After each new installation of the server, will be a series of configuration, installation software, modify configuration, etc., in order to better deploy vsftpd in the future, I hereby write a script for deployment
There are three ways to log on to FTP, anonymous logon, local user logon, and virtual user logon.
Anonymous Logon: Use the default username when you log on to FTP, typically FTP or anonymous.
Local user logon: Log on using the system user, in/etc/passwd.
Virtual User login: This is an FTP proprietary user, there are two ways to implement virtual users, local data files and database servers.
FTP Virtual user is the exclusive user of FTP server, using Virtual user login FTP, can only access the resources provided by FTP server, greatly enhance the security of the system.
The code is as follows |
Copy Code |
#!/bin/bash ######################################### ######### descprition ################## # 1. Install VSFTPD # 2. Configuring VSFTPD Virtualization ######################################## #init variables Path=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin Export PATH
Ff_outputdir=/tmp/liufofu curdate=$ (Date +%y%m%d) curtime=$ (Date +%h%m%s) Ff_logfile=${ff_outputdir}/$$.log # if [!-e ${ff_outputdir}];then Mkdir-p ${ff_outputdir} Fi
#处理过程中产生的日志由日志函数来进行处理记录 function log () { echo "' Date +"%y:%m:%d%h-%m-%s "$" >> ${ff_logfile} }
Yum-y Install VSFTPD Yum-y Install Db4-utils #生成vsftpd配置文件 Cat >/etc/vsftpd/vsftpd.conf<<eof Anonymous_enable=no Local_enable=yes Write_enable=yes local_umask=022 Log_ftp_protocol=yes Dirmessage_enable=yes Xferlog_enable=yes Connect_from_port_20=yes Xferlog_file=/var/log/xferlog Xferlog_std_format=yes Chroot_list_enable=yes Chroot_list_file=/etc/vsftpd/chroot_list Listen=yes Pam_service_name=vsftpd Guest_enable=yes #guest_username =www Dual_log_enable=yes Vsftpd_log_file=/var/log/vsftpd.log User_config_dir=/etc/vsftpd/vuser_conf Userlist_enable=yes Tcp_wrappers=yes #listen_address =172.20.1.175 #listen_port =21000 Virtual_use_local_privs=yes Eof Log "Generate VSFTPD configuration file" #创建虚拟用户目录 if [!-e/etc/vsftpd/vuser_conf];then Mkdir-p/etc/vsftpd/vuser_conf Fi Log "Create Virtual User directory" #创建测试用户的根目录 if [!-e/var/www/html/liufofu];then Mkdir-p/var/www/html/liufofu Fi Log "Create Virtual User directory" #创建测试用户 Cat >/etc/vsftpd/vuser_conf/liufofu<<eof Local_root=/var/www/html/liufofu Write_enable=yes Anon_world_readable_only=no Anon_upload_enable=yes Anon_mkdir_write_enable=yes Anon_other_write_enable=yes Eof
#限制虚拟用户的虚根 Ls-l/etc/vsftpd/vuser_conf| Grep-v Total | awk ' {print $NF} ' >/etc/vsftpd/chroot_list
#设置虚拟用户名和密码 Cat >/etc/vsftpd/ftplogins.txt<<eof Liufofu Liufofu Eof
if [-f/etc/vsftpd/ftplogins.txt];then chmod 600/etc/vsftpd/ftplogins.txt Fi
#设置vsftpd的虚拟验证方法 If [$ (uname-a | grep x86_64 | wc-l)-eq 1];then Cat >/etc/pam.d/vsftpd<<eof #%pam-1.0 Auth required/lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd Account Required/lib64/security/pam_userdb.so DB=/ETC/VSFTPD/VSFTPD Eof Else Cat >/etc/pam.d/vsftpd<<eof #%pam-1.0 Auth required/lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd Account Required/lib/security/pam_userdb.so DB=/ETC/VSFTPD/VSFTPD Eof Fi Log "Set VSFTPD Virtual authentication method" #建立vsftpd的宿主用户 If [$ (grep vsftpd/etc/passwd)-lt 1];then Useradd vsftpd-s/sbin/nologin Usermod-a-G www vsftpd Fi Log "Set up a vsftpd host user"
Db_load-t-T Hash-f/etc/vsftpd/ftplogins.txt/etc/vsftpd/vsftpd.db Log "Generate Virtual user database" #启动vsftpd Service VSFTPD Start |