生产环境中安装vsftpd的shell脚本-阿里云开发者社区

生产环境中安装vsftpd的shell脚本

2016-05-25 1930

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介：

原创作品，允许转载，转载时请务必以超链接形式标明文章原始出处、作者信息和本声明。否则将追究法律责任。 http://navyaijm.blog.51cto.com/4647068/822356

vi install_vsftpd.sh

#!/bin/bash
# Remove=>Download=>Install=>Configure=>Start service "vsftpd"
#
# /usr/bin/yum => #!/usr/bin/python2.4

# Remove old
/sbin/service vsftpd stop
/usr/bin/yum -y remove vsftpd db4-utils
/bin/rm -rf /etc/vsftpd

# Download and install new program
/usr/bin/yum -y install vsftpd db4-utils

#####################
# Configure from here

# Make directories
/bin/mkdir -p /etc/vsftpd/roles /data/ftpdata /data/data1 /data/data2

# Add local user 'vftp' with local directory '/data/ftp'
/usr/sbin/useradd -s /sbin/nologin vftp -d /data/ftpdata
/bin/chmod 700 /data/ftpdata
/bin/chown vftp:vftp /data/ftpdata

# Use configuration settings below
test -f /etc/vsftpd/vsftpd.conf && /bin/mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.old
/bin/cat > /etc/vsftpd/vsftpd.conf << _vsftpconfig
anon_mkdir_write_enable=NO
anon_root=/dev/zero
anon_upload_enable=NO
anon_world_readable_only=YES
anonymous_enable=NO
banner_file=/etc/vsftpd/issue
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
chroot_local_user=YES
connect_from_port_20=YES
data_connection_timeout=120
dirmessage_enable=YES
ftpd_banner=Welcome to use mercury FTP server.
guest_enable=YES
guest_username=vftp
hide_file={.*}
pam_service_name=vsftpd.vu
idle_session_timeout=600
local_enable=YES
local_umask=022
log_ftp_protocol=YES
passwd_chroot_enable=NO
pasv_enable=YES
pasv_min_port=9981
pasv_max_port=10281
listen_ipv6=NO
listen_port=6666
listen=YES
tcp_wrappers=YES
use_localtime=YES
user_config_dir=/etc/vsftpd/roles
userlist_enable=YES
virtual_use_local_privs=YES
write_enable=YES
xferlog_enable=YES
xferlog_std_format=YES
_vsftpconfig

# Create virtual accounts
/bin/cat > /etc/vsftpd/accounts << _accounts
ftpdata
123
data1
123
data2
123
_accounts

/usr/bin/db_load -T -t hash -f /etc/vsftpd/accounts /etc/vsftpd/accounts.db
/bin/chmod 0600 /etc/vsftpd/accounts.db
echo "/usr/bin/db_load -T -t hash -f /etc/vsftpd/accounts /etc/vsftpd/accounts.db" > /etc/vsftpd/create.sh
echo "/bin/chmod 0600 /etc/vsftpd/accounts.db" >> /etc/vsftpd/create.sh
/bin/chmod u+x /etc/vsftpd/create.sh

# Add PAM
test $(/usr/bin/getconf LONG_BIT) -eq 64 && logBit=64
/bin/cat > /etc/pam.d/vsftpd.vu << _pam
#%PAM-1.0
auth sufficient /lib${logBit:+64}/security/pam_userdb.so db=/etc/vsftpd/accounts
account sufficient /lib${logBit:+64}/security/pam_userdb.so db=/etc/vsftpd/accounts
_pam

# User permission
> /etc/vsftpd/chroot_list

/bin/cat > /etc/vsftpd/roles/ftpdata << _ftpdata
local_root=/data/ftpdata
anon_world_readable_only=no
write_enable=yes
anon_upload_enable=no
virtual_use_local_privs=yes
anon_mkdir_write_enable=no
_ftpdata

/bin/cat > /etc/vsftpd/roles/data1 << _data1
local_root=/data/data1
anon_world_readable_only=no
write_enable=no
anon_upload_enable=no
virtual_use_local_privs=yes
anon_mkdir_write_enable=no
_data1

/bin/cat > /etc/vsftpd/roles/data2 << _data2
local_root=/data/data2
anon_world_readable_only=no
write_enable=no
anon_upload_enable=no
virtual_use_local_privs=yes
anon_mkdir_write_enable=no
_data2

/bin/cat > /etc/vsftpd/issue << _ftpissue
==== Welcome to use mercury ftp server ====
Your host,ipaddress and all your operate will be logged,enjoy yourself.
_ftpissue

# selinux
#SELINUX_FLAG=$(/usr/bin/awk -F"=" '/^SELINUX/ {print $2}' /etc/sysconfig/selinux)
#test "$SELINUX_FLAG" != "enforcing" && /bin/sed -i 's/SELINUX=.*$/SELINUX=enforcing/' /etc/sysconfig/selinux
/usr/sbin/setsebool -P ftpd_disable_trans on
# chkconfig
/sbin/chkconfig vsftpd on

# Start service "vsftpd"
/sbin/service vsftpd start
# type "ftp localhost" to test
# END

本文出自 “屌丝运维男” 博客，请务必保留此出处http://navyaijm.blog.51cto.com/4647068/822356

生产环境中安装vsftpd的shell脚本

热门文章

最新文章

相关课程

相关电子书

相关实验场景