pure-ftp的配置

 ftp是文件传输协议,客户端在登录和上传下载都是明文传输,显然是不安全的,我们可以基于协议进行加密ftps,但是这只能在客户端运行,对于管理ftp很不方便,为了易于管理,我们使用pure-ftp架构,能够实现管理员通过http浏览器来管理后台,注册的帐号存在于数据库中,并且能够给管理员以网页形式的管理界面,管理界面叫pureadmin它基于phppureadmin使用的是pureadmin-0.3.tar.gz,所以我们要搭建LAMP,搭建LAMP我使用的是linux中自带的软件包。前台用户通过ftp访问pure-ftpd服务器,使用的是pure-ftp- 1.0.36 .tar.gz,登录时要做身份验证,注册的帐号都存在于mysql数据库中,向数据库导入数据使用的是pureftp.sql文件,pure-ftp服务器和mysql数据库之间调度我们使用pureftp-mysql.conf配置文件连接。用户登录时使用虚拟帐号,ftp的站点存放在本地磁盘的目录下/ftproot,该目录的权限应该设置为本地帐号的权限,所以还要实现虚拟帐号到本地帐号的映射,从官方网下载源码和文件,下面我们就在linux系统中实现pure-ftp的配置。

安装步骤:

1)首先我们先安装LAMP,使用yum安装,解决依赖关系

[root@localhost ~]# mkdir /mnt/cdrom

[root@localhost ~]# mount /dev/cdrom /mnt/cdrom

[root@localhost ~]# vim /etc/yum.repos.d/rhel-debuginfo.repo     #编辑yum客户端

[rhel-server]

name=Red Hat Enterprise Linux server

baseurl=file:///mnt/cdrom/Server

enabled=1

gpgcheck=1

gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release

[root@localhost ~]# yum grouplist           #查看编译环境,并且都已经安装

Installed Groups:

   Administration Tools

   Development Libraries

   Development Tools

   Editors

   GNOME Desktop Environment

   Games and Entertainment

   Graphical Internet

   Graphics

   Legacy Network Server

   Legacy Software Development

   Legacy Software Support

   Mail Server

   Network Servers

   Office/Productivity

   Printing Support

   Server Configuration Tools

   Sound and Video

   System Tools

   Text-based Internet

   Web Server

   X Software Development

   X Window System

安装LAMP所需的软件包

[root@localhost ~]# yum install httpd php php-mysql php-mbstring mysql mysql-server mysql-devel

安装完成后启动服务

[root@localhost ~]# service httpd start

启动 httpd                                               [确定]

[root@localhost ~]# netstat -tupln |grep mysql

tcp        0      0 0.0.0 .0:3306                0.0.0 .0:*                   LISTEN      4726/mysqld        

[root@localhost ~]# mysqladmin -u root -p password '123'

Enter password:                                      #设备mysql的管理帐号和密码

LAMP安装完成

2)安装pure-ftpd服务器

把需要的源代码和文件放在一个文件夹pureftp中,传到root目录下

[root@localhost pureftp]# ll

total 10804

-rw-r--r-- 1 root root    29148 May  4 08:42 PureAdmin-0.3.tar.gz

-rw-r--r-- 1 root root   578781 May  4 08:42 pure-ftpd- 1.0.36 .tar.gz

-rw-r--r-- 1 root root     4718 May  4 08:42 pureftpd-mysql.conf

-rw-r--r-- 1 root root     2102 May  4 14:47 pureftp.sql

[root@localhost pureftp]# tar -zxvf pure-ftpd- 1.0.36 .tar.gz -C /usr/local/src

[root@localhost pureftp]# cd /usr/local/src/pure-ftpd- 1.0.36

[root@localhost pure-ftpd- 1.0.36 ]# ./configure \

>       --prefix=/usr/local/pureftpd \         #安装目录

>        --with-mysql \                    #连接数据库进行身份验证

>        --with-shadow \                 #本地帐号验证

>        --with-pam  \

>         --with-welcomemsg   \

>        --with-uploadscript  \

>        --with-cookie   \

>        --with-virtualchroot \

>        --with-virtualhosts \

>        --with-diraliases \

>        --with-quotas \           #配额限制

>        --with-puredb \        #虚拟帐号和本地帐号映射

>        --with-sysquotas \

>         --with-ratios \

>        --with-ftpwho \

>       --with-throttling \

>       --with-language=simplified-chinese

[root@localhost pure-ftpd- 1.0.36 ]# make

[root@localhost pure-ftpd- 1.0.36 ]# make install

在上面的安装过程中并没有配置文件的目录,我们查看默认存放位置是在安装目录的/etc

[root@localhost pure-ftpd- 1.0.36 ]# ./configure --help |grep sysconf

  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]

