Proftpd 配置
1、下载proftpd. 地址为: http://proftpd.org
2、编译安装
?
./configure --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql --with-includes=/usr/local/mysql/include/mysql --with-libraries=/usr/local/mysql/lib/mysql --enable-ctrls --enable-nls --enable-shadow --enable-dso --enable-autoshadow --enable-auth-pammake make install
proftpd默认安装在/usr/local/sbin中,若需要换目录,则在编译时候指定 --prefix=/usr/local/proftpd
3、配置mysql
(1)修改配置,centos中默认mysql的配置地点在/etc/my.cnf,可以加上指定编码为UTF-8
?
[mysqld]datadir=/var/lib/mysqlsocket=/var/lib/mysql/mysql.sockuser=mysql# Disabling symbolic-links is recommended to prevent assorted security riskssymbolic-links=0character-set-server=UTF8[mysqld_safe]log-error=/var/log/mysqld.logpid-file=/var/run/mysqld/mysqld.pid[mysql]default-character-set=UTF8
(2)启动数据库
(3)修改数据库ROOT密码
?
mysqladmin -uroot password 'password' --'password'为你想指定的密码
(4)创建数据库及增加用户
mysql -uroot -ppassword
?
create database proftpd default charset UTF8;grant all privileges on proftpd.* to proftpd@localhost identified by 'proftpd'
(5)增加数据库表
?
CREATE TABLE `ftpuser` ( `userid` text NOT NULL, `passwd` text NOT NULL, `uid` int(11) NOT NULL, `gid` int(11) NOT NULL, `homedir` text, `shell` text, `count` int(11) NOT NULL DEFAULT '0', `accessed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00') CREATE TABLE `ftpgroup` ( `groupname` text NOT NULL, `gid` smallint(6) NOT NULL, `members` text NOT NULL)CREATE TABLE `quotalimits` ( `quota_name` varchar(30) DEFAULT NULL, `quota_type` enum('user','group','class','all') NOT NULL, `per_session` enum('false','true') NOT NULL, `limit_type` enum('soft','hard') NOT NULL, `bytes_in_avail` float NOT NULL, `bytes_out_avail` float NOT NULL, `bytes_xfer_avail` float NOT NULL, `files_in_avail` int(10) unsigned NOT NULL, `files_out_avail` int(10) unsigned NOT NULL, `files_xfer_avail` int(10) unsigned NOT NULL) CREATE TABLE `quotatallies` ( `quota_name` varchar(30) NOT NULL, `quota_type` enum('user','group','class','all') NOT NULL, `bytes_in_used` float NOT NULL, `bytes_out_used` float NOT NULL, `bytes_xfer_used` float NOT NULL, `files_in_used` int(10) unsigned NOT NULL, `files_out_used` int(10) unsigned NOT NULL, `files_xfer_used` int(10) unsigned NOT NULL)
4、配置/usr/local/etc/proftpd.conf,完整配置如下:
?
# This is a basic ProFTPD configuration file (rename it to # 'proftpd.conf' for actual use. It establishes a single server# and a single anonymous login. It assumes that you have a user/group# "nobody" and "ftp" for normal operation and anon.ServerName"FTP Server in HK"ServerTypestandaloneDefaultServeron# Port 21 is the standard FTP port.Port21#UseEncoding UTF-8 GBK# Don't use IPv6 support by default.UseIPv6off# Umask 022 is a good standard umask to prevent new dirs and files# from being group and world writable.Umask022# To prevent DoS attacks, set the maximum number of child processes# to 30. If you need to allow more than 30 concurrent connections# at once, simply increase this value. Note that this ONLY works# in standalone mode, in inetd mode you should use an inetd server# that allows you to limit maximum number of processes per service# (such as xinetd).MaxInstances30# Set the user and group under which the server will run.UserftpUserGroupftpGroup# To cause every FTP user to be "jailed" (chrooted) into their home# directory, uncomment this line.#DefaultRoot ~# Normally, we want files to be overwriteable.AllowOverwriteon# Bar use of SITE CHMOD by default<Limit SITE_CHMOD> DenyAll</Limit># A basic anonymous configuration, no upload directories. If you do not# want anonymous users, simply delete this entire <Anonymous> section.#<Anonymous ~ftp># Userftp# Groupftp # We want clients to be able to login with "anonymous" as well as "ftp"# UserAliasanonymous ftp # Limit the maximum number of anonymous logins# MaxClients10 # We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory.# DisplayLoginwelcome.msg# DisplayChdir.message # Limit WRITE everywhere in the anonymous chroot# <Limit WRITE># DenyAll# </Limit>#</Anonymous>QuotaEngine onQuotaDirectoryTally onQuotaDisplayUnits "Kb"QuotaLog "/usr/local/proftpd/var/quota"QuotaShowQuotas onSQLNamedQuery get-quota-limit SELECT "quota_name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE quota_name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery get-quota-tally SELECT "quota_name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE quota_name = '%{0}' AND quota_type = '%{1}'"SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE quota_name = '%{6}' AND quota_type = '%{7}'" quotatalliesSQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatalliesQuotaLimitTable sql:/get-quota-limitQuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tallySQLConnectInfo proftpd@localhost:3366 proftpd proftpdSQLAuthTypes Backend PlaintextSQLUserInfo ftpuser userid passwd uid gid homedir shellSQLGroupInfo ftpgroup groupname gid membersRequireValidShell offSQLAuthenticate users groups usersetfast groupsetfastCreateHome onSQLLog PASS updatecountSQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuserSQLLog STOR,DELE modifiedSQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuserDeferWelcome onRootLogin off
6、创建FTP用的用户和群组,在配置文件中使用的。
?
groupadd –g 2012 ftpGroupuseradd –u 2012 –g ftpGroup –d /data ftpUser
7、插入用户至数据库表中(这是实际使用当中的FTP账号)
?
INSERT INTO `proftpd`.`ftpuser`(`userid`,`passwd`,`uid`,`gid`,`homedir`,`shell`,`count`,`accessed`,`modified`)VALUES('proftpd',password('proftpd'),2012,2012,'/data/ftp/proftpd','/bin/nologin',0,'0000-00-00 00:00:00','0000-00-00 00:00:00');INSERT INTO `proftpd`.`ftpgroup`(`groupname`,`gid`,`members`)VALUES('ftpGroup',2012,'ftpUsers');
8、启动mysql,proftpd
?
/etc/init.d/mysqld start/usr/local/sbin/proftpd
?
9、其它
(1)如何将proftpd加入到服务当中
a. 复制源文件中 contrib/dist/rpm/proftpd.init.d 至 /etc/init.d中
b. 编辑 /etc/init.d/functions中,在path后面加上 /usr/local/sbin
c. 编辑 /etc/init.d/proftpd, 改其中 为 [ -x /usr/local/sbin/proftpd ] || exit 5
d. 将proftpd改为可执行
?
chmod +x /etc/init.d/proftpd
e. 添加服务
chkconfig --level 35 proftpd onchkconfig --add proftpd
(2)从外面访问不到,要注意防火墙的问题,编辑 /etc/sysconfig/iptables, 是里面加入
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
重新启动
/etc/init.d/iptables restart
(3)如果通过ssh访问的时候,有乱码,可以编辑 /etc/sysconfig/i18n
?
LANG="zh_CN.UTF-8"SUPPORTED="zh_CN:zh_CN.UTF-8:zh_CN.GBK:zh:en_US.UTF-8:en_US:en"SYSFONT="latarcyrheb-sun16"
(4)对于用户上传下载数量的限制,通过quota来实现,在quota*表中插入数据,具体可以GOOGLE
?