vi install_vsftpd.sh
#!/bin/bash
# remove=>download=>install=>configure=>start service "vsftpd"
#
# /usr/bin/yum => #!/usr/bin/python2.4
# remove old
/sbin/service vsftpd stop
/usr/bin/yum -y remove vsftpd db4-utils
/bin/rm -rf /etc/vsftpd
# download and install new program
/usr/bin/yum -y install vsftpd db4-utils
#####################
# configure from here
# make directories
/bin/mkdir -p /etc/vsftpd/roles /data/ftpdata /data/data1 /data/data2
# add local user 'vftp' with local directory '/data/ftp'
/usr/sbin/useradd -s /sbin/nologin vftp -d /data/ftpdata
/bin/chmod 700 /data/ftpdata
/bin/chown vftp:vftp /data/ftpdata
# use configuration settings below
test -f /etc/vsftpd/vsftpd.conf && /bin/mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.old
/bin/cat > /etc/vsftpd/vsftpd.conf << _vsftpconfig
anon_mkdir_write_enable=no
anon_root=/dev/zero
anon_upload_enable=no
anon_world_readable_only=yes
anonymous_enable=no
banner_file=/etc/vsftpd/issue
chroot_list_enable=yes
chroot_list_file=/etc/vsftpd/chroot_list
chroot_local_user=yes
connect_from_port_20=yes
data_connection_timeout=120
dirmessage_enable=yes
ftpd_banner=welcome to use mercury ftp server.
guest_enable=yes
guest_username=vftp
hide_file={.*}
pam_service_name=vsftpd.vu
idle_session_timeout=600
local_enable=yes
local_umask=022
log_ftp_protocol=yes
passwd_chroot_enable=no
pasv_enable=yes
pasv_min_port=9981
pasv_max_port=10281
listen_ipv6=no
listen_port=6666
listen=yes
tcp_wrappers=yes
use_localtime=yes
user_config_dir=/etc/vsftpd/roles
userlist_enable=yes
virtual_use_local_privs=yes
write_enable=yes
xferlog_enable=yes
xferlog_std_format=yes
_vsftpconfig
# create virtual accounts
/bin/cat > /etc/vsftpd/accounts << _accounts
ftpdata
123
data1
data2
_accounts
/usr/bin/db_load -t -t hash -f /etc/vsftpd/accounts /etc/vsftpd/accounts.db
/bin/chmod 0600 /etc/vsftpd/accounts.db
echo "/usr/bin/db_load -t -t hash -f /etc/vsftpd/accounts /etc/vsftpd/accounts.db" > /etc/vsftpd/create.sh
echo "/bin/chmod 0600 /etc/vsftpd/accounts.db" >> /etc/vsftpd/create.sh
/bin/chmod u+x /etc/vsftpd/create.sh
# add pam
test $(/usr/bin/getconf long_bit) -eq 64 && logbit=64
/bin/cat > /etc/pam.d/vsftpd.vu << _pam
#%pam-1.0
auth sufficient /lib${logbit:+64}/security/pam_userdb.so db=/etc/vsftpd/accounts
account sufficient /lib${logbit:+64}/security/pam_userdb.so db=/etc/vsftpd/accounts
_pam
# user permission
> /etc/vsftpd/chroot_list
/bin/cat > /etc/vsftpd/roles/ftpdata << _ftpdata
local_root=/data/ftpdata
anon_world_readable_only=no
_ftpdata
/bin/cat > /etc/vsftpd/roles/data1 << _data1
local_root=/data/data1
write_enable=no
_data1
/bin/cat > /etc/vsftpd/roles/data2 << _data2
local_root=/data/data2
_data2
/bin/cat > /etc/vsftpd/issue << _ftpissue
==== welcome to use mercury ftp server ====
your host,ipaddress and all your operate will be logged,enjoy yourself.
_ftpissue
# selinux
#selinux_flag=$(/usr/bin/awk -f"=" '/^selinux/ {print $2}' /etc/sysconfig/selinux)
#test "$selinux_flag" != "enforcing" && /bin/sed -i 's/selinux=.*$/selinux=enforcing/' /etc/sysconfig/selinux
/usr/sbin/setsebool -p ftpd_disable_trans on
# chkconfig
/sbin/chkconfig vsftpd on
# start service "vsftpd"
/sbin/service vsftpd start
# type "ftp localhost" to test
# end