vsftpd-2.0.5

Introduction to vsftpd

The vsftpd package contains a very secure and very small FTP daemon. This is useful for serving files over a network.

Package Information

vsftpd Dependencies

Optional

Linux-PAM-0.99.4.0, OpenSSL-0.9.8d, TCP Wrapper-7.6, and libcap

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vsftpd

Installation of vsftpd

For security reasons, running vsftpd as an unprivileged user and group is encouraged. Also, a user should be created to map anonymous users. As the root user, create the needed directories, users, and groups with the following commands:

install -v -d -m 0755 /var/ftp/empty &&
install -v -d -m 0755 /home/ftp &&
groupadd -g 47 vsftpd &&
useradd -d /dev/null -c "vsftpd User" -g vsftpd -s /bin/false \
        -u 47 vsftpd &&
groupadd -g 45 ftp &&
useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp

Build vsftpd as an unprivileged user using the following command:

make

This package does not come with a test suite.

Once again, become the root user and install vsftpd with the following commands:

install -v -m 755 vsftpd /usr/sbin/vsftpd &&
install -v -m 644 vsftpd.8 /usr/share/man/man8 &&
install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 &&
install -v -m 644 vsftpd.conf /etc

Command Explanations

install -v -d ...: This creates the directory that anonymous users will use (/home/ftp) and the directory the daemon will chroot into (/var/ftp/empty).

[Note]

Note

/home/ftp should not be owned by the user vsftpd, or the user ftp.

echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h: Use this prior to make to add support for tcpwrappers.

echo "#define VSF_BUILD_SSL" >>builddefs.h: Use this prior to make to add support for SSL.

install -v -m ...: The Makefile uses non-standard installation paths. These commands install the files in /usr and /etc.

Configuring vsftpd

Config Files

/etc/vsftpd.conf

Configuration Information

vsftpd comes with a basic anonymous-only configuration file that was copied to /etc above. While still as root, this file should be modified because it is now recommended to run vsftpd in standalone mode as opposed to inetd/xinetd mode. Also, you should specify the privilege separation user created above. Finally, you should specify the chroot directory. man vsftpd.conf will give you all the details.

cat >> /etc/vsftpd.conf << "EOF"
background=YES
listen=YES
nopriv_user=vsftpd
secure_chroot_dir=/var/ftp/empty
EOF

Boot Script

Install the /etc/rc.d/init.d/vsftpd init script included in the blfs-bootscripts-20060910 package.

make install-vsftpd

Contents

Installed Program: vsftpd
Installed Libraries: None
Installed Directories: /var/ftp, /var/ftp/empty, /home/ftp

Short Descriptions

vsftpd

is the FTP daemon.

Last updated on 2007-02-03 14:17:47 -0600