Chinaunix首页 | 论坛 | 博客
  • 博客访问: 2253786
  • 博文数量: 292
  • 博客积分: 10016
  • 博客等级: 中将
  • 技术积分: 3381
  • 用 户 组: 普通用户
  • 注册时间: 2005-11-06 11:26
文章分类

全部博文(292)

文章存档

2011年(1)

2010年(4)

2009年(3)

2008年(6)

2007年(47)

2006年(63)

2005年(168)

分类: LINUX

2005-11-24 10:43:32

Setup-proftp 1.2.9

copyright by C.Arthur ,All rights reserved.

I.Introduction 1.2.9

1.2.9 - Released 31-Oct-2003

---------------------------------

- Bug 2181 - The prior fix for Bug#2181, handling of the PORT command when the
--enable-ipv6 configure option is used, was not quite correct. A problem
still existed when an IPv4 client used the PORT command when talking to
an IPv4-only vhost (as opposed to an IPv4 and IPv6 vhost). Now PORT is
properly handled in all cases.
- Bug 2204 - On systems that use the gethostbyname2() function, IPv4 clients
were not being properly resolved to their DNS names.
- Bug 2242 - proftpd reread included additional config as user nobody instead
of root. The bug was caused by configuration directive handlers
(specifically, SyslogFacility and SystemLog) that would incorrectly change
the process privileges; depending on the order of configuration in
proftpd.conf, some Included files might not be parseable due to permissions
problems.
- Bug 2197 - The RPM .spec has been updated for easy RPM builds from CVS
snapshots.
- Check for excessive length of symlink directory listing entries (submitted
by Michael Hendrickx )
- Two memory leaks, seen mostly during recursive directory listings, have
been fixed.


