Solaris 9 里面的FTP跟Solaris 8 还是有一定差别的
原来放在/etc/default/目录里面,改成了在 /etc/ftpd/目录下了。
% ls -l
total 14
-rw-r--r-- 1 root sys 1518 May 28 00:46 ftpaccess
-rw-r--r-- 1 root sys 551 May 28 00:46 ftpconversions
-rw-r--r-- 1 root sys 104 May 28 00:46 ftpgroups
-rw-r--r-- 1 root sys 108 May 28 00:46 ftphosts
-rw-r--r-- 1 root sys 114 May 28 00:46 ftpservers
-rw-r--r-- 1 root sys 185 May 28 00:46 ftpusers
FTP 默认使用端口21,设置存在于文件/etc/services
% grep ftp services
ftp-data 20/tcp
ftp 21/tcp
tftp 69/udp
进程存在于 /etc/inetd.conf
% grep ftp inetd.conf
# ftp telnet shell login exec tftp finger printer
ftp stream tcp6 nowait root /usr/sbin/in.ftpd in.ftpd -a
# TFTPD - tftp server (primarily used for booting)
#tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot
如果想要修改ftp的端口号,可以直接在/etc/inetd.conf修改
(不用额外修改/etc/services)
格式如下:
# vi /etc/inetd.conf
# FTPD - FTP server daemon
ftp stream tcp6 nowait root /usr/sbin/ftpd.sh in.ftpd -P 221
当然需要重新启动inetd
# ps -ef|grep inetd
root 219 1 0 20:33:53 ? 0:01 /usr/sbin/inetd -s
root 597 596 1 23:28:44 pts/5 0:00 grep inetd
# kill -HUP 219 <------- 219 PID of inetd
FTP Session的时间设置:
# vi /etc/ftpd/ftpaccess
limit-time anonymous 30
limit-time guest 60
单位是分钟。
# ftp ftpserver
Connected to ftpserver.
220 ftpserver FTP server ready.
Name (ftpserver:user1): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230 Guest login ok, access restrictions apply.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
bin
dev
etc
pub
usr
226 Transfer complete.
25 bytes received in 0.0029 seconds (8.50 Kbytes/s)
ftp>
Wait 30 minutes
ftp> ls
421 Timeout (900 seconds): closing control connection.
ftp>
对real用户不起作用。
ftp mask设置
ftp> site umask 000
200 UMASK set to 000 (was 022)
ftp> mkdir testdir1
257 "/tmp/testdir1" new directory created.
ftp> dir
drwxrwxrwx 2 root other 117 Jul 25 12:05 testdir1
ftp> site chmod 777 foo
200 CHMOD command successful.
在solaris 6 7 8 中用下面方式
# vi /etc/default/ftpd
UMASK=nnn
设置 FTP loging
1. 取消/etc/ftpd/ftpaccess 文件中下面这行的注释:
log commands real,guest,anonymous
2. 在/etc/syslog.conf 中添加:
daemon.info /var/log/ftplog
3. touch the file /var/log/ftplog
# touch /var/log/ftplog
4. 从新启动syslogd.
# kill -HUP `pgrep syslogd`
5. 登陆并验证:
test # cat ftplog
Nov 4 17:10:00 netlab11 ftpd[18885]: [ID 165209 daemon.info] USER root
Nov 4 17:10:02 netlab11 ftpd[18885]: [ID 125383 daemon.info] PASS
password
Nov 4 17:10:02 netlab11 ftpd[18885]: [ID 539042 daemon.info] failed
login from kerouac.East.Sun.COM [129.148.192.158]
Nov 4 17:10:04 netlab11 ftpd[18885]: [ID 225560 daemon.info] QUIT
Nov 4 17:10:10 netlab11 ftpd[18886]: [ID 165209 daemon.info] USER root
Nov 4 17:10:11 netlab11 ftpd[18886]: [ID 125383 daemon.info] PASS
password
因为ftplog使用的是 debug.info (facility/level) , 如果syslog.conf文件前面已经有其他行使用了 debug.info,那么相应的ftplog就会被记录到那一行所对应的log文件中。
如:
*.err;kern.debug;daemon.notice;mail.crit;daemon.info /var/adm/messages
Solaris 9 里面添加了wu-ftp,配置匿名ftp变得更加简单。
wu-ftp (SUNWftpr, SUNWftpu) 两个文件包。
执行 /usr/sbin/ftpconfig命令。
可以参考man手册
# ftpconfig -d /pub
Creating directory /pub
Updating directory /pub
#
Solaris 小于8 的 FTP log 设置
a: 创建ftp log文件
# touch /var/adm/ftpd.
b: 编辑inet服务配置文件
#vi /etc/inetd.conf.
把
# Ftp and telnet are standard Internet services.
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd
修改成:
ftp stream tcp nowait root /usr/sbin/in.ftpd in.ftpd -d -l
-d: 从syslogd得到 debug.info
-l: list 每一个FTP session
c: restart inetd daemons:
# ps -ef | grep inetd
root 14017 1 0 15:15:27 ? 0:01 /usr/sbin/inetd -s
# kill -1 <pid_inetd>
#
note: -1 ,重新读取配置文件并初始化进程,等于 kill -HUP <pid of inetd>.
d: 修改syslogd.conf并从新启动
# vi /etc/syslog.conf
daemon.debug /var/adm/ftpd <<-----增加这一行
note: 中间用tab,不能用空格,会出错的。
# ps -ef | grep syslogd
root 14076 1 0 15:33:07 ? 0:08 /usr/sbin/syslogd
root 16039 16001 0 12:27:03 pts/5 0:00 /usr/bin/grep syslogd
# kill -1 <PID-syslogd>
f: 验证
# ps -ef | grep syslogd
root 14076 1 0 15:33:07 ? 0:08 /usr/sbin/syslogd
# fuser /var/adm/ftpd
/var/adm/ftpd: 14076o
#
自动get文件的教本~
#!/usr/bin/sh
# Change HOSTNAME, USER, PASSWD and FILENAME appropriately
# Do NOT include any comment lines between LABELs
# The only thing that can appear between LABELs are valid ftp commands
# the -n switch is necessary
/usr/bin/ftp -n << LABEL
open HOSTNAME
user USER PASSWD
binary
get FILENAME
bye
LABEL
自动获得多个文件的脚本 ~
#!/usr/bin/sh
# Change HOSTNAME, USER, and PASSWD appropriately. The mput *.html file could be anything (*.txt, file*, etc)
# Do NOT include any comment lines between LABELs
# The only thing that can appear between LABELs are valid ftp commands
# the -n switch is necessary. The -i switch turns off interactive prompting during multiple file transfers.
/usr/bin/ftp -in << LABEL
open HOSTNAME
user USER PASSWD
binary
mput *.html
bye
LABEL
如果有防火墙,那么需要用到rftp来自动获取文件 ~~
#!/usr/bin/sh
# Change HOSTNAME, USER, PASSWD and FILENAME appropriately
# Do NOT include any comment lines between LABELs
# The only thing that can appear between LABELs are valid ftp commands
# the -n switch is necessary
# rftp is a SOCKS client version of ftp. Happily provided at Sun in /usr/dist/exe.
# Do not know where rftp can be obtained but a man page is at:
# http://support.qnx.com/support/docs/qnx_neutrino/utilities/r/rftp.html
/usr/sbin/rftp -n << LABEL
open HOSTNAME
user USER PASSWD
binary
get FILENAME
bye
LABEL