Operation System/Linux ( CentOS )
[CentOS 5.2] ProFTP 설정하기
Foolishdevil
2009. 7. 18. 14:11
리눅스에 ProFTP를 설치 및 설정하기 전에 Root로 로그인해야되는 것을 잊지 말자!!
[root@localhost src]# mkdir ftpd
[root@localhost src]# mkdir /usr/local/server
[root@localhost src]# mkdir /usr/local/server/proftpd
[root@localhost src]# cd /usr/local/src/ftpd
[root@localhost ftpd]# wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2a.tar.gz
... 중략 ...
[root@localhost ftpd]# tar xvfz proftpd-1.3.2a.tar.gz
... 중략 ...
[root@localhost ftpd]# cd proftpd-1.3.3rc1
[root@localhost proftpd-1.3.3rc1]# ./configure --profix=/usr/local/server/proftpd --enable-autoshadow --enable-shadow
[root@localhost proftpd-1.3.3rc1]# make & make install
echo \#define BUILD_STAMP \"`date`\" >include/buildstamp.h
cd lib/ && make lib
make[1]: Entering directory `/usr/local/src/ftpd/proftpd-1.3.3rc1/lib'
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pr_fnmatch.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c sstrncpy.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c strsep.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c vsnprintf.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-glob.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-hstrerror.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-mkstemp.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pr-syslog.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pwgrent.c
... 중략 ...
[root@localhost proftpd-1.3.3rc1]# cd /usr/local/server/proftpd/etc/
[root@localhost sbin]# vi /usr/local/server/proftpd/etc/proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on
...중략...
# Set the user and group under which the server will run.
User nobody
Group nobody
//Group nogroup
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
...중략...
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
:wq!
[root@localhost sbin]# ./proftpd &
[1] 10644
[root@localhost sbin]# localhost.localdomain - SETUP PRIVS at main.c:3057
ps aux|grep proftpd
nobody 10575 0.0 0.1 2592 1004 ? Ss 01:48 0:00 proftpd: (accepting connections)
root 10647 0.0 0.1 3912 696 pts/0 R+ 01:52 0:00 grep proftpd
[1]+ Done ./proftpd
[root@localhost sbin]# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
... 중략 ...
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT //이부분을 추가해준다
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq!
[root@localhost sbin]# /etc/rc.d/init.d/iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]
[root@localhost sbin]#
-- 서버 운영될 때 또는 재시작시 서비스를 시작하지 않고 운영되는 동시에 ftp 바로 실행하기 --
[root@localhost rpm]# cd /usr/local/src/ftpd/proftpd-1.3.3rc1/contrib/dist/rpm/
[root@localhost rpm]# ls -l
total 40
-rw-r--r-- 1 1000 1000 565 Oct 4 2007 ftp.pamd
-rw-r--r-- 1 1000 1000 1941 Dec 8 2002 proftpd.init.d
-rw-r--r-- 1 1000 1000 1865 Sep 26 2004 proftpd.init.d.suse
-rw-r--r-- 1 1000 1000 138 May 28 01:14 proftpd.logrotate
-rw-r--r-- 1 1000 1000 252 Aug 28 2003 xinetd
[root@localhost rpm]#
----------------------------------------------------------------------------------------------
리눅스 서버를 구성하다가 한 삽질입니다.
리눅스를 설치할때 CUI로 사용할 수 있게끔 설치 하였기 때문에 원격 이용해서 작업다!!
[root@localhost src]# mkdir ftpd
[root@localhost src]# mkdir /usr/local/server
[root@localhost src]# mkdir /usr/local/server/proftpd
[root@localhost src]# cd /usr/local/src/ftpd
[root@localhost ftpd]# wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2a.tar.gz
... 중략 ...
[root@localhost ftpd]# tar xvfz proftpd-1.3.2a.tar.gz
... 중략 ...
[root@localhost ftpd]# cd proftpd-1.3.3rc1
[root@localhost proftpd-1.3.3rc1]# ./configure --profix=/usr/local/server/proftpd --enable-autoshadow --enable-shadow
[root@localhost proftpd-1.3.3rc1]# make & make install
echo \#define BUILD_STAMP \"`date`\" >include/buildstamp.h
cd lib/ && make lib
make[1]: Entering directory `/usr/local/src/ftpd/proftpd-1.3.3rc1/lib'
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pr_fnmatch.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c sstrncpy.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c strsep.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c vsnprintf.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-glob.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-hstrerror.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c glibc-mkstemp.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pr-syslog.c
gcc -DHAVE_CONFIG_H -DLINUX -I.. -I../include -O2 -Wall -c pwgrent.c
... 중략 ...
[root@localhost proftpd-1.3.3rc1]# cd /usr/local/server/proftpd/etc/
[root@localhost sbin]# vi /usr/local/server/proftpd/etc/proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on
...중략...
# Set the user and group under which the server will run.
User nobody
Group nobody
//Group nogroup
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
...중략...
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
:wq!
[root@localhost sbin]# ./proftpd &
[1] 10644
[root@localhost sbin]# localhost.localdomain - SETUP PRIVS at main.c:3057
ps aux|grep proftpd
nobody 10575 0.0 0.1 2592 1004 ? Ss 01:48 0:00 proftpd: (accepting connections)
root 10647 0.0 0.1 3912 696 pts/0 R+ 01:52 0:00 grep proftpd
[1]+ Done ./proftpd
[root@localhost sbin]# vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
... 중략 ...
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT //이부분을 추가해준다
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq!
[root@localhost sbin]# /etc/rc.d/init.d/iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]
[root@localhost sbin]#
-- 서버 운영될 때 또는 재시작시 서비스를 시작하지 않고 운영되는 동시에 ftp 바로 실행하기 --
[root@localhost rpm]# cd /usr/local/src/ftpd/proftpd-1.3.3rc1/contrib/dist/rpm/
[root@localhost rpm]# ls -l
total 40
-rw-r--r-- 1 1000 1000 565 Oct 4 2007 ftp.pamd
-rw-r--r-- 1 1000 1000 1941 Dec 8 2002 proftpd.init.d
-rw-r--r-- 1 1000 1000 1865 Sep 26 2004 proftpd.init.d.suse
-rw-r--r-- 1 1000 1000 138 May 28 01:14 proftpd.logrotate
-rw-r--r-- 1 1000 1000 252 Aug 28 2003 xinetd
[root@localhost rpm]#
----------------------------------------------------------------------------------------------
리눅스 서버를 구성하다가 한 삽질입니다.
리눅스를 설치할때 CUI로 사용할 수 있게끔 설치 하였기 때문에 원격 이용해서 작업다!!