CentOS6.4部署Pureftpd完整版
记录一下自己的工作,干净的系统。如何部署用到线上?
1,网络配置
为了方便安装软件包,一般都是需要设置yum源的。我这里两块网卡,eth0用于设置内网IP,访问外网要走公司的网关。dns也要走公司dns服务器,所以需要设置内网IP。eth1用于设置外网IP,用于外网访问ftp服务器。网络配置,主要是内网设置的时候会有一些工作量。主要是要设置路由转发。
设置内网IP vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 BOOTPROTO=static IPV6INIT=yes MTU=1500 NM_CONTROLLED=yes ONBOOT=yes TYPE=Ethernet IPADDR=10.0.5.213 NETMASK=255.255.255.0
默认你的网络配置文件下是没有路由转发配置文件的,如果你的通过eth0的请求要经过路由,那么就在/etc/sysconfig/network-scripts/下创建route-eth0。对应的,如果是eth1也是这样。我这里是通过eth0来走内网的,
vim /etc/sysconfig/network-scripts/route-eth0
10.0.0.0/8 via 10.0.5.1
当然你也可以通过ip ro命令去添加路由。关于ip ro可以去google。
然后是设置dns,
vim /etc/resolv.conf nameserver 10.0.0.6
这里的地址,是公司的dns服务器。如果你只是通过虚拟机去实验,可以参考我的CentOS设置yum源去设置网络。
这样下来,你的服务器访问外网就没问题了。
总结一下,如果你是公司的网络,一般你是要设置3个地方,内网ip,路由,dns。如果你是虚拟机,一般你只需要设置dns即可。
2,yum源设置
源有很多,163,雅虎等等。一般用的多的好像都是163源。这一步可以参考我的博客http://www.cnblogs.com/chenxiaojian/p/3667649.html
3,安装mysql
设置好了yum源,就可以很方便安装需要的软件包。
可以使用yum list |grep mysql来查看一下你的环境是否已经安装了mysql。
如果有,而且你也可以使用,就不必看接下来的内容。
如果你想重新安装,你可以yum remove mysql来移除现有的mysql。
我这里是安装的mysql-server。装就装个全的。免得麻烦,菜鸟就是这么搞。
yum install mysql-server
yum install mysql-devel //这个东西如果不装的话,pureftpd源码安装的时候会出现问题。
安装好之后,就可以启动mysql了。如果是第一次启动,会出现一些提示信息,提示你去设置root密码之类的。
可以使用mysqladmin -u root password rootpass来设置你的mysql的root密码。
设置好了之后,可以使用mysql -u root -p,然后用你的密码登录。
接下来,为你的ftp服务器创建数据库,
create databse pureftpd;
创建用户,grant all on pureftpd.* to 'ftpuser'@'localhost' identified by 'ftpuser_pass';
创建admin表,用于ftp用户的后台管理。
CREATE TABLE `admin` ( `Username` varchar(35) NOT NULL DEFAULT '', `Password` char(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '', PRIMARY KEY (`Username`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
创建users表,存储ftp用户信息。
CREATE TABLE `users` ( `User` varchar(16) NOT NULL DEFAULT '', `Password` varchar(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '', `Uid` int(11) NOT NULL DEFAULT '14', `Gid` int(11) NOT NULL DEFAULT '5', `Dir` varchar(128) NOT NULL DEFAULT '', `QuotaFiles` int(10) NOT NULL DEFAULT '500', `QuotaSize` int(10) NOT NULL DEFAULT '30', `ULBandwidth` int(10) NOT NULL DEFAULT '80', `DLBandwidth` int(10) NOT NULL DEFAULT '80', `Ipaddress` varchar(15) NOT NULL DEFAULT '*', `Comment` tinytext, `Status` enum('0','1') NOT NULL DEFAULT '1', `ULRatio` smallint(5) NOT NULL DEFAULT '1', `DLRatio` smallint(5) NOT NULL DEFAULT '1', PRIMARY KEY (`User`), UNIQUE KEY `User` (`User`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
然后>quit;
4,通过源码安装pure-ftpd-1.0.36
首先,你要去下载pure-ftpd-1.0.36.tar.gz。去哪里下就不说了。一般规范点,你下下来的源码,可以建议都放在/usr/local/src/下面。
然后tar -zxvf pure-ftpd-1.0.36.tar.gz
linux源码的安装,相信大家都没问题。pure-ftpd的源码安装网上的资料很乱,configure会有特别的配置项,其实如果你不是那么的了解,或者你的ftp服务器不是那么的专业级,你不需要去管那么多。你一般你需要加如下几个:
--prefix=/usr/local/pureftpd/ 指定安装目录,值得说一下的是,对于我们这种新人,一般都不会指定这个。可以将自己安装的软件都放在/usr/local/目录下面。 --with-mysql 使用mysql来管理你的ftp用户。 --with-language=english 设置语言,要用中文的话simple-chinese --with-everything 这就是我们可以不用去管那么多特定配置的原因。如果你不懂就指定everything就好,就相当于我们平时安装软件时,选择全部安装。
