注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

骐骥一跃

日积跬步 业精于勤荒于嬉

 
 
 

日志

 
 

[存档]PureFTPd Server on FreeBSD  

2010-12-09 15:03:07|  分类: FTP |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
http://machiel.generaal.net/index.php?subject=pureftpd&language=eng#subject_7

Written by M.Mastenbroek October 2003 / Document version 2.1 ( Updated 29 September 2005)

Index:

Foreword

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
This HowTo explains how to configure PureFTPd on FreeBSD.
The grey coloured boxes show the effective steps you will need to execute.

Before I decided to use PureFTPd I tried almost any available FTP server for FreeBSD.
One of the benefits of PureFTPd is the large scale of options that can be maintained for every individual FTP account. Eventual I found PureFTPd the best choice for FreeBSD.

Some advantages of PureFTPd:
  • Easy to configure.
  • Good overview of the activity on the ftp server.
  • Easy to maintenance.
  • Support for virtual users and shell users.
  • Chroot support
  • Support for FXP protocol
  • Ratio support
  • Anti-warez technique.
  • Possibility to reduce the bandwidth. (throttling)
  • Possibility to reduce the file size. (virtual quoata's)
  • And PureFTPd is a very secure ftp server *

*There are no exploits available for PureFTPd (source: http://packetstormsecurity.org)

Requirements

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
  • FreeBSD 4.x or higher
  • Basis knowledge of Unix and a root shell
  • Basis knowledge of MySQL *
*This knowledge is not required for PureFTPd, but this HowTo contains a PureFTPd configuration in conjunction with a MySQL database.

Step 1 installation of PureFTPd & MySQL.

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
Installation of the MySQL server:

If there isn’t any MySQL server installed on your system you can follow these installation instructions to install a MySQL server.
If you already have a MySQL server installed you can start with the installation of the PurFTPd server.

Shell:
cd /usr/ports/databases/mysql40-server
make install clean

It’s also possible to choose for a different version of MySQL, for the working of PureFTPd server this will make no sense.

After the installation you need to add the following lines into your 'rc.conf' file located in your '/etc' directory.

Editor:
# MySQL Server 4.0
mysql_enable="YES"
mysqllimits_enable="NO"

After the installaltion you must start the MySQL server.

Shell:
/usr/local/etc/rc.d/mysql-server.sh start

Installation of the PureFTPd server:

Shell:
cd /usr/ports/ftp/pure-ftpd
make config


Configuration options for PureFTPd port.



The following configuration screen appears, I suggest that you should take over these values, make sure that at least the MySQL option is selected.

Shell:
make install clean

After the installation you need to add the following lines to your 'rc.conf' file located in your '/etc' directory.

Editor:
# Pure-FTPd
pureftpd_enable="YES"


Step 2 creating a MySQL database.

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
PureFTPd allow two types of user.
  • Shell users: Shell users with a valid Unix account can reach there home directory by connecting the FTP server.
  • Virtual users: Virtual users are users that only exist for the FTP server, the database you create in this step will store the information of those users.
If you decided to use the 'User manager for PureFTPd', you can go directly to the following step because the 'installation wizard' for this software will also creates this database.

First you need a valid MySQL user, for example the user root, with enough privileges to create a database, two tables and (for security reasons) an new MySQL user with restricted privileges. To find out if you are using a valid MySQL user you can execute the following command.

'MySQL -u=[username] -p[=password]'

For example:

Shell:
mysql -u root -psecret

If it works you will go directly to the MySQL prompt, otherwise you must change your username or password.
Hint, if have just install the MySQL server the root users doesn’t have a password jet, just execute the command without the option '-p'

When you succeed you can download the MySQL installation script and execute the following command.

Shell:
fetch "http://machiel.generaal.net/files/pureftpd/v2.x/script.mysql"
mysql -u root -psecret < script.mysql

If there are no messages after the execution of this command than the sql script did his job. You now have created a new database users called 'ftp', and you created a database called 'ftpuser' with 2 tables.

Warning, don’t execute this command more than ones, this will irrevocable lead to errors

Step 3 configuration of PureFTPd.

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
This configuration, a PureFTPd server in conjunction with a MySQL database, needs the following two configuration files.
  1. pure-ftpd.conf: This file contains the main configuration of the FTP server for example: Maximum number of clients or the location of the LOG files.
  2. pureftpd-mysql.conf: This file tells the PureFTPd server how to handle the database.
Both files doesn’t exist when you just installed the the PureFTPd server, but the PureFTPd packages gives you 2 example files located in the '/usr/local/etc' directory. The first file is from the packages, the second one you can download from this website because there are to many differences between the sample file and the changes you else should have to do.

Go to the directory and copy / download those two files.

Shell:
cd /usr/local/etc
cp pure-ftpd.conf.sample pure-ftpd.conf
fetch "http://machiel.generaal.net/files/pureftpd/v2.x/pureftpd-mysql.conf"

Now you have both files, only the first one needed a small modification.

Edit the configuration file 'pure-ftpd.conf' and make sure that following line with the attribute 'MySQLConfigFile' is enabled and points to the right location.

