FTPサーバーを利用したファイル共有

以下のテキストは、執筆時当時の情報を元に書いたものであり、 現在の情勢にそぐわないことを含む場合があるので注意されたい。 また、テキストは最終提出原稿で校正を経る前のものなので、実際にUNIXUSER 本誌に記載されたものとは異なる。誤字脱字等そのままである。

致命的な誤り以外は加筆修正等は行なわないので情報の鮮度に気をつけつつ 利用して欲しい。

目次


Part I FTP


ftp

ftpWWW
 Anonymous ftp 
Anonymous
ftp wu-ftpd
Anonymous ftp wu-ftpd 
wu-ftpd

	*  tar  tar.gz 
	* 
	* 
	* alias
	* chroot

(SunOS 4.04.1)ftpd 




 sendmail, BIND 



PC-UNIX
 YES/NO 
 Anonymous ftp 



ftp
ftp


ftp





ftp
ftp


Part I ftpProFTPD
publicfileProFTPD

publicfile






ProFTPD

ProFTPD
ftp
http://www.proftpd.net/features.html 


	* Apache

	  wu-ftpdwu-ftpd
	  Apachehttpd.conf
	  

	*  .ftpaccess 

	  Apache .htaccess 
	  ftp
	  

	* virtual FTP  anonymous FTP 

	  wu-ftpd anounymous ftp 
	  ProFTPD
	   anonymous 
	  Apache virtual host 
	  (IP)

	* inetd/xinetd

	  ftp
	  

	* Anonymous FTP 

	   Anonymous FTP  chroot 
	  
	  ftpProFTPD
	  

	* SITE EXEC 

	  
	  

	* 

	  Unix-style
	  

	* 

	  root
	  

	* utmp/wtmp

	  wu-ftpd
	  ProFTPD

	* shadow password 

	  UnixPAM(Pluggable
	  Authentication Modules)



ftp


ProFTPD

ftp

ProFTPD




 ProFTPD 1.2.2rc3 
http://www.proftpd.net/ ftp1.2.2rc3
 proftpd-1.2.2rc3.tar.gz 





	1. proftpd
	2. 
	3. 



  proftpd

  PC-UNIX
  make
  
  ProFTPD 
  
  ProFTPD
  &

  

	# tar zxpf proftpd-1.2.2rc3.tar.gz
	# cd proftpd-1.2.2rc3
	# less INSTALL README*

  README* OS
  OS

  configure  /usr/local 
   bin/ etc/ man/ sbin/ var/ 
  ProFTPD
  
   /usr/local/proftpd  ProFTPD 
  
   /usr/local/proftpd 
  

	# ./configure --prefix=/usr/local/proftpd

  configure 

	# make all install

  /usr/local/proftpd 
  /usr/local/proftpd  $ProFTPD 

  

  $ProFTPD/etc/ ProFTPD
   proftpd.conf proftpd.conf 
  
  proftpd.conf Apache httpd.conf 
  

--[ ]------------------------------------------------------------
# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
DefaultServer			on

# Port 21 is the standard FTP port.
Port				21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

# Set the user and group that the server normally runs at.
User				nobody
Group				nogroup

# Normally, we want files to be overwriteable.

  AllowOverwrite		on


# A basic anonymous configuration, no upload directories.

  User				ftp
  Group				ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients			10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin			welcome.msg
  DisplayFirstChdir		.message

  # Limit WRITE everywhere in the anonymous chroot
  
    DenyAll
  


-------------------------------------------------------------------------

   proftpd.conf 
  

  ServerName  Greeting message 
  

	ServerName		"UNIXUSER FTP Server"

