Configure common pure ftpd functions on ubuntu9.10 Server

Source: Internet
Author: User
Tags ftp protocol

This document describes how to install pure-ftpd on ubuntu9.10server. Set pure-ftpd for the following purposes:
1) add your own authentication module to verify the user name and password
2) allow dynamic creation of User Directories
3) users can only access their own directories.
4) The user will be notified after the file is uploaded.

Create an FTP root directory

Create the pureftproot directory in/and change the permission:
Chenshu @ csserver:/$ sudo mkdir pureftproot
Chenshu @ csserver:/$ sudo chmod 777./pureftproot/

Create System groups and users used by all ftp users

Add a user group first:
Sudo groupadd pureftp

Then add a user for all the virtual users of pureftp:
Sudo useradd-G pureftp-D/home/ftp-S/sbin/nologin pureftpuser

View UID and GID:
Chenshu @ csserver :~ $ Id pureftpuser
Uid = 1003 (pureftpuser) gid = 1002 (pureftp) groups = 1002 (pureftp)

Installer

Sudo apt-Get install pure-ftpd

Configure ftp users to only allow them to access their own directories

New file/etc/pure-ftpd/CONF/chrooteveryone
Content:
Yes

This causes the parameter-a to appear during startup.

Configure to automatically create the user's home directory

Create a file/etc/pure-ftpd/CONF/createhomedir
Content:
Yes

This causes the parameter-J to appear during startup.

Configure ftp to call the upload script after the upload is successful

New file/etc/pure-ftpd/CONF/calluploadscript
Content:
Yes

This causes the-O parameter to appear during startup.


Configure the/etc/default/pure-ftpd-common file as follows:

# Configuration for pure-ftpd
# (This file is sourced by/bin/sh, edit accordingly)

# Standalone_or_inetd
# Valid values are "standalone" and "inetd ".
# Any change here overrides the setting in debconf.
Standalone_or_inetd = Standalone

# Virtualchroot:
# Whether to use binary with virtualchroot support
# Valid values are "true" or "false"
# Any change here overrides the setting in debconf.
Virtualchroot = false

# Uploadscript: if this is set and the daemon is run in standalone mode,
# Pure-uploadscript will also be run to spawn the program given below
# For handling uploads. See/usr/share/doc/pure-ftpd/readme.gz or
# Pure-uploadscript (8)

# Example: uploadscript =/usr/local/sbin/uploadhandler. pl
Uploadscript =/usr/sbin/upload2.sh

# If set, pure-uploadscript will spawn $ uploadscript running as
# Given UID and GID
Uploaduid = 1002
Uploadgid = 1003

Note:

Both UID and GID belong to the user pureftpuser. It is strange that the UID: 0 and GID: 0 of the root user cannot be used.

The upload2.sh file must be in the/usr/sbin directory. Otherwise, the file is invalid.

Script content:
#! /Bin/sh
Echo "$1">/tmp/pure-was-here $ (date + % Y % m % d % H % m % s)

Restart the service and observe that all the parameters-a-j-o are in
Chenshu @ csserver :~ $ Sudo/etc/init. d/pure-ftpd restart
Restarting FTP server: running:/usr/sbin/pure-ftpd-l pam-a-o CLF:/var/log/pure-ftpd/transfer. log-8 UTF-8-H-J-e-o-u 1000-B

Restart the computer and check the service:
Chenshu @ csserver :~ $ PS-Def | grep pure
Root 1222 1 0? 00:00:00 pure-ftpd (server)
Root 1225 1 0? 00:00:00/usr/sbin/pure-uploadscript-r/usr/sbin/upload2.sh-B-u 1002-G 1003

The second line starts the pure-uploadscript command. The parameter is configured in the/etc/pure-ftpd/CONF/calluploadscript file.

