The vsftpd package contains a very secure and very small FTP daemon. This is useful for serving files over a network.
This package is known to build and work properly using an LFS-7.4 platform.
Download (FTP): https://security.appspot.com/downloads/vsftpd-3.0.2.tar.gz
Download MD5 sum: 8b00c749719089401315bd3c44dddbb2
Download size: 196 KB
Estimated disk space required: 1.8 MB
Estimated build time: less than 0.1 SBU
Linux-PAM-1.1.7, OpenSSL-1.0.1e, and libcap2-2.22
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/vsftpd
For security reasons, running vsftpd as an unprivileged user and group is
encouraged. Also, a user should be created to map anonymous users.
As the root
user, create the needed
directories, users, and groups with the following commands:
install -v -d -m 0755 /var/ftp/empty && install -v -d -m 0755 /home/ftp && groupadd -g 47 vsftpd && groupadd -g 45 ftp && useradd -c "vsftpd User" -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd && useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp
If you did not install the optional libcap2 package, run the following to avoid a build error:
sed -i -e 's|#define VSF_SYSDEP_HAVE_LIBCAP|//&|' sysdeputil.c
Build vsftpd as an unprivileged user using the following command:
make
This package does not come with a test suite.
Once again, become the root
user
and install vsftpd with the
following commands:
install -v -m 755 vsftpd /usr/sbin/vsftpd && install -v -m 644 vsftpd.8 /usr/share/man/man8 && install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 && install -v -m 644 vsftpd.conf /etc
install -v -d ...:
This creates the directory that anonymous users will use
(/home/ftp
) and the directory the
daemon will chroot into (/var/ftp/empty
).
/home/ftp
should not be owned by
the user vsftpd
, or the user
ftp
.
echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h: Use this prior to make to add support for tcpwrappers.
echo "#define VSF_BUILD_SSL" >>builddefs.h: Use this prior to make to add support for SSL.
install -v -m ...:
The Makefile
uses non-standard
installation paths. These commands install the files in
/usr
and /etc
.
vsftpd comes with a basic
anonymous-only configuration file that was copied to /etc
above. While still as root
, this file should be modified because it
is now recommended to run vsftpd in standalone mode.
Also, you should specify the privilege separation user created
above. Finally, you should specify the chroot directory. man vsftpd.conf will give you
all the details.
cat >> /etc/vsftpd.conf << "EOF"
background=YES
listen=YES
nopriv_user=vsftpd
secure_chroot_dir=/var/ftp/empty
EOF
Install the /etc/rc.d/init.d/vsftpd
init script included in the blfs-bootscripts-20130908 package.
make install-vsftpd
Last updated on 2013-09-06 10:46:32 -0700