1、下载proftpd. 地址为: http://proftpd.org
2、编译安装
./configure --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql --with-includes=/usr/local/mysql/include/mysql --with-libraries=/usr/local/mysql/lib/mysql --enable-ctrls --enable-nls --enable-shadow --enable-dso --enable-autoshadow --enable-auth-pam make make install
proftpd默认安装在/usr/local/sbin中,若需要换目录,则在编译时候指定 --prefix=/usr/local/proftpd
3、配置mysql
(1)修改配置,centos中默认mysql的配置地点在/etc/my.cnf,可以加上指定编码为UTF-8
[mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 character-set-server=UTF8 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid [mysql] default-character-set=UTF8
(2)启动数据库
(3)修改数据库ROOT密码
mysqladmin -uroot password 'password' --'password'为你想指定的密码
(4)创建数据库及增加用户
mysql -uroot -ppassword
create database proftpd default charset UTF8; grant all privileges on proftpd.* to proftpd@localhost identified by 'proftpd'
(5)增加数据库表
CREATE TABLE `ftpuser` ( `userid` text NOT NULL, `passwd` text NOT NULL, `uid` int(11) NOT NULL, `gid` int(11) NOT NULL, `homedir` text, `shell` text, `count` int(11) NOT NULL DEFAULT '0', `accessed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00' ) CREATE TABLE `ftpgroup` ( `groupname` text NOT NULL, `gid` smallint(6) NOT NULL, `members` text NOT NULL ) CREATE TABLE `quotalimits` ( `quota_name` varchar(30) DEFAULT NULL, `quota_type` enum('user','group','class','all') NOT NULL, `per_session` enum('false','true') NOT NULL, `limit_type` enum('soft','hard') NOT NULL, `bytes_in_avail` float NOT NULL, `bytes_out_avail` float NOT NULL, `bytes_xfer_avail` float NOT NULL, `files_in_avail` int(10) unsigned NOT NULL, `files_out_avail` int(10) unsigned NOT NULL, `files_xfer_avail` int(10) unsigned NOT NULL ) CREATE TABLE `quotatallies` ( `quota_name` varchar(30) NOT NULL, `quota_type` enum('user','group','class','all') NOT NULL, `bytes_in_used` float NOT NULL, `bytes_out_used` float NOT NULL, `bytes_xfer_used` float NOT NULL, `files_in_used` int(10) unsigned NOT NULL, `files_out_used` int(10) unsigned NOT NULL, `files_xfer_used` int(10) unsigned NOT NULL )
4、配置/usr/local/etc/proftpd.conf,完整配置如下:
# This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server # and a single anonymous login. It assumes that you have a user/group # "nobody" and "ftp" for normal operation and anon. ServerName "FTP Server in HK" ServerType standalone DefaultServer on # Port 21 is the standard FTP port. Port 21 #UseEncoding UTF-8 GBK # Don't use IPv6 support by default. UseIPv6 off # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd). MaxInstances 30 # Set the user and group under which the server will run. User ftpUser Group ftpGroup # To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ # Normally, we want files to be overwriteable. AllowOverwrite on # Bar use of SITE CHMOD by defaultDenyAll # A basic anonymous configuration, no upload directories. If you do not # want anonymous users, simply delete this entiresection. # # User ftp # Group ftp # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # Limit the maximum number of anonymous logins # MaxClients 10 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayChdir .message # Limit WRITE everywhere in the anonymous chroot # QuotaEngine on QuotaDirectoryTally on QuotaDisplayUnits "Kb" QuotaLog "/usr/local/proftpd/var/quota" QuotaShowQuotas on SQLNamedQuery get-quota-limit SELECT "quota_name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes _xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE quota_name = '%{0}' AND quota_type = '% {1}'" SQLNamedQuery get-quota-tally SELECT "quota_name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE quota_name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_ xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_ used = files_xfer_used + %{5} WHERE quota_name = '%{6}' AND quota_type = '%{7}'" quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies QuotaLimitTable sql:/get-quota-limit QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally SQLConnectInfo proftpd@localhost:3366 proftpd proftpd SQLAuthTypes Backend Plaintext SQLUserInfo ftpuser userid passwd uid gid homedir shell SQLGroupInfo ftpgroup groupname gid members RequireValidShell off SQLAuthenticate users groups usersetfast groupsetfast CreateHome on SQLLog PASS updatecount SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser SQLLog STOR,DELE modified SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser DeferWelcome on RootLogin off# DenyAll # #
6、创建FTP用的用户和群组,在配置文件中使用的。
groupadd –g 2012 ftpGroup useradd –u 2012 –g ftpGroup –d /data ftpUser
7、插入用户至数据库表中(这是实际使用当中的FTP账号)
INSERT INTO `proftpd`.`ftpuser` (`userid`, `passwd`, `uid`, `gid`, `homedir`, `shell`, `count`, `accessed`, `modified`) VALUES ( 'proftpd', password('proftpd'), 2012, 2012, '/data/ftp/proftpd', '/bin/nologin', 0, '0000-00-00 00:00:00', '0000-00-00 00:00:00' ); INSERT INTO `proftpd`.`ftpgroup` (`groupname`, `gid`, `members`) VALUES ( 'ftpGroup', 2012, 'ftpUsers' );
8、启动mysql,proftpd
/etc/init.d/mysqld start /usr/local/sbin/proftpd
9、其它
(1)如何将proftpd加入到服务当中
a. 复制源文件中 contrib/dist/rpm/proftpd.init.d 至 /etc/init.d中
b. 编辑 /etc/init.d/functions中,在path后面加上 /usr/local/sbin
c. 编辑 /etc/init.d/proftpd, 改其中 为 [ -x /usr/local/sbin/proftpd ] || exit 5
d. 将proftpd改为可执行
chmod +x /etc/init.d/proftpd
e. 添加服务
chkconfig --level 35 proftpd on chkconfig --add proftpd
(2)从外面访问不到,要注意防火墙的问题,编辑 /etc/sysconfig/iptables, 是里面加入
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
重新启动
/etc/init.d/iptables restart
(3)如果通过ssh访问的时候,有乱码,可以编辑 /etc/sysconfig/i18n
LANG="zh_CN.UTF-8" SUPPORTED="zh_CN:zh_CN.UTF-8:zh_CN.GBK:zh:en_US.UTF-8:en_US:en" SYSFONT="latarcyrheb-sun16"
(4)对于用户上传下载数量的限制,通过quota来实现,在quota*表中插入数据,具体可以GOOGLE
备注:
1、在/etc/hosts是一定要对于主机名绑定IP,否则无法启动。
如: 127.0.0.1 ftpServer
2、mysql devel必须要安装上,否则无法编译proftpd
3、FTP下的目录的用户与群组必须与创建的对应上。
# chown -R ftpUser:ftpGroup /data/