[root@localhost pure-ftpd- 1.0.36 ]# cd /usr/local/pureftpd/  #切换到安装目录

[root@localhost pureftpd]# ll

total 12

drwxr-xr-x 2 root root 4096 May  4 12:42 bin

drwxr-xr-x 2 root root 4096 May  4 12:42 sbin

drwxr-xr-x 3 root root 4096 May  4 12:42 share

[root@localhost pureftpd]# mkdir etc        #没有etc文件夹,创建文件夹

为了方便管理服务器需要控制脚本和配置文件,我们就去源码目录下去查找

[root@localhost pureftpd]# cd /usr/local/src/pure-ftpd- 1.0.36 /

[root@localhost pure-ftpd- 1.0.36 ]# cd configuration-file/      #存放文件

[root@localhost configuration-file]# ls

Makefile     pure-config.pl     pure-config.py.in

Makefile.am  pure-config.pl.in  pure-ftpd.conf

Makefile.in  pure-config.py     pure-ftpd.conf.in

Pure-config.plftp服务器的启动可执行文件,拷贝到安装目录的sbin目录下

[root@localhost configuration-file]# cp pure-config.pl /usr/local/pureftpd/sbin

[root@localhostconfiguration-file]#chmod a+x /usr/local/pureftpd/sbin/pure-config.pl        #改变权限可执行

pure-ftpd.confftp的配置文件,拷贝到安装目录的/etc目录下

[root@localhost configuration-file]# cp pure-ftpd.conf /usr/local/pureftpd/etc

我们再查找控制文件,回到源码目录下

[root@localhost configuration-file]# cd ..

[root@localhost pure-ftpd- 1.0.36 ]# cd contrib/      #存放文件

[root@localhost contrib]# ls

Makefile     Makefile.in   pure-vpopauth.pl  suse.init

Makefile.am  pure-stat.pl  redhat.init       xml_python_processors.txt

[root@localhost contrib]# grep start *  #基于当前目录下所有文件查找含有start

redhat.init:start() {

redhat.init:    start)

redhat.init:            start

redhat.init:    restart)

redhat.init:            start

redhat.init:    condrestart)

redhat.init:                    start

redhat.init:            echo $"Usage: $prog {start|stop|restart|condrestart|status}"

所以redhat.init就是ftp的控制脚本

[root@localhost contrib]# cp redhat.init /etc/init.d/pureftpd

[root@localhost contrib]# chmod a+x /etc/init.d/pureftpd

[root@localhost contrib]# vim /etc/init.d/pureftpd         #改变一些路径,其他不用修改

#!/bin/bash

#

# Startup script for the pure-ftpd FTP Server  $Revision: 1.3 $

#

# chkconfig: 2345 85 15

# description: Pure-FTPd is an FTP server daemon based upon Troll-FTPd

# processname: pure-ftpd

# pidfile: /var/run/pure-ftpd.pid

# config: /etc/pure-ftpd.conf

 

# Source function library.

. /etc/rc.d/init.d/functions

RETVAL=0

# Path to the pure-ftp binaries.

prog=pure-config.pl

fullpath=/usr/local/pureftpd/sbin/$prog

pureftpwho=/usr/local/pureftpd/sbin/pure-ftpwho

start() {

        echo -n $"Starting $prog: "

$fullpath /usr/local/pureftpd/etc/pure-ftpd.conf --daemonize

        RETVAL=$?

        [ $RETVAL = 0 ] && touch /var/lock/subsys/$prog

        echo

}

stop() {

        echo -n $"Stopping $prog: "

        kill $(cat /var/run/pure-ftpd.pid)

        RETVAL=$?

