mirror of
https://github.com/Zeckmathederg/glfs.git
synced 2025-01-27 09:42:12 +08:00
137 lines
4.7 KiB
XML
137 lines
4.7 KiB
XML
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||
|
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
|
||
|
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
|
||
|
<!ENTITY % general-entities SYSTEM "../../general.ent">
|
||
|
%general-entities;
|
||
|
|
||
|
<!ENTITY vsftpd-download-http "">
|
||
|
<!ENTITY vsftpd-download-ftp "ftp://vsftpd.beasts.org/users/cevans/vsftpd-&vsftpd-version;.tar.gz">
|
||
|
<!ENTITY vsftpd-size "148 KB">
|
||
|
<!ENTITY vsftpd-buildsize "492 KB">
|
||
|
<!ENTITY vsftpd-time "0.0 SBU">
|
||
|
]>
|
||
|
|
||
|
<sect1 id="vsftpd" xreflabel="vsFTPD-&vsftpd-version;">
|
||
|
<?dbhtml filename="vsftpd.html"?>
|
||
|
<title>vsFTPD-&vsftpd-version;</title>
|
||
|
|
||
|
<sect2>
|
||
|
<title>Introduction to vsFTPD</title>
|
||
|
|
||
|
<para>The <application>vsFTPD</application> package contains a very secure and
|
||
|
very small FTP daemon. This is useful for serving files over a network.</para>
|
||
|
|
||
|
<sect3><title>Package information</title>
|
||
|
<itemizedlist spacing='compact'>
|
||
|
<listitem><para>Download (HTTP):<ulink url="&vsftpd-download-http;"/></para></listitem>
|
||
|
<listitem><para>Download (FTP): <ulink url="&vsftpd-download-ftp;"/></para></listitem>
|
||
|
<listitem><para>Download size: &vsftpd-size;</para></listitem>
|
||
|
<listitem><para>Estimated Disk space required: &vsftpd-buildsize;</para></listitem>
|
||
|
<listitem><para>Estimated build time: &vsftpd-time;</para></listitem></itemizedlist>
|
||
|
</sect3>
|
||
|
|
||
|
<sect3><title><application>vsFTPD</application> dependencies</title>
|
||
|
<sect4><title>Optional</title>
|
||
|
<para><xref linkend="Linux_PAM"/>,
|
||
|
<xref linkend="openssl"/>, and
|
||
|
<xref linkend="tcpwrappers"/></para></sect4>
|
||
|
</sect3>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
<sect2>
|
||
|
<title>Installation of <application>vsFTPD</application></title>
|
||
|
|
||
|
<para>For security reasons, running <application>vsFTPD</application> as an
|
||
|
unprivileged user and group is encouraged. Also, we need a user to map
|
||
|
anonymous users to.</para>
|
||
|
|
||
|
<screen><userinput><command>mkdir -p /var/ftp/empty &&
|
||
|
install -d -m 0755 -o root -g root /home/ftp &&
|
||
|
groupadd vsftpd &&
|
||
|
useradd -d /dev/null -g vsftpd -s /bin/false vsftpd &&
|
||
|
groupadd ftp &&
|
||
|
useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false ftp</command>
|
||
|
</userinput></screen>
|
||
|
|
||
|
<para>Install <application>vsFTPD</application> by running the following commands:</para>
|
||
|
|
||
|
<screen><userinput><command>make &&
|
||
|
install -m 755 vsftpd /usr/sbin/vsftpd &&
|
||
|
install -m 644 vsftpd.8 /usr/share/man/man5 &&
|
||
|
install -m 644 vsftpd.conf.5 /usr/share/man/man8 &&
|
||
|
install -m 644 vsftpd.conf /etc
|
||
|
</command></userinput></screen>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
<sect2>
|
||
|
<title>Command explanations</title>
|
||
|
|
||
|
<para><parameter>mkdir -p /var/ftp/empty</parameter>:
|
||
|
vsFTPD needs an empty directory to chroot into.</para>
|
||
|
|
||
|
<para><parameter>install -d -m 0700 -o root [...]</parameter>:
|
||
|
This creates the directory that anonymous users will use.</para>
|
||
|
|
||
|
<note><para><filename class="directory">/home/ftp</filename> should not be
|
||
|
owned by the user vsftpd, or the user ftp.</para></note>
|
||
|
|
||
|
<para><parameter>echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h</parameter>:
|
||
|
Use this prior to make to add support for tcpwrappers.</para>
|
||
|
|
||
|
<para><parameter>echo "#define VSF_BUILD_SSL" >>builddefs.h</parameter>:
|
||
|
Use this prior to make to add support for SSL.</para>
|
||
|
|
||
|
<para><parameter>install -m [...]</parameter>:
|
||
|
The Makefile hardwires /usr/local (if it exists). We want the files in /usr.</para>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
<sect2>
|
||
|
<title>Configuring <application>vsFTPD</application></title>
|
||
|
|
||
|
<sect3><title>vsftpd init.d script</title>
|
||
|
<para>Install the <filename>/etc/rc.d/init.d/vsftpd</filename>
|
||
|
init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
|
||
|
|
||
|
<screen><userinput><command>make install-vsftpd</command></userinput></screen>
|
||
|
|
||
|
</sect3>
|
||
|
|
||
|
<sect3><title>Config files</title>
|
||
|
|
||
|
<para><filename>/etc/vsftpd.conf</filename></para> <para>vsFTPD comes with a
|
||
|
basic anonymous-only configuration file that was copied to /etc above. We will
|
||
|
modify this file because it is now recommended to run vsFTPD in standalone mode
|
||
|
as opposed to inetd/xinetd mode. Also, we need to specify the priviledge
|
||
|
separation user we created above. Finally, we need to specify the chroot
|
||
|
directory. <command>man vsftpd.conf</command> will give you all the
|
||
|
details.</para>
|
||
|
|
||
|
<screen><userinput><command>cat >> /etc/vsftpd.conf << "EOF"</command>
|
||
|
listen=YES
|
||
|
nopriv_user=vsftpd
|
||
|
secure_chroot_dir=/var/ftp/empty
|
||
|
<command>EOF</command></userinput></screen></sect3>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
<sect2>
|
||
|
<title>Contents</title>
|
||
|
|
||
|
<para>The <application>vsFTPD</application> package contains
|
||
|
<command>vsftpd</command>.</para>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
<sect2><title>Description</title>
|
||
|
|
||
|
<sect3><title>vsftpd</title>
|
||
|
<para><command>vsftpd</command> is the daemon itself.</para></sect3>
|
||
|
|
||
|
</sect2>
|
||
|
|
||
|
</sect1>
|
||
|
|