II.Installation

download proftpd-1.2.9.tar.gz from proftp web site!
# ls //看看案板上的东东的样子吧
proftpd-1.2.9.tar.gz
# gunzip * //解压缩
# ls
proftpd-1.2.9.tar
# tar xvf * //解TAR压缩
x proftpd-1.2.9, 0 bytes, 0 tape blocks
x proftpd-1.2.9/contrib, 0 bytes, 0 tape blocks
x proftpd-1.2.9/contrib/dist, 0 bytes, 0 tape blocks
x proftpd-1.2.9/contrib/dist/rpm, 0 bytes, 0 tape blocks
x proftpd-1.2.9/contrib/dist/rpm/ftp.pamd, 633 bytes, 2 tape blocks
x proftpd-1.2.9/contrib/dist/rpm/proftpd.init.d, 1941 bytes, 4 tape blocks
x proftpd-1.2.9/contrib/dist/rpm/proftpd.logrotate, 147 bytes, 1 tape blocks
x proftpd-1.2.9/contrib/dist/rpm/xinetd, 252 bytes, 1 tape blocks
x proftpd-1.2.9/contrib/INSTALL.mod_wrap, 1060 bytes, 3 tape blocks
x proftpd-1.2.9/contrib/README, 766 bytes, 2 tape blocks
x proftpd-1.2.9/contrib/README.mod_wrap, 8802 bytes, 18 tape blocks
x proftpd-1.2.9/contrib/README.ratio, 5331 bytes, 11 tape blocks
x proftpd-1.2.9/contrib/UPGRADE.mod_sql, 2358 bytes, 5 tape blocks
x proftpd-1.2.9/contrib/ftpasswd, 25731 bytes, 51 tape blocks
x proftpd-1.2.9/contrib/ftpasswd.html, 13929 bytes, 28 tape blocks
x proftpd-1.2.9/contrib/mod_ifsession.c, 16145 bytes, 32 tape blocks
x proftpd-1.2.9/contrib/mod_ifsession.html, 9001 bytes, 18 tape blocks
x proftpd-1.2.9/contrib/mod_ldap.c, 60852 bytes, 119 tape blocks
x proftpd-1.2.9/contrib/mod_radius.c, 83524 bytes, 164 tape blocks
x proftpd-1.2.9/contrib/mod_radius.html, 11958 bytes, 24 tape blocks
x proftpd-1.2.9/contrib/mod_ratio.c, 22426 bytes, 44 tape blocks
x proftpd-1.2.9/contrib/mod_readme.c, 5018 bytes, 10 tape blocks
x proftpd-1.2.9/contrib/mod_rewrite.c, 63067 bytes, 124 tape blocks
x proftpd-1.2.9/contrib/mod_rewrite.html, 22951 bytes, 45 tape blocks
x proftpd-1.2.9/contrib/mod_sql.c, 116835 bytes, 229 tape blocks
x proftpd-1.2.9/contrib/mod_sql.h, 3089 bytes, 7 tape blocks
x proftpd-1.2.9/contrib/mod_sql_mysql.c, 43271 bytes, 85 tape blocks
x proftpd-1.2.9/contrib/mod_sql_postgres.c, 37637 bytes, 74 tape blocks
x proftpd-1.2.9/contrib/mod_tls.c, 92795 bytes, 182 tape blocks
x proftpd-1.2.9/contrib/mod_tls.html, 38017 bytes, 75 tape blocks
x proftpd-1.2.9/contrib/mod_wrap.c, 28867 bytes, 57 tape blocks
x proftpd-1.2.9/contrib/mod_wrap.html, 10981 bytes, 22 tape blocks
x proftpd-1.2.9/contrib/xferstats.holger-preiss, 12051 bytes, 24 tape blocks
x proftpd-1.2.9/contrib/README.mod_sql symbolic link to ../README.mod_sql
x proftpd-1.2.9/proftpd.spec, 10049 bytes, 20 tape blocks
x proftpd-1.2.9/COPYING, 18016 bytes, 36 tape blocks
x proftpd-1.2.9/CREDITS, 2200 bytes, 5 tape blocks
x proftpd-1.2.9/ChangeLog, 276962 bytes, 541 tape blocks
x proftpd-1.2.9/INSTALL, 25484 bytes, 50 tape blocks
x proftpd-1.2.9/Make.rules.in, 2380 bytes, 5 tape blocks
x proftpd-1.2.9/Makefile.in, 4877 bytes, 10 tape blocks
x proftpd-1.2.9/NEWS, 60673 bytes, 119 tape blocks
x proftpd-1.2.9/README, 4289 bytes, 9 tape blocks
x proftpd-1.2.9/README.AIX, 5444 bytes, 11 tape blocks
x proftpd-1.2.9/README.FreeBSD, 1093 bytes, 3 tape blocks
x proftpd-1.2.9/README.IPv6, 2839 bytes, 6 tape blocks
x proftpd-1.2.9/README.LDAP, 3806 bytes, 8 tape blocks
x proftpd-1.2.9/README.PAM, 5230 bytes, 11 tape blocks
x proftpd-1.2.9/README.Solaris2.5x, 1697 bytes, 4 tape blocks
x proftpd-1.2.9/README.Unixware, 1524 bytes, 3 tape blocks
x proftpd-1.2.9/README.capabilities, 2261 bytes, 5 tape blocks
x proftpd-1.2.9/README.cygwin, 3879 bytes, 8 tape blocks
x proftpd-1.2.9/README.mod_sql, 46908 bytes, 92 tape blocks
x proftpd-1.2.9/README.modules, 3777 bytes, 8 tape blocks