Configure the custom verification module

Create a simple verification script/home/chenshu/ftp-auth-Handler
#!
/Bin/sh
 

If test "$ authd_account" = "John"; then
Echo 'auth _ OK: 1'
Echo 'uid: 1003'
Echo 'Gid: 1002'
Echo 'dir:/pureftproot/john'
Echo 'slow _ tilde_expansion: 0'
Elif test "$ authd_account" = "Mike"; then
Echo 'auth _ OK: 1'
Echo 'uid: 1003'
Echo 'Gid: 1002'
Echo 'dir:/pureftproot/mike'
Echo 'slow _ tilde_expansion: 1'
Else
Echo 'auth _ OK: 0'
Fi
Echo 'end'

Note: Modify permissions
Sudo chmod 777/home/chenshu/ftp-auth-Handler

Currently, I have been using the configuration file to read these configuration files through pure-ftpd-wrapper and generate pure-ftpd parameters. However, when I use a custom verification module, I have not found the configuration method, so I can only use the following method:

First, delete the default startup command.

Chenshu @ csserver:/home/pureftp $ sudo update-rc.d-f pure-ftpd remove
Removing any system startup links for/etc/init. d/pure-ftpd...
/Etc/rc1.d/K80pure-ftpd
/Etc/rc2.d/S20pure-ftpd
/Etc/rc3.d/S20pure-ftpd
/Etc/rc4.d/S20pure-ftpd
/Etc/rc5.d/S20pure-ftpd

First create a boot script, my is/etc/init. d/myshell
Chmod 755/etc/init. d/myshell

Create a soft link named s99myshell.

Sudo ln-S/etc/init. d/myshell/etc/rc2.d/s99myshell

S: start execution

99 indicates the execution order

Myshell is the file name

 

Then, the content of the self-starting script file is as follows:
Pure-authd-S/var/run/ftpd. Sock-r/home/chenshu/ftp-auth-handler &
/Usr/sbin/pure-ftpd-l extauth:/var/run/ftpd. sock-a-o CLF:/var/log/pure-ftpd/transfer. log-8 UTF-8-H-J-e-o-u 1000-B
/Usr/sbin/pure-uploadscript-r/usr/sbin/upload2.sh-B-u 1003-G 1002

Test now:
Enter John or Mike to log on. The user directory is automatically created and can only be used. After the file is uploaded, the file written by the upload script will appear in the/tmp directory.

Logs

The log file is in the/var/log/pure-ftpd/directory. According to our previous configuration, if the file is uploaded, A/var/log/pure-ftpd/transfer. log file will be generated.
However, some FTP service logs are recorded in/var/log/message by default. For example, the following content:

Jan 14 18:44:18 csserver pure-ftpd :(? @ 192.168.0.100) [info] new connection from 192.168.0.100
Jan 14 18:44:19 csserver pure-ftpd :(? @ 192.168.0.100) [info] John is now logged in
Jan 14 18:44:19 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/etc: no such file or directory
Jan 14 18:44:19 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/Home: no such file or directory
Jan 14 18:44:19 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/pureftproot: no such file or directory
Jan 14 18:44:19 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/untitled Folder: no such file or directory
Jan 14 18:44:19 csserver pure-ftpd :(? @ 192.168.0.100) [info] new connection from 192.168.0.100
Jan 14 18:44:19 csserver pure-ftpd :(? @ 192.168.0.100) [info] John is now logged in
Jan 14 18:44:19 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/untitled Folder: no such file or directory
Jan 14 18:46:58 csserver pure-ftpd: (john@192.168.0.100) [info] Can't change directory to/test_data60000.csv2: no such file or directory
Jan 14 18:46:59 csserver pure-ftpd: (john@192.168.0.100) [Notice]/pureftproot/John // test_data60000.csv2 uploaded (14499310 bytes, 11446.58kb/sec)
Jan 14 19:01:59 csserver pure-ftpd: (john@192.168.0.100) [info] timeout-try typing a little faster next time
Jan 14 19:01:59 csserver pure-ftpd: (john@192.168.0.100) [info] timeout-try typing a little faster next time

Pureftp is not perfect

Although it takes a lot of effort to complete the configuration. However, the test results made me very uncomfortable.
First, if I upload 7 files at a time. The upload script reports only three files, and the rest are lost. If I upload one by one, it will be okay.
If I upload a large file and cancel it in the middle, pureftp will consider it as a file that has been uploaded. This may be related to the fact that the FTP protocol does not record the source file size.
The only better way is to automatically create user directories, but this can be easily implemented by yourself. Is it mkdir.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.