Pure-FTPd
Instalacja serwera z wybranymi flagami USE
USE Flags:
pam: wsparcie dla PAM (Pluggable Authentication Modules)
mysql: wsparcie dla bazy danych mySQL
postgres: wpsarcie dla bazy danych postgresql
ldap: wsparcie dla LDAP (Lightweight Directory Access Protocol)
ssl: wsparcie dla połączeń ssl
caps: Use Linux capabilities library to control privileges.
vchroot: wsparcie dla virtual chroot
(może być niebezpieczne pozwala użytkownikowi wydostać się z jego katalogu domowego,
ale jest wygodne bo pozwala korzystać z linków symbolicznych)
USE="vchroot ssl" emerge -av pure-ftpd
edycja pliku /etc/conf.d/pure-ftpd
## Config file for /etc/init.d/pure-ftpd
## Comment variables out to disable its features,
## or change the values in it...
## This variable must be uncommented
## in order for the server to start ##
IS_CONFIGURED="yes"
## FTP Server,Port (separated by comma) ##
## If you prefer host names over IP addresses, it's your choice :
## SERVER="-S ftp.rtchat.com,21"
## IPv6 addresses are supported.
## !!! WARNING !!!
## Using an invalid IP will result in server not starting and
## reporting a good start. Work is being done to solve that in:
## http://bugs.gentoo.org/show_bug.cgi?id=75861
SERVER="-S 192.168.0.1,21"
#SERVER="-S 21"
## Number of simultaneous connections in total, and per ip ##
MAX_CONN="-c 3"
MAX_CONN_IP="-C 1"
## Start daemonized in background ##
DAEMON="-B"
## Don't allow uploads
## if the partition is more full then this var ##
DISK_FULL="-k 90%"
## If your FTP server is behind a NAT box, uncomment this ##
#USE_NAT="-N"
## Authentication (others are 'pam', ...)##
## Further infos in the README file.
AUTH="-l puredb:/etc/pureftpd.pdb"
## Change the maximum idle time. (in minutes. default 15)
#TIMEOUT="-I 10"
## Use that facility for syslog logging. It defaults to 'ftp'
## Logging can be disabled with '-f none' .
#LOG="-f facility"
## Misc. Others ##
MISC_OTHER="-A -E -X -j -R -B"
#
# Use these inside $MISC_OTHER
# More can be found on "http://pureftpd.sourceforge.net/README"
#
# -A [ chroot() everyone, but root ]
# -e [ Only allow anonymous users ]
# -E [ Only allow authenticated users.
# Anonymous logins are prohibited. ]
# -i [ Disallow upload for anonymous users,
# whatever directory perms are ]
# -j [ If the home directory of a user doesn't exist,
# auto-create it ]
# -M [ Allow anonymous users to create directories. ]
# -R [ Disallow users (even non-anonymous ones)
# usage of the CHMOD command ]
# -x [ In normal operation mode,
# authenticated users can read/write
# files beginning with a dot ('.').
# Anonymous users can't, for security reasons
# (like changing banners or a forgotten .rhosts).
# When '-x' is used, authenticated users can
# download dot-files, but not overwrite/create them,
# even if they own them. ]
# -X [ This flag is identical to the previous one
# (writing dot-files is prohibited), but in addition,
# users can't even *read* files and directories beginning
# with a dot (like "cd .ssh"). ]
# -D [ List files beginning with a dot ('.') even when
# the client doesn't append the '-a' option to the list command.
# A workaround for badly configured FTP clients. ]
# -G [ Disallow renaming. ]
# -d [ Send various debugging messages to the syslog.
# ONLY for DEBUG ]
# -F [ Display a fortune cookie on login. Check the README file ]
# -H [ By default, fully-qualified host names are logged.
# The '-H' flag avoids host names resolution. ]
uruchomienie serwera
nano -w /etc/shells /bin/false groupadd ftpgroup useradd -g ftpgroup -d /dev/null -s /bin/false ftpuser pure-pw useradd pnat -u ftpuser -d /home/ftpusers/pnat pure-pw mkdb pure-ftpd -j -lpuredb:/etc/pureftpd.pdb & rc-update add pure-ftpd default