Beyond Linux^® From Scratch - Version 7.4

Chapter 20. Major Servers

Prev
ProFTPD-1.3.4d
Next
Mail Server Software
Up
Home

vsftpd-3.0.2

Introduction to vsftpd

The vsftpd package contains a very secure and very small FTP daemon. This is useful for serving files over a network.

This package is known to build and work properly using an LFS-7.4 platform.

Package Information

Download (FTP): https://security.appspot.com/downloads/vsftpd-3.0.2.tar.gz
Download MD5 sum: 8b00c749719089401315bd3c44dddbb2
Download size: 196 KB
Estimated disk space required: 1.8 MB
Estimated build time: less than 0.1 SBU

vsftpd Dependencies

Optional

Linux-PAM-1.1.7, OpenSSL-1.0.1e, and libcap2-2.22

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vsftpd

Installation of vsftpd

For security reasons, running vsftpd as an unprivileged user and group is encouraged. Also, a user should be created to map anonymous users. As the root user, create the needed directories, users, and groups with the following commands:

install -v -d -m 0755 /var/ftp/empty &&
install -v -d -m 0755 /home/ftp      &&
groupadd -g 47 vsftpd                &&
groupadd -g 45 ftp                   &&

useradd -c "vsftpd User"  -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd &&
useradd -c anonymous_user -d /home/ftp -g ftp    -s /bin/false -u 45 ftp

If you did not install the optional libcap2 package, run the following to avoid a build error:

sed -i -e 's|#define VSF_SYSDEP_HAVE_LIBCAP|//&|' sysdeputil.c

Build vsftpd as an unprivileged user using the following command:

make

This package does not come with a test suite.

Once again, become the root user and install vsftpd with the following commands:

install -v -m 755 vsftpd        /usr/sbin/vsftpd    &&
install -v -m 644 vsftpd.8      /usr/share/man/man8 &&
install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 &&
install -v -m 644 vsftpd.conf   /etc

Command Explanations

install -v -d ...: This creates the directory that anonymous users will use (/home/ftp) and the directory the daemon will chroot into (/var/ftp/empty).

Note

/home/ftp should not be owned by the user vsftpd, or the user ftp.

echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h: Use this prior to make to add support for tcpwrappers.

echo "#define VSF_BUILD_SSL" >>builddefs.h: Use this prior to make to add support for SSL.

install -v -m ...: The Makefile uses non-standard installation paths. These commands install the files in /usr and /etc.

Configuring vsftpd

Config Files

/etc/vsftpd.conf

Configuration Information

vsftpd comes with a basic anonymous-only configuration file that was copied to /etc above. While still as root, this file should be modified because it is now recommended to run vsftpd in standalone mode. Also, you should specify the privilege separation user created above. Finally, you should specify the chroot directory. man vsftpd.conf will give you all the details.

cat >> /etc/vsftpd.conf << "EOF"
background=YES
listen=YES
nopriv_user=vsftpd
secure_chroot_dir=/var/ftp/empty
EOF

Boot Script

Install the /etc/rc.d/init.d/vsftpd init script included in the blfs-bootscripts-20130908 package.

make install-vsftpd

Installed Program: vsftpd

Installed Libraries: None

Installed Directories: /var/ftp, /var/ftp/empty, /home/ftp

Short Descriptions

vsftpd

is the FTP daemon.

Last updated on 2013-09-06 10:46:32 -0700

Prev
ProFTPD-1.3.4d
Next
Mail Server Software
Up
Home

Beyond Linux® From Scratch - Version 7.4