x proftpd-1.2.9/README.ports, 3262 bytes, 7 tape blocks
x proftpd-1.2.9/acconfig.h, 3009 bytes, 6 tape blocks
x proftpd-1.2.9/aclocal.m4, 4022 bytes, 8 tape blocks
x proftpd-1.2.9/config.guess, 40938 bytes, 80 tape blocks
x proftpd-1.2.9/config.h.in, 17168 bytes, 34 tape blocks
x proftpd-1.2.9/config.sub, 29806 bytes, 59 tape blocks
x proftpd-1.2.9/configure, 502523 bytes, 982 tape blocks
x proftpd-1.2.9/configure.in, 39150 bytes, 77 tape blocks
x proftpd-1.2.9/install-sh, 5585 bytes, 11 tape blocks
x proftpd-1.2.9/stamp-h.in, 0 bytes, 0 tape blocks
x proftpd-1.2.9/doc, 0 bytes, 0 tape blocks
x proftpd-1.2.9/doc/rfc, 0 bytes, 0 tape blocks
x proftpd-1.2.9/doc/rfc/draft-bonachea-sftp-00.txt, 11067 bytes, 22 tape blocks
x proftpd-1.2.9/doc/rfc/draft-ietf-ftpext-mlst-15.txt, 136004 bytes, 266 tape blocks
x proftpd-1.2.9/doc/rfc/draft-ietf-ftpext-sec-consider-02.txt, 17207 bytes, 34 tape blocks
x proftpd-1.2.9/doc/rfc/draft-murray-auth-ftp-ssl-10.txt, 49569 bytes, 97 tape blocks
x proftpd-1.2.9/doc/rfc/rfc0959.txt, 147316 bytes, 288 tape blocks
x proftpd-1.2.9/doc/rfc/rfc2228.txt, 58729 bytes, 115 tape blocks
x proftpd-1.2.9/doc/rfc/rfc2389.txt, 17166 bytes, 34 tape blocks
x proftpd-1.2.9/doc/rfc/rfc2428.txt, 16024 bytes, 32 tape blocks
x proftpd-1.2.9/doc/Configuration.html, 475986 bytes, 930 tape blocks
x proftpd-1.2.9/doc/Configuration.sgml, 675 bytes, 2 tape blocks
x proftpd-1.2.9/doc/GetConf, 618 bytes, 2 tape blocks
x proftpd-1.2.9/doc/faq.html, 95460 bytes, 187 tape blocks
x proftpd-1.2.9/doc/license.txt, 1205 bytes, 3 tape blocks
x proftpd-1.2.9/doc/mod_sample.c, 10877 bytes, 22 tape blocks
x proftpd-1.2.9/include, 0 bytes, 0 tape blocks
x proftpd-1.2.9/include/bindings.h, 7457 bytes, 15 tape blocks
x proftpd-1.2.9/include/conf.h, 8676 bytes, 17 tape blocks
x proftpd-1.2.9/include/data.h, 2026 bytes, 4 tape blocks
x proftpd-1.2.9/include/default_paths.h, 3012 bytes, 6 tape blocks
x proftpd-1.2.9/include/dirtree.h, 9543 bytes, 19 tape blocks
x proftpd-1.2.9/include/feat.h, 1333 bytes, 3 tape blocks
x proftpd-1.2.9/include/fsio.h, 9557 bytes, 19 tape blocks
x proftpd-1.2.9/include/ftp.h, 8730 bytes, 18 tape blocks
x proftpd-1.2.9/include/glibc-glob.h, 7174 bytes, 15 tape blocks
x proftpd-1.2.9/include/ident.h, 1400 bytes, 3 tape blocks
x proftpd-1.2.9/include/inet.h, 9225 bytes, 19 tape blocks
x proftpd-1.2.9/include/libsupp.h, 3429 bytes, 7 tape blocks
x proftpd-1.2.9/include/log.h, 3163 bytes, 7 tape blocks
x proftpd-1.2.9/include/mkhome.h, 1308 bytes, 3 tape blocks
x proftpd-1.2.9/include/modules.h, 8073 bytes, 16 tape blocks
x proftpd-1.2.9/include/netaddr.h, 6904 bytes, 14 tape blocks
x proftpd-1.2.9/include/netio.h, 7252 bytes, 15 tape blocks
x proftpd-1.2.9/include/options.h, 6055 bytes, 12 tape blocks
x proftpd-1.2.9/include/pool.h, 3778 bytes, 8 tape blocks
x proftpd-1.2.9/include/pr-syslog.h, 3440 bytes, 7 tape blocks
x proftpd-1.2.9/include/privs.h, 10664 bytes, 21 tape blocks
x proftpd-1.2.9/include/proftpd.h, 8338 bytes, 17 tape blocks
x proftpd-1.2.9/include/regexp.h, 1403 bytes, 3 tape blocks
x proftpd-1.2.9/include/response.h, 3033 bytes, 6 tape blocks
x proftpd-1.2.9/include/scoreboard.h, 3753 bytes, 8 tape blocks
x proftpd-1.2.9/include/sets.h, 2196 bytes, 5 tape blocks
x proftpd-1.2.9/include/support.h, 3042 bytes, 6 tape blocks
x proftpd-1.2.9/include/timers.h, 1875 bytes, 4 tape blocks
x proftpd-1.2.9/include/version.h, 321 bytes, 1 tape blocks
x proftpd-1.2.9/lib, 0 bytes, 0 tape blocks
x proftpd-1.2.9/lib/libcap, 0 bytes, 0 tape blocks
