# install on CentOS 7 without iptables and seLinux
# install something we need yum install vsftpd gcc pam-devel unzip php -y # Setup for virtual user curl 'https://codeload.github.com/tiwe-de/libpam-pwdfile/zip/master' > master.zip
unzip master.zip
cd libpam-pwdfile-master/
make
cp pam_pwdfile.so /lib64/security/ mv /etc/pam.d/vsftpd /etc/pam.d/vsftpd.org echo "auth required /lib64/security/pam_pwdfile.so pwdfile /etc/vsftpd/users" "" >> /etc/pam.d/vsftpd account required /lib64/security/pam_permit.so" "" >> /etc/pam.d/vsftpd echo " # backup config mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.org
# Setup vsftpd main config
echo "local_umask=022" >> /etc/vsftpd/vsftpd.conf echo "anonymous_enable=NO" >> /etc/vsftpd/vsftpd.conf echo "local_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "virtual_use_local_privs=YES" >> /etc/vsftpd/vsftpd.conf echo "write_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "connect_from_port_20=YES" >> /etc/vsftpd/vsftpd.conf echo "secure_chroot_dir=/var/run/vsftpd" >> /etc/vsftpd/vsftpd.conf echo "pam_service_name=vsftpd" >> /etc/vsftpd/vsftpd.conf echo "guest_enable=YES" >> /etc/vsftpd/vsftpd.conf echo "user_sub_token=$USER" >> /etc/vsftpd/vsftpd.conf echo "local_root=/data/ftp/$USER" >> /etc/vsftpd/vsftpd.conf echo "chroot_local_user=YES" >> /etc/vsftpd/vsftpd.conf echo "hide_ids=YES" >> /etc/vsftpd/vsftpd.conf echo "user_config_dir=/etc/vsftpd/user_config" >> /etc/vsftpd/vsftpd.conf echo "allow_writeable_chroot=YES" >> /etc/vsftpd/vsftpd.conf
# Setup up for vsftpd running folder
mkdir -p /var/run/vsftpd
mkdir -p /etc/vsftpd/user_config
# Setup up for ftp user
# Setup up for ftp user
mkdir -p /ftp/users
chown -Rf ftp:ftp /ftp/users
# Note: this command must turn on "short tag"
sed -i "s/short_open_tag = .*/short_open_tag = On/" /etc/php.ini
# ftp user config
mkdir -p /etc/vsftpd/user_config/
# ftp user account add
echo "<?php echo 'username:' . crypt('passwd'); ?>"| php >> /etc/vsftpd/users
echo "" >> /etc/vsftpd/users
echo "local_root=/ftp/users/username_home""" >> /etc/vsftpd/user_config/username
# Create ftp user home
mkdir -p /ftp/users/username_home
chown -Rf ftp:ftp /ftp/users/username_home
# Note: this command must turn on "short tag"
sed -i "s/short_open_tag = .*/short_open_tag = On/" /etc/php.ini
# ftp user config
mkdir -p /etc/vsftpd/user_config/
# ftp user account add
echo "<?php echo 'username:' . crypt('passwd'); ?>"| php >> /etc/vsftpd/users
echo "" >> /etc/vsftpd/users
echo "local_root=/ftp/users/username_home""" >> /etc/vsftpd/user_config/username
# Create ftp user home
mkdir -p /ftp/users/username_home
chown -Rf ftp:ftp /ftp/users/username_home
echo "" >> /etc/vsftpd/users
#mkdir -p /etc/vsftpd/user_config/
echo "local_root=/ftp/users/$1" "" >> /etc/vsftpd/user_config/$1
mkdir -p /ftp/users/$1
chown -Rf ftp:ftp /ftp/users/$1
firewall-cmd --permanent --add-port=21/tcp
firewall-cmd --permanent --add-service=ftp
Restart firewall:firewall-cmd --reload
Restart firewall:firewall-cmd --reload
No comments:
Post a Comment