通过以下命令来完成安装。
./configure --prefix=/usr/local/pureftpd/ --with-mysql --with-language=english --with-everything make && make install
configure出现错误,一般都是你的环境下,没有安装mysql-devel。使用yum install mysql-devel安装即可。
安装好pureftpd之后,接下来就是配置了。
我们将配置文件放到安装目录下的/etc/下面,你会发现安装目录下是没有/etc目录的,自己创建一个
mkdir /usr/local/pureftpd/etc
赋予读写权限,chmod 755 /usr/local/pureftpd/etc
pureftpd的两个主要配置文件是pure-ftpd.conf pureftpd-mysql.conf。他们在你解压出来的源码目录下的configuration-file目录下,
我们将他们复制到/usr/local/pureftpd/etc下,
进入到你的源码目录下面,cd /usr/local/src/pure-ftpd-1.0.36
cp ./configuration-file/pure-ftpd.conf /usr/local/pureftpd/etc/ //配置pureftpd属性
cp ./configuration-file/pureftpd-mysql.conf /usr/local/pureftpd/etc/ //配置pureftpd与mysql连接的属性
这里我直接将我的两个配置给出,需要注意的是
AnonymousOnly,NoAnonymous,他们两个的逻辑是相反的。如果你需要用户先认证,才能访问你的ftp服务器,那么你就讲后者设置为yes,否则将后者设置为no,前者设置为yes
MySQLConfigFile,路径是你上面设置的存放pureftpd-mysql.conf的地址
PIDFile 如果你在一台服务器上跑了两个pureftp实例,那么你要注意,将进程文件设置为不同的名字,否则。进程文件会冲突,有一个进程会杀不掉。因为,停止pureftpd服务是去找到进程文件,然后去杀掉进程的。
ChrootEveryone yes BrokenClientsCompatibility no MaxClientsNumber 200 # Fork in background Daemonize yes # Maximum number of sim clients with the same IP address MaxClientsPerIP 50 # If you want to log all client commands, set this to "yes". # This directive can be duplicated to also log server responses. VerboseLog no DisplayDotFiles yes # Don't allow authenticated users - have a public anonymous FTP only. AnonymousOnly no # Disallow anonymous connections. Only allow authenticated users. NoAnonymous yes # Syslog facility (auth, authpriv, daemon, ftp, security, user, local*) # The default facility is "ftp". "none" disables logging. SyslogFacility ftp DontResolve yes # Maximum idle time in minutes (default = 15 minutes) MaxIdleTime 15 # LDAP configuration file (see README.LDAP) # LDAPConfigFile /etc/pureftpd-ldap.conf # MySQL configuration file (see README.MySQL) MySQLConfigFile /usr/local/pureftpd/etc/pureftpd-mysql.conf LimitRecursion 10000 8 # Are anonymous users allowed to create new directories ? AnonymousCanCreateDirs no # If the system is more loaded than the following value, # anonymous users aren't allowed to download. MaxLoad 4 AntiWarez yes # IP address/port to listen to (default=all IP and port 21). Bind 122.226.64.213,2121 # Maximum bandwidth for anonymous users in KB/s # AnonymousBandwidth 8 # Maximum bandwidth for *all* users (including anonymous) in KB/s # Use AnonymousBandwidth *or* UserBandwidth, both makes no sense. # UserBandwidth 8 # File creation mask. <umask for files>:<umask for dirs> . # 177:077 if you feel paranoid. Umask 133:022 AllowUserFXP no # Allow anonymous FXP for anonymous and non-anonymous users. AllowAnonymousFXP no # Users can't delete/write files beginning with a dot ('.') # even if they own them. If TrustedGID is enabled, this group # will have access to dot-files, though. ProhibitDotFilesWrite no # Prohibit *reading* of files beginning with a dot (.history, .ssh...) ProhibitDotFilesRead