Skip to main content

米斯特周

Ubuntu Pure-FTPd服务安装配置+虚拟用户

/post/2010-03-02-ubuntu-pure-ftpd-and-virtual-user/
Table of Contents

Pure-FTPd FTP server:

Pure-FTPd is a fast, production-quality, standards-conformant FTP server based upon Troll-FTPd. Features include chrooted home directories, virtual domains, built-in ‘ls’, anti-warez system, configurable ports for passive downloads, FXP protocol, bandwidth throttling, ratios, fortune files, Apache-like log files, fast standalone mode, atomic uploads, text / HTML / XML real-time status report, virtual users, virtual quotas, privilege separation, SSL/TLS and more.

## 一、安装Pure-FTPd 

$ sudo apt-get install pure-ftpd
$ sudo apt-get install pure-ftpd-mysql

## 二、配置Pure-FTPd

### 1.添加用户和组 

$ sudo groupadd -g 2001 ftpgroup
$ sudo useradd -u 2001 -s /bin/false -d /dev/null -c "Pure-FTPd User" -g ftpgroup ftpuser

在上面创建用户的命令中,指定将/bin/false作为shell,使得该用户无法登录到服务器的shell环境,从而避免了很多安全问题;而将其HOME目录设置为/dev/null,也提高操作系统的安全。

### 2.Chroot 设置

为了安全起见,我们要将每个FTP用户限制在Chroot环境中。为此,我们可以在其配置目录/etc/pure-ftpd/conf下面创建一个名为ChrootEveryone的文件,并将内容设置为yes

$ sudo sh -c "echo 'yes' > /etc/pure-ftpd/conf/ChrootEveryone"

这样设置后,每个FTP用户自己的HOME目录就成了他的root目录,他无法达到上层目录中,也就无法浏览其它目录下的文件了。

### 3.手工创建用户目录

下面的设置,告诉Pure-FTPd不要为用户自动创建HOME目录,我们将手工创建,后面我将会介绍web管理工具创建用户和HOME目录:

$ sudo sh -c "echo 'No' > /etc/pure-ftpd/conf/CreateHomeDir"

## 4.为Pure-FTPd 创建MySQL 数据库 

$ mysql -u root -p

mysql> CREATE DATABASE ftpusers;

然后,创建一个名为ftpadmin的MySQL用户,密码为ftpadminPassword,并将数据库ftpusers的相关权限赋给该用户:

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON ftpusers.* TO
 'ftpadmin'@'localhost' IDENTIFIED BY 'ftpadminPassword';
mysql> FLUSH PRIVILEGES;

然后,我们在该数据库中,创建一个users表和admin表,其SQL语句如下:

mysql> USE ftpusers;
mysql> CREATE TABLE IF NOT EXISTS `users` (
 `User` varchar(16) NOT NULL default '',
 `Password` varchar(32) NOT NULL default '',
 `Uid` int(11) NOT NULL,
 `Gid` int(11) NOT NULL,
 `Dir` varchar(128) NOT NULL default '',
 `QuotaFiles` int(10) NOT NULL default '500',
 `QuotaSize` int(10) NOT NULL default '30',
 `ULBandwidth` int(10) NOT NULL default '80',
 `DLBandwidth` int(10) NOT NULL default '80',
 `Ipaddress` varchar(15) NOT NULL default '*',
 `Comment` tinytext,
 `Status` enum('0','1') NOT NULL default '1',
 `ULRatio` smallint(5) NOT NULL default '1',
 `DLRatio` smallint(5) NOT NULL default '1',
 PRIMARY KEY (`User`),
 UNIQUE KEY `User` (`User`)
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

mysql> CREATE TABLE IF NOT EXISTS `admin` (
 `Username` varchar(35) NOT NULL default '',
 `Password` char(32) NOT NULL default '',
 PRIMARY KEY (`Username`)
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1;

mysql> quit

## 5.配置Pure-FTPd 的mysql.conf 

$ sudo cp /etc/pure-ftpd/db/mysql.conf /etc/pure-ftpd/db/mysql.conf_orig
$ sudo vi /etc/pure-ftpd/db/mysql.conf

内容为:

MYSQLServer 127.0.0.1
MYSQLSocket /var/run/mysqld/mysqld.sock
MYSQLUser ftpadmin
MYSQLPassword ftpadminPassword
MYSQLDatabase ftpusers
MYSQLCrypt md5
MYSQLGetPW SELECT Password FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetUID SELECT Uid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetGID SELECT Gid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MYSQLGetDir SELECT Dir FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetQTAFS SELECT QuotaFiles FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetQTASZ SELECT QuotaSize FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetRatioUL SELECT ULRatio FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetRatioDL SELECT DLRatio FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")

$ sudo chmod g=o= /etc/pure-ftpd/db/mysql.conf
$ sudo /etc/init.d/pure-ftpd-mysql restart

# 三、实现FTP用户的Web管理

## 1、安装User manager for PureFTPd 

$ cd /var/www
$ sudo wget http://machiel.generaal.net/files/pureftpd/ftp_v2.1.tar.gz
$ sudo tar xvf ftp_v2.1.tar.gz

## 2、配置User manager for PureFTPd

我们来修改/var/www/ftp/config.php

$ sudo vi /var/www/ftp/config.php

$LANG = “Chinese”;
$LocationImages = “images”;
$DBHost = “127.0.0.1″;
$DBLogin = “ftpadmin”;
$DBPassword = “ftpadminPassword”;
$DBDatabase = “ftpusers”;
$FTPAddress = “ubox.mytest.com:21″;
$DEFUserID = “2001″;
$DEFGroupID = “2001″;
$UsersFile = “/etc/passwd”;
$GroupFile = “/etc/group”;
$StyleSheet = “style/default.css.php”;
$EnableQuota = 1;
$EnableRatio = 1;
[…]

上述配置中,MySQL数据库的用户名、密码、数据库名及FTPAddress,请按自己的实际情况修改。最后两行设置,默认启用Quota和速率限制。

## 3、设置User manager for PureFTPd 管理员 

$ mysql -u root -p

mysql> USE ftpusers;
mysql> INSERT INTO `admin` (`Username`, `Password`) VALUES
 ('ftpadmin', MD5('ftpadminPassword'));
mysql> quit

## 4、登录user manager进行用户管理

打开http://localhost/ftp/index.php输入ftpadmin的密码,进行管理。