کد:
http://articles.techrepublic.com.com/5100-10878_11-6182594.html
Takeaway: FTP is a basic service that can come in handy for your network. If you want to set it up, but don't want to go to the hassle of messing with altering configuration files, you're in luck. Jack Wallen shows how to configure FTP on Linux using Webmin.
This article is also available as a TechRepublic download.
An on-going GUI server series based on OpenSuSE 10.2 and YaST2 has been very satisfying. There have been instances, however, when I have had to turn away from YaST2 and look at other means of setting up a service with the aid (and simplification) of a GUI tool. That's where Webmin usually picks up the slack. Webmin is a powerful Web-based administration tool. Setting up an FTP server on OpenSuSE was no different. Without a YaST2 module to help me, I fired up Webmin in Firefox, only to realize I had a bit of installing to do.
Where's FTP?
OpenSuSE does not default with an FTP server installed (even after a full five-disk installation.) The only thing resembling FTP was
lftp (a command-line FTP program that does not have a server daemon.) Since
lftp will not serve up files, I had to turn to something different.
The recommended FTP server for OpenSuSE is
vsftp (Very Secure FTP) which claims to be "the most secure and fastest FTP server for UNIX-like systems." This sounded like a good choice, so it’s the one we’re using here.
Installing vsftp
To get
vsftp up and running, you need to install two components:
vsftpd and the
vsftpd Webmin module. We're going to install
vsftpd via YaST2 and then fire up Webmin to install the
vsftpd module. Fortunately, for
vsftp itself, you don’t have to download anything or visit any Web sites. You can get it directly from YaST’s Software Management utility.
Navigate to Computer | More Applications. Once the window shown in
Figure A appears, press the Utilities button in the left navigation bar.
Figure A
You could also just enter "yast" in the search field to find the YaST tool. Once the utilities have grouped together, seen in
Figure B, press the YaST button.
Figure B
Any time you select one of the groups from the left navigation, that group is displayed at the top of the right window. You'll then see the screen in
Figure C. After YaST opens, you should press the Software Management button (right window) listed under the Software group (left window).
Figure C
When YaST opens, it defaults to the Software category. The Software Management tool will open, and you will need to do a search for
vsftp. Enter the search string and the results will display, as shown in
Figure D.
Figure D
As you can see, the green check means "keep." A black check means "install."
Getting the Webmin module
After you've made the selection to install
vsftp, press the accept button at the bottom right corner and YaST will do its thing. When it finishes, install the Webmin module (otherwise, you'll be configuring
vsftp by editing the configuration files by hand).
You'll need to
download the module to begin. Once you finish the download, do not unpack the file. Fire up Webmin by opening up your browser and pointing it to
http://address_of_server:10000. Log in as the root user with the root users' password. After you log in, expand the Webmin menu -- as shown in
Figure E -- and press the Webmin Modules button.
Figure E
There are a ton of configuration options within Webmin. Under Install Module, make sure From Local File is checked, and press the "..." button. The window shown in
Figure F will appear for you to navigate to the location of the
vsftpd file you just downloaded.
Figure F
Either point-and-click or type in the complete path to your file. When you find the file, press OK to return to the Webmin window. Now press the Install Module button and Webmin will do its thing. After the installation is complete, expand the Servers menu. You will now see an entry for
vsftp. Click on the
vstpd link to reveal the configuration options for your new FTP server, as shown in
Figure G.
Figure G
You can start or restart the
vsftp daemon from this screen.
Configuring vsftpd
The first configuration option will be the oddly-named Generally Attitudes. Press that button to reveal the five configuration options shown in
Figure H.
Figure H
"Attitudes" is a good way to describe a configuration section that keeps users from doing unwanted things with your FTP server. The first option is the File Unmask. This is actually referring to
umask and is basically opposite of
chmod. Here's how
umask works:
- chmod 777 is the same asumask=000 (or rwx)
- chmod 666 is the same asumask=111 (or rw-)
- chmod 555 is the same as umask=222 (or r-x)
- chmod 444 is the same asumask=333 (or r--)
- chmod 333 is the same asumask=444 (or -wx)
- chmod 222 is the same as umask=555 (or -w-)
- chmod 111 is the same asumask=666 (or --x)
- chmod 000 is the same as umask=777 (or ---)
So you have to add the correct
umask that you would like to be applied to the files in your FTP server. If you want users to only be able to read files, you would use
333 in the File Unmask field. If you want users to be able to read and write to the files, you would use
111.
Here is a brief description of the rest of the options:
- Idle Session Timeout: Set the length of time you want to leave an idle session connected.