x proftpd-1.2.9/lib/libcap/include, 0 bytes, 0 tape blocks
x proftpd-1.2.9/lib/libcap/include/sys, 0 bytes, 0 tape blocks
x proftpd-1.2.9/lib/libcap/include/sys/capability.h, 2711 bytes, 6 tape blocks
x proftpd-1.2.9/lib/libcap/Makefile, 1859 bytes, 4 tape blocks
x proftpd-1.2.9/lib/libcap/_makenames.c, 2314 bytes, 5 tape blocks
x proftpd-1.2.9/lib/libcap/cap_alloc.c, 3231 bytes, 7 tape blocks
x proftpd-1.2.9/lib/libcap/cap_extint.c, 3795 bytes, 8 tape blocks
x proftpd-1.2.9/lib/libcap/cap_file.c, 2827 bytes, 6 tape blocks
x proftpd-1.2.9/lib/libcap/cap_flag.c, 2930 bytes, 6 tape blocks
x proftpd-1.2.9/lib/libcap/cap_proc.c, 2688 bytes, 6 tape blocks
x proftpd-1.2.9/lib/libcap/cap_sys.c, 1090 bytes, 3 tape blocks
x proftpd-1.2.9/lib/libcap/cap_text.c, 8127 bytes, 16 tape blocks
x proftpd-1.2.9/lib/libcap/libcap.h, 4138 bytes, 9 tape blocks
x proftpd-1.2.9/lib/Makefile.in, 2044 bytes, 4 tape blocks
x proftpd-1.2.9/lib/getopt.c, 30212 bytes, 60 tape blocks
x proftpd-1.2.9/lib/getopt.h, 5893 bytes, 12 tape blocks
x proftpd-1.2.9/lib/getopt1.c, 4550 bytes, 9 tape blocks
x proftpd-1.2.9/lib/glibc-gai_strerror.c, 3675 bytes, 8 tape blocks
x proftpd-1.2.9/lib/glibc-glob.c, 38730 bytes, 76 tape blocks
x proftpd-1.2.9/lib/glibc-hstrerror.c, 3139 bytes, 7 tape blocks
x proftpd-1.2.9/lib/glibc-mkstemp.c, 3163 bytes, 7 tape blocks
x proftpd-1.2.9/lib/pr-syslog.c, 6602 bytes, 13 tape blocks
x proftpd-1.2.9/lib/pr_fnmatch.c, 11332 bytes, 23 tape blocks
x proftpd-1.2.9/lib/pr_fnmatch_loop.c, 24129 bytes, 48 tape blocks
x proftpd-1.2.9/lib/pwgrent.c, 5100 bytes, 10 tape blocks
x proftpd-1.2.9/lib/sstrncpy.c, 1579 bytes, 4 tape blocks
x proftpd-1.2.9/lib/strsep.c, 1667 bytes, 4 tape blocks
x proftpd-1.2.9/lib/vsnprintf.c, 9796 bytes, 20 tape blocks
x proftpd-1.2.9/lib/Makefile.bak, 1876 bytes, 4 tape blocks
x proftpd-1.2.9/lib/Makefile.in.bak, 1798 bytes, 4 tape blocks
x proftpd-1.2.9/modules, 0 bytes, 0 tape blocks
x proftpd-1.2.9/modules/Makefile.in, 8014 bytes, 16 tape blocks
x proftpd-1.2.9/modules/glue.sh, 462 bytes, 1 tape blocks
x proftpd-1.2.9/modules/mod_auth.c, 79033 bytes, 155 tape blocks
x proftpd-1.2.9/modules/mod_auth_file.c, 32888 bytes, 65 tape blocks
x proftpd-1.2.9/modules/mod_auth_pam.c, 13162 bytes, 26 tape blocks
x proftpd-1.2.9/modules/mod_auth_unix.c, 22771 bytes, 45 tape blocks
x proftpd-1.2.9/modules/mod_cap.c, 10121 bytes, 20 tape blocks
x proftpd-1.2.9/modules/mod_core.c, 134497 bytes, 263 tape blocks
x proftpd-1.2.9/modules/mod_log.c, 29716 bytes, 59 tape blocks
x proftpd-1.2.9/modules/mod_ls.c, 53894 bytes, 106 tape blocks
x proftpd-1.2.9/modules/mod_site.c, 13076 bytes, 26 tape blocks
x proftpd-1.2.9/modules/mod_xfer.c, 67232 bytes, 132 tape blocks
x proftpd-1.2.9/modules/module_glue.c.tmpl, 130 bytes, 1 tape blocks
x proftpd-1.2.9/modules/Makefile.bak, 5734 bytes, 12 tape blocks
x proftpd-1.2.9/modules/Makefile.in.bak, 5776 bytes, 12 tape blocks
x proftpd-1.2.9/sample-configurations, 0 bytes, 0 tape blocks
x proftpd-1.2.9/sample-configurations/PFTEST.conf.in, 1027 bytes, 3 tape blocks
x proftpd-1.2.9/sample-configurations/PFTEST.group, 15 bytes, 1 tape blocks
x proftpd-1.2.9/sample-configurations/PFTEST.install, 1647 bytes, 4 tape blocks
x proftpd-1.2.9/sample-configurations/PFTEST.passwd, 61 bytes, 1 tape blocks
x proftpd-1.2.9/sample-configurations/PFTEST.shadow, 34 bytes, 1 tape blocks
x proftpd-1.2.9/sample-configurations/anonymous.conf, 3409 bytes, 7 tape blocks
x proftpd-1.2.9/sample-configurations/basic.conf, 1817 bytes, 4 tape blocks
