From c65f40e1c68adb5d49d1a62bf204f971b8873e91 Mon Sep 17 00:00:00 2001
From: taynpg <taynpg@163.com>
Date: Wed, 17 Apr 2024 09:49:56 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0vsftpd=E5=AE=89=E8=A3=85?=
 =?UTF-8?q?=E6=88=90=E6=9C=8D=E5=8A=A1=E8=84=9A=E6=9C=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 linux/tool/vsftpd/install.sh     |  16 +++++
 linux/tool/vsftpd/vsftpd.conf    | 119 +++++++++++++++++++++++++++++++
 linux/tool/vsftpd/vsftpd.service |  12 ++++
 3 files changed, 147 insertions(+)
 create mode 100755 linux/tool/vsftpd/install.sh
 create mode 100755 linux/tool/vsftpd/vsftpd.conf
 create mode 100755 linux/tool/vsftpd/vsftpd.service

diff --git a/linux/tool/vsftpd/install.sh b/linux/tool/vsftpd/install.sh
new file mode 100755
index 0000000..c47f89b
--- /dev/null
+++ b/linux/tool/vsftpd/install.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+sudo cp vsftpd /usr/sbin/
+sudo chmod +x /usr/sbin/vsftpd
+if [ -f "/etc/vsftpd.conf" ]; then
+    sudo mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
+fi
+if [ ! -d "/opt/usr/share/empty" ]; then
+    sudo mkdir -p /opt/usr/share/empty
+fi
+sudo cp vsftpd.conf /etc/
+sudo cp vsftpd.service /lib/systemd/system/
+sudo systemctl daemon-reload
+sudo systemctl enable vsftpd.service
+sudo systemctl start vsftpd.service
+echo "Done"
diff --git a/linux/tool/vsftpd/vsftpd.conf b/linux/tool/vsftpd/vsftpd.conf
new file mode 100755
index 0000000..56a6f46
--- /dev/null
+++ b/linux/tool/vsftpd/vsftpd.conf
@@ -0,0 +1,119 @@
+# Example config file /etc/vsftpd.conf
+#
+# The default compiled in settings are fairly paranoid. This sample file
+# loosens things up a bit, to make the ftp daemon more usable.
+# Please see vsftpd.conf.5 for all compiled in defaults.
+#
+# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
+# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
+# capabilities.
+#
+# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
+anonymous_enable=NO
+secure_chroot_dir=/opt/usr/share/empty
+#
+# Uncomment this to allow local users to log in.
+ftp_username=nobody
+local_enable=YES
+#
+# Uncomment this to enable any form of FTP write command.
+write_enable=YES
+#
+# Default umask for local users is 077. You may wish to change this to 022,
+# if your users expect that (022 is used by most other ftpd's)
+#local_umask=022
+#
+# Uncomment this to allow the anonymous FTP user to upload files. This only
+# has an effect if the above global write enable is activated. Also, you will
+# obviously need to create a directory writable by the FTP user.
+anon_upload_enable=YES
+#
+# Uncomment this if you want the anonymous FTP user to be able to create
+# new directories.
+anon_mkdir_write_enable=YES
+#
+# Activate directory messages - messages given to remote users when they
+# go into a certain directory.
+dirmessage_enable=YES
+#
+# Activate logging of uploads/downloads.
+xferlog_enable=YES
+#
+# Make sure PORT transfer connections originate from port 20 (ftp-data).
+connect_from_port_20=YES
+#
+# If you want, you can arrange for uploaded anonymous files to be owned by
+# a different user. Note! Using "root" for uploaded files is not
+# recommended!
+#chown_uploads=YES
+#chown_username=whoever
+#
+# You may override where the log file goes if you like. The default is shown
+# below.
+#xferlog_file=/var/log/vsftpd.log
+#
+# If you want, you can have your log file in standard ftpd xferlog format.
+# Note that the default log file location is /var/log/xferlog in this case.
+#xferlog_std_format=YES
+#
+# You may change the default value for timing out an idle session.
+#idle_session_timeout=600
+#
+# You may change the default value for timing out a data connection.
+#data_connection_timeout=120
+#
+# It is recommended that you define on your system a unique user which the
+# ftp server can use as a totally isolated and unprivileged user.
+#nopriv_user=ftpsecure
+#
+# Enable this and the server will recognise asynchronous ABOR requests. Not
+# recommended for security (the code is non-trivial). Not enabling it,
+# however, may confuse older FTP clients.
+#async_abor_enable=YES
+#
+# By default the server will pretend to allow ASCII mode but in fact ignore
+# the request. Turn on the below options to have the server actually do ASCII
+# mangling on files when in ASCII mode.
+# Beware that on some FTP servers, ASCII support allows a denial of service
+# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
+# predicted this attack and has always been safe, reporting the size of the
+# raw file.
+# ASCII mangling is a horrible feature of the protocol.
+#ascii_upload_enable=YES
+#ascii_download_enable=YES
+#
+# You may fully customise the login banner string:
+#ftpd_banner=Welcome to blah FTP service.
+#
+# You may specify a file of disallowed anonymous e-mail addresses. Apparently
+# useful for combatting certain DoS attacks.
+#deny_email_enable=YES
+# (default follows)
+#banned_email_file=/etc/vsftpd.banned_emails
+#
+# You may specify an explicit list of local users to chroot() to their home
+# directory. If chroot_local_user is YES, then this list becomes a list of
+# users to NOT chroot().
+# (Warning! chroot'ing can be very dangerous. If using chroot, make sure that
+# the user does not have write access to the top level directory within the
+# chroot)
+#chroot_local_user=YES
+#chroot_list_enable=YES
+# (default follows)
+#chroot_list_file=/etc/vsftpd.chroot_list
+#
+# You may activate the "-R" option to the builtin ls. This is disabled by
+# default to avoid remote users being able to cause excessive I/O on large
+# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
+# the presence of the "-R" option, so there is a strong case for enabling it.
+#ls_recurse_enable=YES
+#
+# When "listen" directive is enabled, vsftpd runs in standalone mode and
+# listens on IPv4 sockets. This directive cannot be used in conjunction
+# with the listen_ipv6 directive.
+listen=YES
+#
+# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
+# sockets, you must run two copies of vsftpd with two configuration files.
+# Make sure, that one of the listen options is commented !!
+#listen_ipv6=YES
diff --git a/linux/tool/vsftpd/vsftpd.service b/linux/tool/vsftpd/vsftpd.service
new file mode 100755
index 0000000..7b52f06
--- /dev/null
+++ b/linux/tool/vsftpd/vsftpd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=vsftpd FTP server
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/sbin/vsftpd /etc/vsftpd.conf
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStartPre=-/bin/mkdir -p /var/run/vsftpd/empty
+
+[Install]
+WantedBy=multi-user.target