vsftp配置文档.doc

INSTALL=This file details how to build and install / run vsftpd from the vsftpddistribution .tar.gz file.Step 1) Build vsftpd.Switch to the directory created when you unpacked the vsftpd .tar.gz file.e.g.:cd vsftpd-1.1.2edit builddefs.h to handle compile-time settings (tcp_wrappers build,etc).Just type make (and mail me to fix it if it doesnt build ;-).This should produce you a vsftpd binary. You can test for this, e.g.:chrislocalhost vsftpd$ ls -l vsftpd-rwxrwxr-x 1 chris chris 61748 Sep 27 00:26 vsftpdStep 2) Satisfy vsftpd pre-requisites2a) vsftpd needs the user nobody in the default configuration. Add thisuser in case it does not already exist. e.g.:rootlocalhost root# useradd nobodyuseradd: user nobody exists2b) vsftpd needs the (empty) directory /usr/share/empty in the defaultconfiguration. Add this directory in case it does not already exist. e.g.:rootlocalhost root# mkdir /usr/share/empty/mkdir: cannot create directory /usr/share/empty: File exists2c) For anonymous FTP, you will need the user ftp to exist, and have avalid home directory (which is NOT owned or writable by the user ftp).The following commands could be used to set up the user ftp if you do nothave one:rootlocalhost root# mkdir /var/ftp/rootlocalhost root# useradd -d /var/ftp ftp(the next two are useful to run even if the user ftp already exists).rootlocalhost root# chown root.root /var/ftprootlocalhost root# chmod og-w /var/ftpStep 3) Install vsftpd config file, executable, man page, etc.Running make install will try to copy the binary, man pages, etc. tosomewhere sensible.Or you might want to copy these things by hand, e.g.:cp vsftpd /usr/local/sbin/vsftpdcp vsftpd.conf.5 /usr/local/man/man5cp vsftpd.8 /usr/local/man/man8make install doesnt copy the sample config file. It is recommended youdo this:cp vsftpd.conf /etcStep 4) Smoke test (without an inetd).vsftpd can run standalone or via an inetd (such as inetd or xinetd). You willtypically get more control running vsftpd from an inetd. But first we will runit without, so we can check things are going well so far.Edit /etc/vsftpd.conf, and add this line at the bottom:listen=YESThis tells vsftpd it will NOT be running from inetd.Right, now lets try and run it!Log in as root.Make sure you are not running other FTP servers (or vsftpd will not be ableto use the FTP port, 21).Run the binary from wherever you put it, e.g.:rootlocalhost root# /usr/local/sbin/vsftpd &1 2104If all is well, you can now connect! e.g.:chrislocalhost chris$ ftp localhostConnected to localhost ().220 (vsFTPd 1.1.1)Name (localhost:chris): ftp331 Please specify the password.Password:230 Login successful. Have fun.Remote system type is UNIX.Using binary mode to transfer files.ftp ls227 Entering Passive Mode (127,0,0,1,229,133)150 Here comes the directory listing.d-x-x-x 2 0 0 4096 Jan 14 2002 bind-x-x-x 2 0 0 4096 Apr 21 20:52 etcdrwxr-xr-x 2 0 0 4096 Apr 21 20:52 libdrwxr-sr-x 2 0 50 4096 Jul 26 22:58 pub226 Directory send OK.ftpStep 5) Run from an inetd of some kind (optional - standalone mode is nowrecommended)You may want to run the binary from an inetd of some kind, because this cangive you extra features - e.g. xinetd has a lot of settings. (Note thatvsftpds inbuilt listener covers most of the more useful xinetd settings).5a) If using standard inetd, you will need to edit /etc/inetd.conf, and adda line such as:ftp stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/vsftpd(Make sure to remove or comment out any existing ftp service lines. If youdont have tcp_wrappers installed, or dont want to use them, take out the/usr/sbin/tcpd part).inetd will need to be told to reload its config file:kill -SIGHUP pidof inetd5b) If using xinetd, you can follow a provided example, by looking at thefile EXAMPLE/INTERNET_SITE/README. Various other examples show how to leveragethe more powerful xinetd features.Step 6) Set up PAM for local logins (optional)If you are running vsftpd on a PAM enabled machine, you will need to have a/etc/pam.d/ftp file present, otherwise non-anonymous logins will fail. NOTE -if you have an older version of PAM, that file might be /etc/pam.confFor a standard setup, you can just copy a provided example file:cp RedHat/vsftpd.pam /etc/pam.d/ftpStep 7) Customize your configurationAs well as the above three pre-requisites, you are recommended to install aconfig file. The default location for the config file is /etc/vsftpd.conf.There is a sample vsftpd.conf in the distribution tarball. You probably wantto copy that to /etc/vsftpd.conf as a basis for modification, i.e.:cp vsftpd.conf /etcThe default configuration allows neither local user logins nor anonymousuploads. You may wish to change these defaults.Other notes=Tested platforms (well, it builds)- Any modern, well featured platform should work fine! Recent versions ofthe platforms listed below, and often older ones, should work fine.- Fedora Core- RedHa