원문 : http://www.ischo.net -- 조인상 // 시스템 엔지니어

Writer : http://www.ischo.net -- ischo // System Engineer in Replubic Of Korea

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

본문 : http://www.ischo.net -- 조인상 //시스템 엔지니어

+++++++++++++++++++++++++++++++++++++++++++++++++++++++


1. /etc/passwd 화일과  /etc/shadow 화일에 아래와 같이 ftp user에 대하여 정의한다.

  /etc/passwd  file:

  ftp:x:30000:30000:Anonymous FTP:/export/ftp:/nosuchshell

  /etc/shadow file:

  ftp:NP:6445::::::


2. 아래의 shell script를 실행한다.


    #!/bin/sh
    # script to setup anonymous ftp area
    #

    # verify you are root
    /usr/bin/id | grep -w 'uid=0' >/dev/null 2>&1
    if [ "$?" != "0" ]; then
echo
exit 1
    fi

    # handle the optional command line argument
    case $# in

# the default location for the anon ftp comes from the passwd file
0) ftphome="`getent passwd ftp | cut -d: -f6`"
  ;;

1) if [ "$1" = "start" ]; then
    ftphome="`getent passwd ftp | cut -d: -f6`"
  else
    ftphome=$1
  fi
  ;;

*) echo "Usage: $0 [anon-ftp-root]"
  exit 1
  ;;
    esac

    if [ -z "${ftphome}" ]; then
echo "$0: ftphome must be non-null"
exit 2
    fi

    case ${ftphome} in
/*) # ok
    ;;

*) echo "$0: ftphome must be an absolute pathname"
  exit 1
  ;;
    esac

    # This script assumes that ftphome is neither / nor /usr so ...
    if [ -z "${ftphome}" -o "${ftphome}" = "/" -o "${ftphome}" = "/usr" ]; then
echo "$0: ftphome must be non-null and neither / or /usr"
exit 2
    fi

    # If ftphome does not exist but parent does, create ftphome
    if [ ! -d ${ftphome} ]; then
  # lack of -p below is intentional
  mkdir ${ftphome}
    fi
    chown root ${ftphome}
    chmod 555 ${ftphome}

    echo Setting up anonymous ftp area ${ftphome}

    # Ensure that the /usr directory exists
    if [ ! -d ${ftphome}/usr ]; then
  mkdir -p ${ftphome}/usr
    fi
    # Now set the ownership and modes to match the man page
    chown root ${ftphome}/usr
    chmod 555 ${ftphome}/usr

    # Ensure that the /usr/bin directory exists
    if [ ! -d ${ftphome}/usr/bin ]; then
  mkdir -p ${ftphome}/usr/bin
    fi
    # Now set the ownership and modes to match the man page
    chown root ${ftphome}/usr/bin
    chmod 555 ${ftphome}/usr/bin

    # this may not be the right thing to do
    # but we need the bin -> usr/bin link
    rm -f ${ftphome}/bin
    ln -s usr/bin ${ftphome}/bin

    # Ensure that the /usr/lib and /etc directories exist
    if [ ! -d ${ftphome}/usr/lib ]; then
  mkdir -p ${ftphome}/usr/lib
    fi
    chown root ${ftphome}/usr/lib
    chmod 555 ${ftphome}/usr/lib

    if [ ! -d ${ftphome}/etc ]; then
  mkdir -p ${ftphome}/etc
    fi
    chown root ${ftphome}/etc
    chmod 555 ${ftphome}/etc

    # a list of all the commands that should be copied to ${ftphome}/usr/bin
    # /usr/bin/ls is needed at a minimum.
    ftpcmd="
/usr/bin/ls
    "

    # ${ftphome}/usr/lib needs to have all the libraries needed by the above
    # commands, plus the runtime linker, and some name service libraries
    # to resolve names. We just take all of them here.

    ftplib="`ldd $ftpcmd | nawk '$3 ~ /lib/ { print $3 }' | sort | uniq`"
    ftplib="$ftplib /usr/lib/nss_* /usr/lib/straddr* /usr/lib/libmp.so*"
    ftplib="$ftplib /usr/lib/libnsl.so.1 /usr/lib/libsocket.so.1 /usr/lib/ld.so.1"
    ftplib="`echo $ftplib | tr ' ' '0 | sort | uniq`"

    cp ${ftplib} ${ftphome}/usr/lib
    chmod 555 ${ftphome}/usr/lib/*

    cp ${ftpcmd} ${ftphome}/usr/bin
    chmod 111 ${ftphome}/usr/bin/*

    # you also might want to have separate minimal versions of passwd and group
    cp /etc/passwd /etc/group /etc/netconfig ${ftphome}/etc
    chmod 444 ${ftphome}/etc/*