x proftpd-1.2.9/sample-configurations/complex-virtual.conf, 11067 bytes, 22 tape blocks
x proftpd-1.2.9/sample-configurations/mod_sql.conf, 8332 bytes, 17 tape blocks
x proftpd-1.2.9/sample-configurations/virtual.conf, 2477 bytes, 5 tape blocks
x proftpd-1.2.9/src, 0 bytes, 0 tape blocks
x proftpd-1.2.9/src/Makefile.in, 14721 bytes, 29 tape blocks
x proftpd-1.2.9/src/auth.c, 13354 bytes, 27 tape blocks
x proftpd-1.2.9/src/bindings.c, 27456 bytes, 54 tape blocks
x proftpd-1.2.9/src/data.c, 29647 bytes, 58 tape blocks
x proftpd-1.2.9/src/dirtree.c, 86136 bytes, 169 tape blocks
x proftpd-1.2.9/src/feat.c, 2185 bytes, 5 tape blocks
x proftpd-1.2.9/src/fsio.c, 67771 bytes, 133 tape blocks
x proftpd-1.2.9/src/ident.c, 5934 bytes, 12 tape blocks
x proftpd-1.2.9/src/inet.c, 36167 bytes, 71 tape blocks
x proftpd-1.2.9/src/log.c, 17563 bytes, 35 tape blocks
x proftpd-1.2.9/src/main.c, 75151 bytes, 147 tape blocks
x proftpd-1.2.9/src/mkhome.c, 8895 bytes, 18 tape blocks
x proftpd-1.2.9/src/modules.c, 17449 bytes, 35 tape blocks
x proftpd-1.2.9/src/netaddr.c, 19856 bytes, 39 tape blocks
x proftpd-1.2.9/src/netio.c, 22811 bytes, 45 tape blocks
x proftpd-1.2.9/src/pool.c, 18038 bytes, 36 tape blocks
x proftpd-1.2.9/src/proftpd.8.in, 3480 bytes, 7 tape blocks
x proftpd-1.2.9/src/regexp.c, 3667 bytes, 8 tape blocks
x proftpd-1.2.9/src/response.c, 6819 bytes, 14 tape blocks
x proftpd-1.2.9/src/scoreboard.c, 16284 bytes, 32 tape blocks
x proftpd-1.2.9/src/sets.c, 8891 bytes, 18 tape blocks
x proftpd-1.2.9/src/support.c, 19970 bytes, 40 tape blocks
x proftpd-1.2.9/src/timers.c, 9696 bytes, 19 tape blocks
x proftpd-1.2.9/src/xferlog.5.in, 3082 bytes, 7 tape blocks
x proftpd-1.2.9/src/proftpd.8, 3451 bytes, 7 tape blocks
x proftpd-1.2.9/src/xferlog.5, 3082 bytes, 7 tape blocks
x proftpd-1.2.9/src/Makefile.bak, 11270 bytes, 23 tape blocks
x proftpd-1.2.9/src/Makefile.in.bak, 11312 bytes, 23 tape blocks
x proftpd-1.2.9/utils, 0 bytes, 0 tape blocks
x proftpd-1.2.9/utils/Makefile.in, 2329 bytes, 5 tape blocks
x proftpd-1.2.9/utils/ftpcount.1.in, 1694 bytes, 4 tape blocks
x proftpd-1.2.9/utils/ftpcount.c, 7869 bytes, 16 tape blocks
x proftpd-1.2.9/utils/ftpshut.8.in, 3304 bytes, 7 tape blocks
x proftpd-1.2.9/utils/ftpshut.c, 4826 bytes, 10 tape blocks
x proftpd-1.2.9/utils/ftptop.1.in, 2023 bytes, 4 tape blocks
x proftpd-1.2.9/utils/ftptop.c, 15709 bytes, 31 tape blocks
x proftpd-1.2.9/utils/ftpwho.1.in, 2126 bytes, 5 tape blocks
x proftpd-1.2.9/utils/ftpwho.c, 14736 bytes, 29 tape blocks
x proftpd-1.2.9/utils/misc.c, 1960 bytes, 4 tape blocks
x proftpd-1.2.9/utils/scoreboard.c, 6018 bytes, 12 tape blocks
x proftpd-1.2.9/utils/utils.h, 4047 bytes, 8 tape blocks
x proftpd-1.2.9/utils/ftpcount.1, 1687 bytes, 4 tape blocks
x proftpd-1.2.9/utils/ftpshut.8, 3304 bytes, 7 tape blocks
x proftpd-1.2.9/utils/ftptop.1, 2016 bytes, 4 tape blocks
x proftpd-1.2.9/utils/ftpwho.1, 2119 bytes, 5 tape blocks
x proftpd-1.2.9/utils/Makefile.bak, 2220 bytes, 5 tape blocks
x proftpd-1.2.9/utils/Makefile.in.bak, 2262 bytes, 5 tape blocks
# ls
proftpd-1.2.9 proftpd-1.2.9.tar
#
#
# cd *
# ls
COPYING README.Solaris2.5x configure.in
CREDITS README.Unixware contrib
ChangeLog README.capabilities doc
INSTALL README.cygwin include
Make.rules.in README.mod_sql install-sh
Makefile.in README.modules lib
NEWS README.ports modules
README acconfig.h proftpd.spec
README.AIX aclocal.m4 sample-configurations
README.FreeBSD config.guess src
README.IPv6 config.h.in stamp-h.in
README.LDAP config.sub utils
README.PAM configure