- Data Connection Timeout: Set the length of time you allow before a disconnect during a download.
- Welcome Banner Text: Set the text you want the users to see when they log in.
- FTP Username: Sets the UNIX user associated with the server. If you press the "..." button, you will see a list of possible names. More than likely, the user will be ftp.
Once you have completed these options, select Save Changes to return to the main
vsftpd screen.
The next option is for anonymous FTP usage. If you want to enable this option, press the Anonymous FTP button. There are three options to configure, as shown in
Figure I.
Figure I
The defaults are all "yes". Make sure your network is secure before you deploy these options. The options are fairly self-explanatory. Your choices will depend upon your environment. Once you have made your choices, select Save Changes to return to the main
vsftp menu.
The next section,
Figure J, applies to local users. Local users are those users that actually have accounts on the server. When a local user logs in, they will default to their home directory. You can change this by disabling the
chroot option. The
chroot option, when set to
yes, locks the user within their home directory. So if you want local users to be able to move outside of their
~/ (home) directory, set the
chroot option to No.
Figure J
Remember, this screen only deals with users with an account on the server. The other two options, Enable Local Users and Local Users Can Write are self explanatory. But just in case you're not sure on the latter, enabling Local Users Can Write will allow users with an account on the server to upload files to the server. Remember, if you have them
chroot'ed, the users will be able to upload files to directories other than their home directory (so long as they have permissions to access those directories).
Press Save Changes, and you will be sent back to the main module configuration screen.
The Log section, seen in
Figure K, allows you to configure your
vsftp server to log in
xferlog format, and where to keep this
xfer formatted log file.
Figure K
You can either manually enter the log file path or press the "..." button to browse the directory hierarchy. The
xferlogformat (Transfer Log) is a format used to log file transfers. The standard
xferlog format is (from the
xferlogmanpage):
current-time transfer-time remote-host file- size filename transfer-type special-action- flag direction access-mode username service- name authentication-method authenticated-user-id
A sample log entry will look like this:
Fri Apr 27 10:48:39 2007 1 192.168.1.23 27180 /logo_phpBB.gif b _ i r maryjane FTP 0 * c
Fri Apr 27 10:48:45 2007 1 192.168.1.23 5847743 /P. Diddy and Jimmy Paige - come_with_me.mp3.mp3 b _ i r maryjane FTP 0 * c
Unfortunately, you can not make any adjustments to how
vsftpd logs transactions within Webmin unless you go the Manual Entriessection (more on that in a bit.)
There is one last issue with the log section. In the Logging Information configuration, you will notice a link called FTP Stats. This is a link to Webalizer on the system. Even though I have not installed the Webalizer module on the system, a page shows up when I click the FTP Stats link. The page shows data from the last 12 months, but is only sample data and is from January 2005 -- a bit out of date. In order to get this working, the Webalizer module would have to be installed on the server.
Other settings
Next we'll take a look at the Miscellaneoussettings, as shown in
Figure L.
Figure L
The final touches are added here. There are five different configuration options available under the Miscellaneous category:
- Force Dot Files: Shows hidden (files that begin with a ".") files in the FTP directories.
- Listen Address: The IP address vsftpd will listen on.
- Hide File(s): Lists all of the files that will be hidden to users. Note: If you have more than one file, place the list of files in braces {}.
- Anon Max Rate In Bytes/sec: Speed at which anonymous users can upload and/or download files.
- Local Max Rate In Bytes/sec: Speed at which local users can upload and/or download files.
Finally, let's take a look at the Manual Entries configuration. When you click on this link (from the main
vsftpd module), a window with an editable-text area box will appear, as shown in
Figure M.
Figure M
No GUI here, just good old-fashioned configuration file editing.
FTP the GUI way
As you can see, this is just a means to hand-edit every possible configuration option known to
vsftp. This is a very handy tool. I noticed a few times that my configuration options within the GUI wouldn't "stick". By opening up the manual editing tool, and making the changes by hand, the changes would eventually stick when using the GUI.
Obviously, there are a lot more options here than within the GUI. With
vsftp (as with most Linux servers), there are a ton of configuration options. Luckily, setting up a basic FTP server doesn't require you to go outside of the Webmin GUI tool. The manual editing tool is mostly useful to those who have very specific needs for their FTP server.
If you want to learn how to get really down and dirty with your manual editing, open up a console window and type
man vsftpd.conf and you'll see every available configuration option. It's a long read.
Once you have finished up your final configurations, go back to the main
vsftpd window and press either the Restart Vsftpd Server button or the Start Vsftpd Server button. Either way, your server will start up and your users will be able to log in