    # need /etc/default/init for timezone to be correct
    if [ ! -d ${ftphome}/etc/default ]; then
mkdir ${ftphome}/etc/default
    fi
    chown root ${ftphome}/etc/default
    chmod 555 ${ftphome}/etc/default
    cp /etc/default/init ${ftphome}/etc/default
    chmod 444 ${ftphome}/etc/default/init

    # Copy timezone database
    mkdir -p ${ftphome}/usr/share/lib/zoneinfo
    (cd ${ftphome}/usr/share/lib/zoneinfo
    (cd /usr/share/lib/zoneinfo; find . -print | cpio -o) 2>/dev/null | cpio -imdu 2>/dev/null
    find . -print | xargs chmod 555
    find . -print | xargs chown root
    )


    # Ensure that the /dev directory exists
    if [ ! -d ${ftphome}/dev ]; then
  mkdir -p ${ftphome}/dev
    fi

    # make device nodes. ticotsord and udp are necessary for
    # 'ls' to resolve NIS names.

    for device in zero tcp udp ticotsord ticlts
    do
line=`ls -lL /dev/${device} | sed -e 's/,//'`
major=`echo $line | awk '{print $5}'`
minor=`echo $line | awk '{print $6}'`
rm -f ${ftphome}/dev/${device}
mknod ${ftphome}/dev/${device} c ${major} ${minor}
    done

    chmod 666 ${ftphome}/dev/*

    ## Now set the ownership and modes
    chown root ${ftphome}/dev
    chmod 555 ${ftphome}/dev

    # uncomment the below if you want a place for people to store things,
    # but beware the security implications
    #if [ ! -d ${ftphome}/pub ]; then
    #  mkdir -p ${ftphome}/pub
    #fi
    #chown ftp ${ftphome}/pub
    #chmod 1777 ${ftphome}/pub
번호 제목 글쓴이 날짜 조회 수
공지 [공지] 게시자료 열람자유. 불펌금지입니다. 조인상 2010.12.07 22460
93 SUN T5140/T5240 서비스 매뉴얼 secret 조인상 2010.12.22 0
92 베리타스 볼륨매니저 관리용 GUI tool secret 조인상 2010.08.17 2
91 RACK 전원코드의 V(볼트)내역 조인상 2010.05.12 6804
90 SDS로 구성한 볼륨에 디스크 교체하려고 할때 조인상 2010.05.12 7040
89 Sun Performance And Tuning - Sparc & Solaris file 조인상 2010.05.12 7457
88 bind 유틸 설치 조인상 2010.05.12 8077
87 여러가지 백업방법에 대한 설명 조인상 2010.05.12 8178
86 NIC 이더넷카드 속도 변경할 경우 조인상 2010.05.12 8235
85 cron에 의해 자동으로 ftp를 하여 화일을 송/수신 하게 하려면? 조인상 2010.05.12 8564
84 CDE에서 한글이 안나올 경우 조인상 2010.05.12 8659
83 CDE화면으로 로그인이 안될때... 조인상 2010.05.12 8662
82 sendmail multi que setting 조인상 2010.05.12 8734
81 SPARC 10의 / 파일시스템 용량제한 조인상 2010.05.12 8822
80 솔라리스에서의 디스크 이름 조인상 2010.05.12 8839
79 디스크에 Boot Block 만들기 조인상 2010.05.12 8924
78 메일서버 설치 sendmail source install 조인상 2010.05.12 8949
» 기본 FTP서버대몬을 이용하여 anonymous FTP 만들기 조인상 2010.05.12 9026
76 솔라리스 설치시 로그... 조인상 2010.05.12 9073
75 SUN 장비 CPU on/offline 확인하고 고치기. 조인상 2010.05.12 9082
74 Telnet 접속시 "SunOS 5.7"란 배너 안보이기 조인상 2010.05.12 9127
서버에 요청 중입니다. 잠시만 기다려 주십시오...