# ./configure --prefix=/usr/local/proftp //这个时候你需要GCC的支持,如果没有GCC肯定编译不了的啊/usr/local/proftp是你指定的以后INSTALL的目录
# make
# make install //进行安装


III.Sample-Configurations

# pwd
/usr/local/proftp/etc //配置文件的目录
Default configuretion is basic conf.( basic.conf、mod_sql.conf、anonymous.conf、complex-virtual.conf、virtual.conf in proftpd-1.2.9/sample-configurations //文件配置是有个模板的,默认的是basic conf,你可以从你的proftpd-1.2.9/sample-configurations 目录里找到其他的配置文件,根据你的需要。
#
# more
#more proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName "C.Arthur FTP Server" //你配置的服务器名字哦
ServerType standalone //standalone还是inetd方式
DefaultServer on

# Port 21 is the standard FTP port.
Port 21 //可以根据你的需要修改

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022 //权限的设置

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30 //最大连接数

# Set the user and group under which the server will run.
User nobody
Group nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~ //限制用户FTP的目录

# Normally, we want files to be overwriteable. //限制对目录的权限

AllowOverwrite on


# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire section.//匿名访问

User ftp
Group ftp

# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 10

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot //限制写的权限可以针对IP地址的限制

DenyAll


#

IIII.Start

# /usr/local/sbin/proftpd start //正常启动方式,也可以使用debug方式诊断
#
# ps -e | grep proftpd
458 ? 0:00 proftpd
# groupadd ftp
# useradd -u 1111 -g ftp -d /export/home/arthur -c "ftpuser" -m -s /bin/sh arthur
6 blocks
# passwd arthur
New password:
Re-enter new password:
passwd (SYSTEM): passwd successfully changed for arthur

On windown clinet run ftp 192.168.0.10
Connected to 192.168.0.10.
220 ProFTPD 1.2.9 Server (C.Arthur Ftp Server) [u10]
Name (192.168.0.10:root):

IIII.FAQ

1. ProFTPD doesn't seem to work.

Starting ProFTPD in standalone mode it doesn't show in "ps" It could be many things, possibly something like not running

ProFTPD as root (it needs to be run as root initially, but will switch to a non-privileged user). Regardless, ProFTPD logs

all errors via the standard syslog mechanism. You need to check your system logs in order to determine what the problem is.

It doesn't work!
There are many times when there's a completely random problem which appears to be insoluble. The best place to ask for help

is definately the mailing list (proftpd-l) but it's not productive to ask for help without giving enough information for

intelligent debugging.

Have you?


Checked your logs

Tried the server in debug mode

Read the FAQ?

Checked the mailing list archive?

Are you running the latest version?

When posting try giving enough information, this might include but not be limited to.


OS and server version (proftpd -vv)

List of included modules (proftpd -l)

Appropriate log extracts

Output fom debug mode

Configration fragment

2. "inet_create_connection() failed: Operation not permitted".

You aren't starting ProFTPD as root, or you have inetd configured to run ProFTPD as a user other than root. The ProFTPD

daemon must be started as root in order to bind to tcp ports lower than 1024, or to open your shadow password file when

authenticating users. The daemon switches uid/gids to the user and group specified by the User/Group directives during normal

operation, so a "ps" will show it running as the user you specified.

3. Unable to bind to port/Address already in use

0.0.0.0 is INADDR_ANY, which means to bind to any interface. The "address in use" will normally mean that something has

already bound to that address.

Under linux it is possible to run:

fuser -n tcp 21

to get the PID of the process currently bound to port ProFTPD is configured to run as.

The most common cause is that ProFTPD is configured standalone and inetd is still configured for port 21. Comment out the

line starting "ftp" in /etc/inetd.conf and restart (killall -HUP inetd or something similar should do the trick) and try

again.

4. "(Login failed): Invalid shell"

The user attempting to login has been given a shell that is not listed in the system's /etc/shells file. By default, proftpd

will require that users logging in have valid shells. Use the RequireValidShell directive to turn off this requirement:

RequireValidShell off

5. "Fatal: Socket operation on non-socket"

You have ProFTPD configured to run in inetd mode rather than standalone. In this mode, ProFTPD expects that it will be run

from the inetd super-server, which implies that stdin/stdout will be sockets instead of terminals. As a result, socket

operations will fail and the above error will be printed. If you wish to run ProFTPD from the shell, in standalone mode,

you'll need to modify your proftpd.conf configuration file and add or edit the ServerType directive to read:

ServerType standalone

6. "Fatal: unable to determine IP address of "hostname:

The hosting machine has a poorly configured hostname setup to the point where the resolver library cannot determine the IP

from the name. Solutions include, fixing the DNS for the domain, fixing the hostname, fixing the /etc/hosts file. Which one

works for you will largely depend on your OS and exactly what is wrong.

7. I'm having problems with FTP clients behind firewalls

The FTP Specification defines that two sockets should be used for all communications. The first runs over port 21 and is the

control channel over which all commands and response codes are sent. Whenever data is required to be transfered, for example

for a file download, a directory listing etc etc. A second channel is created on demand, this socket can take one of two

forms.

non-Passive
The server end of the data socket uses port 20. This is nice and easy to work into a firewall configuration.

Passive
The port at either end is dynamically allocated. This is virtually impossible to cater for in a firewall configuration given

that the port mapping will be different for every data connection.

The solution is to force the users to configure their clients to use the non-passive mode (ie port 20)

8. Can I run more that one VirtualHost on a single IP?

No, or at least not in the HTTP/1.1 manner of virtual hosting. This is an inbuilt limitation of the current FTP RFC., unlike

the HTTP/1.1 spec there is no mechanism comparable to the "Host: foo.bar.com" HTTP header for specifying which host the

connection is for. Therefore the only method for determining which VirtualHost the connection is destined for is by the

destination IP.

The one exception to this is if you host multiple servers on the same IP but using different ports, however this requires

that the connecting client uses a non-standard port and therefore is probably not a good solution for mass hosting.

Is there anything in the pipeline to fix this?
There is a draft standard
with the IETF which extends

and improves on the FTP specification including support for a HOST command. However given that the IP crunch is coming from

websites and not virtual ftp servers this is unlikely to be pushed through any time soon.