Editor:
# MySQL configuration file (see README.MySQL)
MySQLConfigFile /usr/local/etc/pureftpd-mysql.conf

Step 4 start PureFTPd.

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
To start the PureFTPd server you have to execute the following line.

Shell:
/usr/local/etc/rc.d/pure-ftpd.sh start

And if you wish to stop the server just execute '/usr/local/etc/rc.d/pure-ftpd.sh stop'

Now you can manage your virtual ftp user by using a MySQL client.
You could use the command line MySQL client but there are also free graphical clients available. For example on the website of MySQL (http://www.mysql.org) you can download a graphical Linux, FreeBSD or Windows client called ‘MySQLGUI’. (also available in the port collection of FreeBSD ‘/usr/ports/databases/mysql-gui’)
A other option is to follow the next step in this document and install the User manager for PureFTPd.

Software requirements for User manager for PureFTPd (optionally)

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远

The User manager for PureFTPd allows administrators to easily create, change, or delete 'virtual' PureFTPd users.

Before you can install this software you need the following extra packages.
  • Apache
  • PHP Apache Module (mod_php)
  • And some PHP Extensions (php-extensions)

When you have already installed those packages you can go to the next step where you will find the installation instructions how to install the User manager for PureFTPd.

If you don’t have installed Apache you can follow these installation instructions to install Apache2.

Shell:
cd /usr/ports/www/apache2
make install clean

After the installation you need to add the following lines to your 'rc.conf' file located in your '/etc' directory.

Editor:
# Apache 2
apache2_enable="YES"

If you don’t have installed PHP Apache Module you can follow these installation instructions to install mod_php5.

Shell:
cd /usr/ports/www/mod_php5
make install clean

Make sure that you select APACHE2 during the installation process when you are using Apache 2

[X] APACHE2 Use apache 2.x instead of apache 1.3.x

After the installation of mod_php5 you should add the following to your Apache configuration file called 'httpd.conf' located in the '/usr/local/etc/apache2' directory.

Editor:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

Add also the attribute 'index.php' to the 'DirectoryIndex' parameter.
The result should look like this.

Editor:
DirectoryIndex index.php index.html index.html.var

If you don’t have installed PHP Extensions you can follow these installation instructions to install php5-extensions.

Shell:
cd /usr/ports/lang/php5-extensions
make config
make install clean

During the installation process you need to select the extensions you wish to install.
I suggest that you will not remove a default selected extension and only add the extension 'MYSQL' that is not selected by default.

Anyway, the minimum extensions required for the User manager for PureFTPd are:

[X] MYSQL MySQL database support
[X] PCRE Perl Compatible Regular Expression support
[X] POSIX POSIX-like functions
[X] SESSION session support

Finally if you just installed or changed one of those packages you will need to start / restart your web server to activate the changes you made.

Execute the following command to start / restart the Apache webserver.

Shell:
apachectl restart

Installation User manager for PureFTPd (optionally)

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
In this step you will find the installation instructions how to install the User manager for PureFTPd.

First you will need to download and extract this software in your 'www' directory of your web server. The following commands will do this, the last command prepares the config.php file by changing the owner of the file. Apache is now allowed to change the content of this file.

Shell:
cd /usr/local/www/data
fetch "http://machiel.generaal.net/files/pureftpd/ftp_v2.1.tar.gz"
tar -xvzf ftp_v2.1.tar.gz
cd ftp
chown www config.php

The last thing you have to do is running the 'installation wizard' called 'install.php' in your web browser.
This software will lead you step by step through the configuration of the User manager for PureFTPd.

Installation Wizard.

Web based pure-ftpwho (optionally)

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远

With the 'pure-ftpwho' commando the root user can see the actual status of the ftp server. This program is part of the PureFTPd distribution and can only executed by the root user. The pure-ftpwho command has a option to generate html output, this makes it possible to easily create a cgi application for your web server. The problem here is that for security reasons the web server doesn’t execute cgi applications at root level. To solve this problem I have made the following solution.

Create the following file 'ftpstatus.c' in your 'cgi-bin' directory of your web server (The default cgi-bin directory from Apache is '/usr/local/www/cgi-bin/') and take over this content.

Editor:
#include <stdlib.h>

int main(int argc, char *argv[])
{
  system("/usr/local/sbin/pure-ftpwho -H -w");
  return 0;
}

Compile the source code and change the execute rights. After that it doesn’t make any sense witch user execute the program, from now on the program will always have the permissions of the owner, in this case that will be the root user.

Shell:
cc -Wall -o ftpstatus ftpstatus.c
chmod 755 ftpstatus
chmod ug+s ftpstatus

The source file called 'ftpstatus.c' is not longer needed and can be removed. The status of the ftp server can now be viewed in your web browser. The address is something like this 'http://myipaddress.com/cgi-bin/ftpstatus’ change the text ‘myipaddress.com’ in your own ip-address or domain name.

The output of the cgi application in your web browser could look like this.

PureFTPd server activity.
[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远 F.A.Q.

