALUES
(
'ftpGroup',
2012,
'ftpUsers'
);

8、启动mysql,proftpd

 

/etc/init.d/mysqld start
/usr/local/sbin/proftpd

 

9、其它

(1)如何将proftpd加入到服务当中

a. 复制源文件中 contrib/dist/rpm/proftpd.init.d 至 /etc/init.d中

b. 编辑 /etc/init.d/functions中,在path后面加上 /usr/local/sbin

c. 编辑 /etc/init.d/proftpd, 改其中 为 [ -x /usr/local/sbin/proftpd ] || exit 5

d. 将proftpd改为可执行

 

chmod +x /etc/init.d/proftpd

e. 添加服务

chkconfig --level 35 proftpd on
chkconfig --add proftpd

(2)从外面访问不到,要注意防火墙的问题,编辑 /etc/sysconfig/iptables, 是里面加入

-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT

重新启动

/etc/init.d/iptables restart

(3)如果通过ssh访问的时候,有乱码,可以编辑 /etc/sysconfig/i18n

 

LANG="zh_CN.UTF-8"
SUPPORTED="zh_CN:zh_CN.UTF-8:zh_CN.GBK:zh:en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"

(4)对于用户上传下载数量的限制,通过quota来实现,在quota*表中插入数据,具体可以GOOGLE

 

备注:

1、在/etc/hosts是一定要对于主机名绑定IP,否则无法启动。

如: 127.0.0.1   ftpServer

2、mysql devel必须要安装上,否则无法编译proftpd

3、FTP下的目录的用户与群组必须与创建的对应上。

   # chown -R ftpUser:ftpGroup /data/

你可能感兴趣的:(Proftpd 配置)