9. How do I run ProFTPD from inetd?

Find the line in /etc/inetd.conf that looks something like this:

ftp stream tcp nowait root in.ftpd in.ftpd

Replace it with:

ftp stream tcp nowait root in.proftpd in.proftpd

Then, find your inetd process in the process listing and send it the SIGHUP signal so that it will rehash and reconfigure

itself. You may also need to add in.ProFTPD to hosts.allow on your system.

10. Can I use tcp-wrappers with ProFTPD?

Yup. Although ProFTPD has built-in IP access control (see the Deny and Allow directives), many admins choose to consolidate

IP access control in one place via in.tcpd. Just configure ProFTPD to run from inetd as any other tcp-wrapper wrapped daemon

and add the appropriate lines to hosts.allow/deny files.

If running ProFTPD in standalone mode, mod_wrap can be used to direct the server to use the normal hosts.allow/deny files.

11. Can I run an FTP server on a non-standard port?

Yes. Use a block with your machine's FQDN (Fully Qualified Domain Name) or IP address, and a Port directive

inside the block. For example, if your host is named "myhost.mydomain.com" and you want to run an additional

FTP server on port 2001, you would:

...

Port 2001
...


12. Can control upload/download ratios?

Yes the mod_ratio module provides for doing just this.

The ratio directives take four numbers: file ratio, initial file credit, byte ratio, and initial byte credit. Setting either

ratio to 0 disables that check.

The directives are HostRatio (matches FQDN, wildcards allowed), AnonRatio (matches password entered at login), UserRatio

(accepts "*" for "any user"), and GroupRatio.

Ratios on # enable module
UserRatio ftp 0 0 0 0
HostRatio master.debian.org 0 0 0 0 # leech access (default)
GroupRatio proftpd 100 10 5 100000 # 100:1 files, 10 file cred 5:1 bytes, 100k byte cred
AnonRatio
1 0 1 0 # 1:1 ratio, no credits
UserRatio * 5 5 5 50000 # special default case

This example is for someone who (1) has downloaded 1 file of 82k, (2) has uploaded nothing, (3) has a ratio of 5:1 files and

5:1 bytes, (4) has 4 files and 17k credit remaining, and (5) is now changing directory to /art/nudes/young/carla. The initial

credit, not shown, was 5 files and 100k (UserRatio * 5 5 5 100000).

Version 2.0 and above of this module integrate with mod_sql.

Limitations of mod_ratio
It appears that the ratio limits in mod_ratio are only maintained on a per session basis and there is no ongoing tracking of

usage.

13. Slow logins

This is probably caused by a firewall or DNS timeout. By default ProFTPD will try to do both DNS and ident lookups against

the incoming connection. If these are blocked or excessively delayed a slower than normal login will result. To turn off DNS

and ident use:

UseReverseDNS off
IdentLookups off

IdentLookups and tcpwrappers ***

14. Lots of "FTP session closed" messages

Oct 7 12:30:48 salvage2 proftpd[8874]: FTP session closed. Oct 7 12:30:48 salvage2 proftpd[8874]: FTP session closed. Oct 7

12:30:48 salvage2 proftpd[8874]: FTP session closed. Oct 7 12:30:48 salvage2 proftpd[8874]: FTP session closed.

The above log extract is likely to be caused by a local monitoring system or a particularly aggressive DoS attack. Most

service monitoring systems try opening the ftp port on the target server to detect whether it is active and running. Most of

the time these tests are followed by an immediate "QUIT" or disconnection.

TCPdump/TCPshow on the server in question should show which machine on your network is is generating these connections.

15. How do I see who is connected?

The ftpwho command lists the state of each ftp connection to the server and what it's current activity is. However this does

not detail the connection information on a virtual by virtual basis.

16. Can I force ProFTPD to listen on only one IP?

Sort, of it's not quite as clean as the socket binding under Apache but the principle works something like this.

Standalone mode
To listen on the primary IP of a host use the SocketBindTight directive

To listen on a interfaces which are not the primary host interface use the SocketBindTight directive, place your server

configuration in a > block and use "Port 0" for the main host configuration and and "Port 21"

inside the VirtualHost block.

inetd
There are two approaches possible, the first is to use the patch from Daniel Roesen (check the

mailing list archives).

The second method is to run ProFTPD from xinetd (), a more advanced replacement of inetd. An entry

for this in xinetd.conf would be something like this:

service ftp
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/sbin/proftpd
log_on_success += DURATION USERID
log_on_failure += USERID
nice = 10
#bind = [IP to bind to]
}

17. "FTP server shut down ... please try again later."

Check for /etc/shutmsg and delete it.

18. How do I shutdown the server without killing proftpd?

ftpshut, allows the server to disallow connections with a message without actually taking down the service. The shutdown can

be scheduled for a point in the future or right now, existing connections can be allowed to finish, or be terminated now. Re

-enabling is done by removing the /etc/shutmsg file.

19. Is is possible to shutdown a single VirtualHost?

No, the shutmsg file works at a daemon level not at a virtual host level.

