●proftpdのインストール
groupadd proftpd &&
useradd -c proftpd -d /home/ftp -g proftpd -s /bin/false proftpd
install_user=proftpd install_group=proftpd ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run --enable-shadow
cat > /etc/proftpd.conf << "EOF"
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
ServerName "Fat Bear Server"
ServerType standalone
DefaultServer on
DefaultRoot ~
UseReverseDNS no
Port 21
Umask 022
MaxInstances 30
IdentLookups off
MaxLoginAttempts 3
MaxInstances 25
ListOptions "-a"
TimeoutNoTransfer 900
TimeoutIdle 600
TimeoutLogin 300
AllowRetrieveRestart on
AllowStoreRestart on
User proftpd
Group proftpd
AllowOverwrite yes
AllowAll
# Report localtime, not GMT
TimesGMT off
EOF
chmod 644 /etc/proftpd.conf
cat > /etc/pam.d/ftp << "EOF"
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_pwdb.so shadow nullok
# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
# auth required /lib/security/pam_shells.so
account required /lib/security/pam_pwdb.so
session required /lib/security/pam_pwdb.so
EOF
chmod 644 /etc/pam.d/ftp
proftpd init script:
cat > /etc/init.d/proftpd << "EOF"
#!/bin/sh
# chkconfig: 345 85 15
# description: ProFTPD is an enhanced FTP server
# processname: proftpd
# config: /etc/proftpd.conf
# By: Osman Elliyasa osman_Cable.EU.org
# $Id: proftpd.init.d,v 1.7 2002/12/07 21:50:27 jwm Exp $
# --- load the ipconntrack module if iptables ftp rules are in place
modprobe ip_conntrack_ftp
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/proftpd ]; then
. /etc/sysconfig/proftpd
fi
PATH="$PATH:/usr/local/sbin"
# See how we were called.
case "$1" in
start)
echo -n "Starting proftpd: "
daemon proftpd $OPTIONS
echo
touch /var/lock/subsys/proftpd
;;
stop)
echo -n "Shutting down proftpd: "
killproc proftpd
echo
rm -f /var/lock/subsys/proftpd
;;
status)
status proftpd
;;
restart)
$0 stop
$0 start
;;
reread)
echo -n "Re-reading proftpd config: "
killproc proftpd -HUP
echo
;;
suspend)
hash ftpshut >/dev/null 2>&1
if [ $? = 0 ]; then
if [ $# -gt 1 ]; then
shift
echo -n "Suspending with '$*' "
ftpshut $*
else
echo -n "Suspending NOW "
ftpshut now "Maintanance in progress"
fi
else
echo -n "No way to suspend "
fi
echo
;;
resume)
if [ -f /etc/shutmsg ]; then
echo -n "Allowing sessions again "
rm -f /etc/shutmsg
else
echo -n "Was not suspended "
fi
echo
;;
*)
echo -n "Usage: $0 {start|stop|restart|status|reread|resume"
hash ftpshut
if [ $? = 1 ]; then
echo '}'
else
echo '|suspend}'
echo 'suspend accepts additional arguments which are passed to ftpshut(8)'
fi
exit 1
esac
if [ $# -gt 1 ]; then
shift
$0 $*
fi
exit 0
EOF
chmod 755 /etc/init.d/proftpd
chkconfig --add proftpd
chkconfig proftpd on
service proftpd start
echo "/bin/false" >> /etc/shells
cat > /etc/logrotate.d/proftpd << "EOF"
/var/log/xferlog {
missingok
notifempty
postrotate
/usr/bin/kill -HUP `cat /var/run/proftpd.pid 2>/dev/null` 2>/dev/null || true
endscript
}
EOF
chmod 644 /etc/logrotate.d/proftpd