no # Never overwrite files. When a file whose name already exist is uploaded, # it get automatically renamed to file.1, file.2, file.3, ... AutoRename no # Disallow anonymous users to upload new files (no = upload is allowed) AnonymousCantUpload no # Minimum UID for an authenticated user to log in. MinUID 100 CreateHomeDir yes # Enable virtual quotas. The first number is the max number of files. # The second number is the max size of megabytes. # So 1000:10 limits every user to 1000 files and 10 Mb. #Quota 1000:10 # If your pure-ftpd has been compiled with standalone support, you can change # the location of the pid file. The default is /var/run/pure-ftpd.pid PIDFile /var/run/pure-ftpd.pid MaxDiskUsage 99 # Set to 'yes' if you don't want your users to rename files. #NoRename yes # Be 'customer proof' : workaround against common customer mistakes like # 'chmod 0 public_html', that are valid, but that could cause ignorant # customers to lock their files, and then keep your technical support busy # with silly issues. If you're sure all your users have some basic Unix # knowledge, this feature is useless. If you're a hosting service, enable it. CustomerProof yes
下面这个是pureftpd-mysql.conf配置,
MYSQLServer localhost # Optional : MySQL port. Don't define this if a local unix socket is used. MYSQLPort 3306 # Optional : define the location of mysql.sock if the server runs on this host. MYSQLSocket /var/lib/mysql/mysql.sock # Mandatory : user to bind the server as. MYSQLUser pureftpduser # Mandatory : user password. You must have a password. MYSQLPassword pureftpdpass # Mandatory : database to open. MYSQLDatabase pureftpd # Mandatory : how passwords are stored # Valid values are : "cleartext", "crypt", "sha1", "md5" and "password" # ("password" = MySQL password() function) # You can also use "any" to try "crypt", "sha1", "md5" *and* "password" MYSQLCrypt md5 MYSQLGetPW SELECT Password FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R") MYSQLGetUID SELECT Uid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R") MYSQLGetGID SELECT Gid FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R") MYSQLGetDir SELECT Dir FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R") MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R") MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L" AND Status="1" AND (Ipaddress = "*" OR Ipaddress LIKE "\R")
千万注意,一定要保证mysql用户名和密码正确。不然后期,你设置都没问题,ftp客户端就是访问不了你的服务器,你很难定位到问题是出现在你的手误。
配置文件设置好了之后,接下来就是配置你的服务了,
cp configuration-file/pure-config.pl /usr/local/pureftpd/sbin/
chmod u+x /usr/local/pureftpd/sbin/pure-config.pl
ftpd服务的启动和停止都是调用pure-config.pl去操作配置文件去完成的。所以我们要对默认的pure-config.pl进行相应的更改,主要是更改里面pure-ftpd.conf的路径。
最后,我们处理启动服务的文件。我也不知道怎么称呼,举个例子来说明这个东东。
比如,我们启动http服务,我们用service httpd start。在源码目录下的contrib目录下有个redhat.init,我们将他复制到/etc/init.d/下,自己随便起个名字,记住就ok。
cp contrib/redhat.init /etc/init.d/pureftpd
至此,pureftpd的安装和配置就算完成了。
今天先写到这里吧,累死了。从小就不会写作文啊,关于pureftpd的测试,改日再另外的一篇博客写。