20. Error 421

This appears to be a general catch all error code meaning "something nasty has gone wrong".


Connection has timed out

The DefaultRoot specified doesn't exist

The parent server has been killed

Check /etc/services

Wrong permissions on the DefaultRoot

You get the idea...

21. proftpd doesn't show in the processlist

Two possible reasons, first that it's simply not running, try proftpd -n -d2 to run in debug mode and see what happens. The

other is that it's running from inetd and there are no active sessions at the moment.

22. How do I restart/reload the server?

This depends on the mode you're running the server in.

inetd
Unless you're making a configuration change to inetd itself nothing needs doing. The server reloads the configuration

everytime a new connection is made.

Standalone
Either stop and start the server completely (a little aggressive for most admins tastes) or send a SIGHUP to the master

daemon process.

23. 503 No PORT command issued

A bug was introduced in 1.2.0rc2 which prevented the PORT command working properly and therefore breaking the data socket

under certain conditions. The bug was documented as bug 240 and has been fixed in CVS. A rc3 release is due before the end of

Jan 2001.

24. Fatal: unable to determine IP address of

Proftpd was unable to work out what IP is associated with the hostname in the VirtualHost block. Normally caused by a problem

with the DNS resolution of the host, check the resolv.conf file and that your chosen nameservers are functional.

25. 451 append/restart not permitted, try again

AllowStoreRestart is disabled by default because it will allow any writable file to be corrupted by a malicious user. It is

recommended that this option is only used with authenticated users and then only in certain directories.

26. 501 REST not compatible with server configuration

As mentioned in the description of the HiddenStor configuration directive, use of that directive is incompatible with the FTP

command REST. Either disable use of REST with the AllowRetrieveRestart and AllowStoreRestart directives, or do not use

HiddenStor.

27. The time being displayed is wrong

The default behaviour for ProFTPD is to display all times relative to GMT. To use local time set "TimesGMT off" in the server

section of the config. There is a known issue with Redhat 7, with regard to time handling.



28. Authentication is taking too long

Make sure that ReverseDNS is disabled, turn off ident lookups. Additionally check the size of your /etc/passwd (or shadow)

file, if it is large then the only solution may be to move to another authentication scheme.

29. Corrupted files

There appear to be some problems with both the use of sendfile() in ProFTPD and with the implementation within certain

operating systems.

30. Can I upgrade ProFTPD without terminating the current sessions?

Short answer, no. Longer answer is no, but you can minimise the effects. The cleanest approach on servers which have

significant amounts of traffic appears to be to use ftpshut to block new connections and terminate existing ones after a pre

-determined time period and then to upgrade and restart. This approach limits the number of downloads which are terminated

part way through.

31. No such group "nogroup"

The default ProFTPD configuration file uses the user "nouser" and the group "nogroup", some systems / distributions do not

have the group "nogroup" defined. The solution is to either add the group "nogroup" to /etc/groups or to change the "nogroup"

entry in the proftpd.conf to a group which does exist.

32. Why do I see "unable to set groups: Invalid argument"?

The setting of the group privileges for a process uses the setgroups(2) system call. This call will fail with the above error

message for one of two reasons: there is a negative GID value for one of the groups, or the maximum number of groups for a

single user has been exceeded.

Ideally, all IDs, both UID and GID, will be positive. Unfortunately, it is common on many systems to use -1 or -2, especially

for such users as 'nobody', or group 'nogroup'. Use of these values uses C's treatment of data types to make the actual

numeric value very high; some functions, like setgroups(), do not like this, though. In general, always use positive ID

numbers.

The other limitation is the number of supplemental groups for a user (eg non-primary groups, the ones configured in

/etc/group). The maximum number of supplemental groups to which a user may belong is defined by the operating system constant

NGROUPS_MAX. On some operating systems, such as Solaris, this limitation may be tunable.

Some other applications may not encounter this error if they use the initgroups(3) function, which reads the /etc/group file

for a user's supplemental group memberships, and sets those groups. This function, however, silently ignores any supplemental

groups for user greater than NGROUPS_MAX, unlike setgroups(2), which complains.

If this is the cause of your error message, any solution will most likely involve reducing the number of groups your users

are members of, or tuning the NGROUPS_MAX value, if your operating system allows it.

33. Why do I see error messages like these when I logout?


PAM(exit): Permission denied
open_module: stat(/usr/lib/security/pam_unix.so.1) failed: No such file or directory
load_modules: can not open module /usr/lib/security/pam_unix.so.1
PAM(exit): Dlopen failure.


These messages appear when the DefaultRoot configuration directive is in effect. This directive causes a user to be confined

using the chroot(2) system call. This call, however, affects other system utilities, such as PAM. In this case, PAM's

configuration is causing the PAM library to attempt to open PAM modules using a path that is no longer valid, thus the

errors. This happens on logout because the chroot has already happened by that point; on login, the PAM modules are

successfully found and loaded before the chroot, so no errors. These are merely cosmetic reporting errors, and do not really

affect the functionality or security of the server.

阅读(1758) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~