        [ $RETVAL = 0 ] && rm -f /var/lock/subsys/$prog

        echo

}

# See how we were called.

case "$1" in

        start)

                start

                ;;

        stop)

                stop

                ;;

        restart)

stop

                start

                ;;

        condrestart)

                if [ -f /var/lock/subsys/$prog ] ; then

                        stop

                        # avoid race

                        sleep 3

                        start

                fi

                ;;

        status)

                status $prog

                RETVAL=$?

                if [ -f $pureftpwho ] && [ $RETVAL -eq 0 ] ; then

                        $pureftpwho

                fi

                ;;

        *)

                echo $"Usage: $prog {start|stop|restart|condrestart|status}"

                RETVAL=1

esac

exit $RETVAL

[root@localhost ~]# service pureftpd start

启动 pure-config.plRunning: /usr/local/pureftpd/sbin/pure-ftpd --daemonize -A -c50 -B -C8 -D -fftp -H -I15 -L10000:8 -m4 -s -U133:022 -u100 -k99 –Z

3mysql中导入一些库和表格,实现管理员注册帐号和ftp登录,打开导入文件

[root@localhost pureftp]# vim pureftp.sql

INSERT INTO admin VALUES ('admin',MD5('123'));       #大约50行修改密码为123

15行要去掉一个横杠

[root@localhost pureftp]# mysql -u root -p <pureftp.sql       #导入输入密码

Enter password:

查看导入数据

[root@localhost ~]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 5

Server version: 5.0.77 Source distribution

 

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

 

mysql> show databases;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| ftpusers           |

| mysql              |

| test               |

+--------------------+

4 rows in set (0.01 sec)

mysql> use ftpusers;

mysql> show tables;

+--------------------+

| Tables_in_ftpusers |

+--------------------+

| admin              |

| users              |

+--------------------+

2 rows in set (0.01 sec)

mysql> select * from admin;

+----------+----------------------------------+

| Username | Password                         |

+----------+----------------------------------+

| admin    | 202cb962ac59075b964b07152d234b70 |

+----------+----------------------------------+

1 row in set (0.00 sec)

4pure-ftpmysql的调度通过pureftpd-mysql.conf连接

数据库和表格创建完后要授权给一个用户来管理,添加连接mysql用户

先用root登录mysql,执行

[root@localhost ~]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 6

Server version: 5.0.77 Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> grant all privileges on ftpusers.* to ftp@localhost identified by 'tmppasswd';

Query OK, 0 rows affected (0.05 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

mysql> \q

Bye

把连接ftpmysql的文件拷贝到安装目录的/etc目录下

[root@localhost pureftp]# cp pureftpd-mysql.conf  /usr/local/pureftpd/etc

[root@localhost pureftp]# vim /usr/local/pureftpd/etc/pureftpd-mysql.conf  #修改文件内容

