ubuntu12.04中怎么修改圖形界面關(guān)閉按鈕位置?
2023-11-08
更新時(shí)間:2023-11-08 00:28:40作者:佚名
一、安裝
復(fù)制代碼
代碼如下:
sudo apt-get install proftpd
安裝過(guò)程中會(huì)讓選擇運(yùn)行模式:Standalone和Inetd,前者是單一服務(wù)器模式,后者是超級(jí)服務(wù)器模式,
我選的Standalone。
二、配置
復(fù)制代碼
代碼如下:
sudo vim /etc/shells
加入如下代碼
復(fù)制代碼
代碼如下:
/bin/false
新建用戶(hù)ftpuser1和用戶(hù)組ftp并設(shè)置密碼,此用戶(hù)不需要有效的shell(更安全),所以選擇/bin/false
給fptuser1
復(fù)制代碼
代碼如下:
sudo groupadd ftp
sudo useradd ftpuser1 -p pass -g ftp -d /home/ftp -s /bin/false
在/home/ftp目錄下新建upload和download目錄并修改權(quán)限
復(fù)制代碼
代碼如下:
cd /home/ftp
sudo mkdir download
sudo mkdir upload
cd /home
sudo chmod 755 ftp
cd /home/ftp
sudo chmod 755 download
sudo chmod 777 upload
三、修改proftpd核心配置文件proftpd.conf
復(fù)制代碼
代碼如下:
sudo vim /etc/proftpd/proftpd.conf
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off # 我們不需要IPv6,所以off
ServerName "xiaoyigeng's FTP Server" # 修改服務(wù)器名
ServerType standalone # 服務(wù)器運(yùn)行模式,這里填standalone,也可以選
inetd
DeferWelcome on # 用戶(hù)登陸時(shí)是否顯示歡迎信息
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600 # 可以降到100
TimeoutIdle 1200 # 發(fā)呆超時(shí)
DisplayLogin welcome.msg # 如果上邊DeferWelcom設(shè)置成on,則顯示
welcome.msg中的內(nèi)容
DisplayFirstChdir .message # 更改目錄時(shí)顯示的內(nèi)容
ListOptions "-l"
DenyFilter /*.*/
# Use this to jail all users in their homes
DefaultRoot /home/ftp # ftp用戶(hù)被限制在這個(gè)目錄中
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off # 匿名用戶(hù)要選on
# Port 21 is the standard FTP port.
Port 21 # 服務(wù)運(yùn)行的端口
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534 # PASV模式下用到的端口
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody # 服務(wù)器運(yùn)行在nobody用戶(hù)下
Group nobody # 服務(wù)器運(yùn)行在nobody組下
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022 # 默認(rèn)新建文件的權(quán)限
# Normally, we want files to be overwriteable.
AllowOverwrite on # 文件可以被覆蓋
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile off
# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#<IfModule mod_sql.c>
# SQLBackend mysql
#</IfModule>
TransferLog /var/log/proftpd/xferlog # 傳送文件日志
SystemLog /var/log/proftpd/proftpd.log # 系統(tǒng)運(yùn)行日志
<IfModule mod_tls.c>
TLSEngine off
</IfModule>
<IfModule mod_quota.c>
QuotaEngine on
</IfModule>
<IfModule mod_ratio.c>
Ratios on
</IfModule></p><p># Delay engine reduces impact of the so-called Timing Attack described in
# <a >http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02</a>
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>
# Valid Logins # 以下部分為設(shè)置用戶(hù)權(quán)限部分
<Limit LOGIN>
AllowUser ftpuser1
DenyAll
</Limit>
<Directory /home/ftp>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/ftp/download/>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/ftp/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
四、啟動(dòng)、停止、重啟服務(wù)器
復(fù)制代碼
代碼如下:
sudo /etc/init.d/proftpd start
sudo /etc/init.d/proftpd stop
sudo /etc/init.d/proftpd restart
五、維護(hù)
可以到/var/log/proftpd目錄查看日志
查看ftp服務(wù)器負(fù)載命令 ftptop
查看什么認(rèn)登陸服務(wù)器 ftpwho
PS:proftpd中Limit的使用介紹
我們用到的比較多的可能是Limit的使用,Limit大致有以下動(dòng)作,基本能覆蓋全部的權(quán)限了。
CMD:Change Working Directory 改變目錄
MKD:MaKe Directory 建立目錄的權(quán)限
RNFR: ReName FRom 更改目錄名的權(quán)限
DELE:DELEte 刪除文件的權(quán)限
RMD:ReMove Directory 刪除目錄的權(quán)限
RETR:RETRieve 從服務(wù)端下載到客戶(hù)端的權(quán)限
STOR:STORe 從客戶(hù)端上傳到服務(wù)端的權(quán)限
READ:可讀的權(quán)限,不包括列目錄的權(quán)限,相當(dāng)于RETR,STAT等
WRITE:寫(xiě)文件或者目錄的權(quán)限,包括MKD和RMD
DIRS:是否允許列目錄,相當(dāng)于LIST,NLST等權(quán)限,還是比較實(shí)用的
ALL:所有權(quán)限
LOGIN:是否允許登陸的權(quán)限
針對(duì)上面這個(gè)Limit所應(yīng)用的對(duì)象,又包括以下范圍
AllowUser 針對(duì)某個(gè)用戶(hù)允許的Limit
DenyUser 針對(duì)某個(gè)用戶(hù)禁止的Limit
AllowGroup 針對(duì)某個(gè)用戶(hù)組允許的Limit
DenyGroup 針對(duì)某個(gè)用戶(hù)組禁止的Limit
AllowAll 針對(duì)所有用戶(hù)組允許的Limit
DenyAll 針對(duì)所有用戶(hù)禁止的Limit
關(guān)于限制速率的參數(shù)為:
TransferRate STOR|RETR 速度(Kbytes/s) user 使用者