ProFTPD on Solaris 8 (as anonymous):
Pre-install tasks:
Then add the "ftp" account for anonymous
# /usr/sbin/groupadd -g 3001 ftp
# /usr/sbin/useradd -c "Anonymous ftp" -d /export/ftp -g ftp -m -u 3001 ftp
Now disable "ftp" from remote logins
# grep ftp /etc/passwd
ftp:x:3001:3001:Anonymous ftp:/export/ftp:/bin/sh
edit the line containing "ftp" and remove the field for the shell "/bin/sh" so
that you end up with:
ftp:x:3001:3001:Anonymous ftp:/export/ftp:
Note: You could also use "noshell" from the Titan compilation:
http://www.fish.com/titan/TITAN_Solaris8.html
Now lock out root from ftp use
# echo "root" >> /etc/ftpusers
Installation tasks:
Download the source or "fetch" from kinscoe.harcourt.com
ftp://ftp.proftpd.org/distrib/proftpd-1.2.5rc1.tar.gz
Read the INSTALL file
Refer to the User Manual - http://proftpd.linux.co.uk/localsite/Userguide/linked/userguide.html
# ./configure --prefix=/usr/local
# make
# make install
Test our build
# /usr/local/sbin/proftpd -d9 -n
kinscoe -
kinscoe - Config for ProFTPD Default Installation:
kinscoe - ~ftp/
kinscoe - Limit
kinscoe - DenyAll
kinscoe - UserName
kinscoe - GroupName
kinscoe - UserAlias
kinscoe - MaxClients
kinscoe - DisplayLogin
kinscoe - DisplayFirstChdir
kinscoe - Umask
kinscoe - /*
kinscoe - AllowOverwrite
kinscoe - Umask
kinscoe - DefaultServer
kinscoe - Umask
kinscoe - User
kinscoe - UserName
kinscoe - Group
kinscoe - GroupName
kinscoe - ProFTPD 1.2.5rc1 (release) (built Wed Apr 17 12:25:12 EDT 2002) standalone mode STARTUP
# ftp kinscoe
Connected to kinscoe.
220 ProFTPD 1.2.5rc1 Server (ProFTPD Default Installation) [kinscoe]
Name (kinscoe:kinscoe):
Ok good it is built and now manually running.
kinscoe (kinscoe[167.208.5.13]) - connected - local : 167.208.5.13:21
kinscoe (kinscoe[167.208.5.13]) - connected - remote : 167.208.5.13:33572
kinscoe (kinscoe[167.208.5.13]) - FTP session opened.
Now do a control-C to kill it.
^C
kinscoe (kinscoe[167.208.5.13]) - ProFTPD terminating (signal 2)
kinscoe - ProFTPD terminating (signal 2)
kinscoe - ProFTPD 1.2.5rc1 standalone mode SHUTDOWN
Now to setup the configuration:
This is the /usr/local/etc/proftpd.conf I used:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "kinscoe.harcourt.com"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Normally, we want files to be overwriteable.
AllowOverwrite on
# A basic anonymous configuration, no upload directories.
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
# Limit the maximum number of anonymous logins
MaxClients 10
# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
DenyAll
Now setup ProFTP to run in place of Sun's in.ftpd:
http://proftpd.linux.co.uk/docs/faq/proftpdfaq-4.html#ss4.8
Find the line in /etc/inetd.conf that looks something like this:
ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd
Replace it with:
ftp stream tcp6 nowait root /usr/local/sbin/proftpd /usr/local/sbin/proftpd/proftpd -d9
No rehup the inetd:
kill -HUP `ps -ef | grep /usr/sbin/inetd | head -1 | awk ' { print $2 }'`
Setup software distros:
# cd /export/ftp
# find . -exec chown ftp {} \;
# find . -exec chgrp ftp {} \;
# find . -exec chmod 555 {} \;