MYSQLServer     127.0.0.1      #12

MYSQLPort       3306          #17

MYSQLPassword   tmppasswd    #32

MYSQLCrypt      md5         #45

改变pure-ftpd的配置文件使能找到连接文件

[root@localhost etc]# vim pure-ftpd.conf

MySQLConfigFile               /usr/local/pureftpd/etc/pureftpd-mysql.conf

#116行打开连接数据库的文件路径

PureDB                        /usr/local/pureftpd/etc/pureftpd.pdb

#126行打开虚拟帐号映射为本地帐号的功能

CreateHomeDir               yes

#336行打开用户创建家目录

5)后台管理员管理是以网页的形式,管理界面叫pureadmin它基于phppureadmin里面存放的是网页,所以我们把该源码直接释放到站点下

[root@localhost pureftp]# tar -zxvf PureAdmin-0.3.tar.gz -C /var/www/html

[root@localhost pureftp]# cd /var/www/html

[root@localhost html]# ll

total 8

-rw-r--r-- 1 root root   20 May  4 11:51 index.php

drwxr-xr-x 4 root   80 4096 Mar 22  2009 PureAdmin-0.3

[root@localhost html]# mv PureAdmin-0.3 pureadmin       #改成容易记的名字

改变pureadmin的配置文件来找到mysql数据库

[root@localhost pureadmin]# vim config.php

$cfg['dbname']='ftpusers';  //mysql db name          #3行数据库名称

$cfg['dbuser']='ftp';           //mysql user          #4行管理帐号名

$cfg['dbpasswd']='tmppasswd';           //mysql password     #5行密码

$cfg['passwdtype']='MD5';           #10行加密

$cfg['dir']='/ftproot/'; //dir        #14行创建家目录

创建家目录

[root@localhost pureadmin]# mkdir /ftproot      

[root@localhost pureadmin]# useradd virtualftp -s /sbin/nologin -d /ftproot/

[root@localhost pureadmin]# ll -d /ftproot/

drwxr-xr-x 2 root root 4096 May  4 16:24 /ftproot/

[root@localhost pureadmin]# chown virtualftp.virtualftp /ftproot/    #改变所有者

[root@localhost pureadmin]# chmod -R 777 /ftproot/    #改变家目录权限

这样管理员就可以注册帐号了,但是当用户通过ftp进行登录时使用虚拟帐号,虚拟帐号要映射到本地帐号,运用数据库来完成映射

[root@localhost pureadmin]# cd /usr/local/pureftpd/etc

[root@localhost etc]# /usr/local/pureftpd/bin/pure-pw useradd user1 -u virtualftp -g virtualftp -d /ftproot/user1 -m

Password:

Enter it again:

#user1是用户名,-u virtualftp是其实际的linux用户,-d指定起始目录,并锁定于该目录。如果不锁定,则用-D;如果需要不同的权限,可以建立新的linux用户与组,如果用的系统自带的ftp用户,这样的话还需修改配置文件pure-ftpd.conf中的MinUIDftp用户的UID 14,否则登录时会出现530错误;所以这里建议创建另一个非系统自带的用户做映射

[root@localhostetc]#/usr/local/pureftpd/bin/pure-pwmkdb/usr/local/pureftpd/pureftpd.pdb          #建立用户数据库,今后每添加或修改用户数据库都应该执行一次mkdb

重启服务

[root@localhost etc]# service httpd restart

停止 httpd                                               [确定]

启动 httpd                                               [确定]

[root@localhost etc]# service mysqld restart

停止 MySQL                                               [确定]

启动 MySQL                                               [确定]

[root@localhost etc]# service pureftpd restart

停止 pure-config.pl

启动 pure-config.plRunning: /usr/local/pureftpd/sbin/pure-ftpd --daemonize -A -c50 -B -C8 -D -fftp -H -I15 -lmysql:/usr/local/pureftpd/etc/pureftpd-mysql.conf -lpuredb:/usr/local/pureftpd/etc/pureftpd.pdb -L10000:8 -m4 -s -U133:022 -u100 -j -k99 –Z

测试后台管理员注册帐号

[root@localhost etc]# mysql -u root p

mysql> show databases;

mysql> show databases;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| ftpusers           |

| mysql              |

| test               |

+--------------------+

4 rows in set (0.00 sec)

 

mysql> use ftpusers;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

 

Database changed

mysql> show tables;

+--------------------+

| Tables_in_ftpusers |

+--------------------+

| admin              |

| users              |

+--------------------+

2 rows in set (0.00 sec)

 

mysql> select * from users;

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

| User  | Password                         | Uid  | Gid  | Dir            | QuotaFiles | QuotaSize | ULBandwidth | DLBandwidth | Ipaddress | Comment | Status | ULRatio | DLRatio |

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

| user1 | 202cb962ac59075b964b07152d234b70 | 1000 | 1000 | /ftproot/user1 |          0 |       100 |           0 |           0 | *         |         | 1      |       0 |       0 |

| user2 | 202cb962ac59075b964b07152d234b70 | 1000 | 1000 | /ftproot/user2 |          0 |       100 |           0 |           0 | *         |         | 1      |       0 |       0 |

+-------+----------------------------------+------+------+----------------+------------+-----------+-------------+-------------+-----------+---------+--------+---------+---------+

2 rows in set (0.00 sec)

在物理机进行登录ftp

[root@localhost pureftp]# ll /ftproot/

total 4

drwxr-xr-x 2 1000 1000 4096 May  4 17:05 user2

你可能感兴趣的:(pure-ftp的配置)