  • I’m also running a firewall on my FreeBSD server, must I have to change the configuration?
    This is depending on your current configuration of your firewall rules but if you add the following 3 lines into your firewall, the ftp server can handle active and passive ftp clients. Of course you must watch out that other firewall rules doesn’t overrule this 3 new settings

    Firewall config:
    ipfw add allow tcp from any 20,21 to any out
    ipfw add allow tcp from any to any 20,21 in
    ipfw add pass tcp from any to any setup

  • It seems that FXP support only work locally and that it’s not available from the internet?
    Probably this had to do with your natd process in combination with the firewall configuration. Place the following 2 firewall rules BEFORE the natd firewall rules.

    Firewall config voor FXP:
    ipfw add allow tcp from any 20,21 to any out
    ipfw add allow tcp from any to any 20,21 in

    Hint: The natd firewall rule will look like this when you execute the command 'ipfw show’.
    'divert 8668 ip from any to any via xl0'

  • How can I change the password of the MySQL user ‘ftp’ ?
    Use your MySQL client and login as the MySQL root user. After that change the password from the ftp users.
    To do this try the following 2 lines. Change the text ‘newpassword’ for your own new password.

    Shell:
    mysql -u root -p
    set password for ftp@"127.0.0.1" = Password('newpassword');
    flush privileges;

    Warning: If you change the password of the database user ftp you must also have to change the configuration file of PureFTPd called ‘pureftpd-mysql.conf’ and if you are making use of the web application you must also have to change ‘config.php’ file

  • How can I change, remove, back-up or upgrade my MySQL database?
    It’s impossible to give you all the answers on those questions. If you want to learn how to work with SQL and MySQL there are many websites where you can find information about this subject. But I will show you a few quick MySQL/SQL tricks to help you on your way.

    Backup all table structures and table data from the 'ftpusers' database to a MySQL script.

    Shell:
    mysqldump -h localhost -uroot -psecret ftpusers > databasebackup.mysql

    Replace the text 'secret' for your own password.

    Remove your MySQL user called 'ftp' and delete the 'ftpusers' database.

    Shell:
    mysql -u root -p
    drop database ftpusers;
    delete from mysql.user where User='ftp';
    flush privileges;

    Create a MySQL user called 'ftp' an create the 'ftpusers' database.

    Shell:
    mysql -u root -p
    INSERT INTO mysql.user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES('127.0.0.1','ftp',PASSWORD('tmppasswd'),'Y','Y','Y','Y','N','N','N','N','N','N','N','N','N','N');
    flush privileges;
    create database ftpusers;

    In Step 2 of this document you can find a example how to import a MySQL script.

  • The installation of the MySQL server failed because the hostname isn’t correct?
    A frequent problem by the installation of the MySQL server is an incorrect hostname. The installation procedure failed and the following error appears.

    ...
    Sorry, the host '???????' could not be looked up.
    Please configure the 'hostname' command to return a correct hostname.
    If you want to solve this at a later stage, restart this script with
    the --force option
    *** Error code 1
    ...

    To solve this problem you must first check the current hostname. This can be done by executing the commando hostname. The output of this command will show you the current hostname. If it doesn’t show anything, you must first give your system a new hostname. You can do this by placing a new hostname after the hostname command. For example if your new hostname is 'server', you must execute the following line:

    Shell:
    hostname server

    Add the line (If it isn’t already done) 'hostname="server" into the '/etc/rc.conf' file.

    After this the hostname must represent the ip-address of the system. This can be done by adding an extra line into the '/etc/hosts' file. In this line you must make a relation between the name of the hostname and the ip-address. For example, if your hostname is 'server' and your ip-address is '192.168.0.1' the following line must be added.

    vi /etc/hosts:
    192.168.0.1        server

    Now it’s possible to check the hostname. You can di this by executing the following line.

    Shell:
    ping $(hostname)

    If the system response, you can continue your MySQL installation.

  • How do I install PureFTPd on Linux?
    The installation procedure of a PureFTPd package can differ by the different Linux distributions. Also the most PureFTPd packages for Linux doesn't have necessary MySQL support included. To handle this problem it's also possible to install PureFTPd by downloading the source code. After that the source code must be compiled with the necessary options, when succeed it could be installed on the system. This all can be done by following the next steps.

    Download the latest version of PureFTPd, this could be found here:

    ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/

    Extract the file, compile the source code and install PureFTPd.

    Shell:
    ./configure --with-everything --with-paranoidmsg --with-virtualchroot --with-tls --with-largefile --with-mysql
    make
    make install

    After this PureFTPd is installed on your system with all the necessary options.

Links to other sources

[存档]PureFTPd Server on FreeBSD - 印第安 - 跬步致远
http://www.pureftpd.org/
The original web site of the PureFTPd developers.
http://www.solariz.de/Ffiledb/filedb.php?action=fileinfo&id=1
A (other) PHP script to manage virtual PureFTPd users.
http://www.google.com/bsd
And of course my favorite search machine www.google.com or www.google.com/bsd.
http://machiel.generaal.net/index.php?subject=pureftpd
Here you can find the Dutch version of this HOWTO.

P.S. Links to Dutch websites you can found in the Dutch version of this HOWTO.

Back

  评论这张
 
阅读(1206)| 评论(0)
推荐

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2018