  ftpUID, GID

	User			nobody
	Group			nogroup

  Anonymous ftp 

	
	  User			ftp
	  Group			ftp
	  RequireValidShell	no
	  ~~~~~~~~~~~~~~~~~~~~~~~~
         

  RequireValidShell (directive)ftp
  /etc/shells 
  ftp
  passwd
   /etc/shells 
  ftp
  passwdftp
  /etc/shells(FreeBSD /nonexistent)
  ftp Anonymos login 
  ProFTPDProFTPD
   /etc/shells  /nonexistent 
  ProFTPD
  RequireValidShell 

  ProFTPD

  proftpd.conf  ProFTPD ProFTPD
  inetd
  

  ftpd
  ftpd/etc/inetd.conf 
  

	===== /etc/inetd.conf =====
	#ftp	stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -l

   # 
  inetd HUP

	# kill -HUP inetdPID

  localhostftp
                              ~~~~~~~~~~~~~~~~~~
	# ftp localhost
	ftp: connect: Connection refused
	ftp> 

  ProFTPD

	# /usr/local/proftpd/sbin/proftpd

   messages (: PC-UNIX
  /var/log/messagesSunOS /var/adm/messages) 

	Jul 19 14:34:16 venus proftpd[66560]: venus - ProFTPD 1.2.2rc3 (release) (built Wed Jul 18 17:31:53 JST 2001) standalone mode STARTUP 

  localhostftp
  ProFTPD 

	# ftp localhost
	Connected to localhost.
	220 ProFTPD 1.2.2rc3 Server (UNIXUSER FTP Server) [venus]
	Name (localhost:yuuji): 

   anonymous login 

	Name (localhost:yuuji): ftp
				~~~
	331 Anonymous login ok, send your complete email address as your password.
	Password: yuuji@ymzk.org
	          ~~~~~~~~~~~~~~()

	230 Anonymous access granted, restrictions apply.
	Remote system type is UNIX.
	Using binary mode to transfer files.
	ftp>

  login

  ProFTPD Anonymous FTP ftp 
  
  ftp
  

  ProFTPD

   Anonymous FTP 
   Anonymous login 
  
  
  

  ProFTPD
  
  

    

    ftpanonymous login  
    "ftp" alias "anonymous" 
    ProFTPD anonymous login 
     fishing, driving  
    anonymous login ()
    

    
    
    

			|
	----------------+--------------
	fishing		| /archive/pub/fishing
	driving		| /archive/pub/driving

	

	# mkdir /archive/pub/fishing
	# touch /archive/pub/fishing/JustFishing\!
	# mkdir /archive/pub/driving
	# touch /archive/pub/fishing/Justdriving\!

    

	(Solaris, NetBSD, OpenBSD, Linux)
	# groupadd fishers
	# useradd -g fishers -d /archive/pub/fishing -s /noshell fishing
	# groupadd drivers
	# useradd -g drivers -d /archive/pub/driving -s /noshell driving

	(FreeBSD)
	# pw groupadd fishers
	# pw useradd fishing -g fishers -d /archive/pub/fishing -s /noshell
	# pw groupadd drivers
	# pw useradd driving -g drivers -d /archive/pub/driving -s /noshell

     anonymous login 
    proftpd.conf proftpd.conf 

	
	  User                          fishing
	  Group                         fishers
	  RequireValidShell             no
	  
	    DenyAll
	  
	
	
	  User                          driving
	  Group                         drivers
	  RequireValidShell             no
	  
	    DenyAll
	  
	


    ()ProFTPDHUP

	# kill -HUP `cat /usr/local/proftpd/var/proftpd.pid`

    ftp
	# ftp localhost
	Connected to localhost.
	220 ProFTPD 1.2.2rc3 Server (UNIXUSER FTP Server) [venus]
	Name (localhost:yuuji): fishing
	331 Anonymous login ok, send your complete email address as your password.
	Password:
	230 Anonymous access granted, restrictions apply.
	Remote system type is UNIX.
	Using binary mode to transfer files.
	ftp> dir
	227 Entering Passive Mode (127,0,0,1,14,34).
	150 Opening ASCII mode data connection for file list
	-rw-r--r--   1 yuuji    wheel           0 Jul 19 08:04 JustFishing!
	226 Transfer complete.

     driving 
    

    

    ProFTPDanonymous
    
    
    anonymous
    anonymous ftp 
    ()
    
    

    Limitdriving
    anonymousLAN*.friend.example.co.jp 
    driving
    

	
	  User                          driving
	  Group                         drivers
	  RequireValidShell             no
	  
	   Order Allow, Deny
	   Allow from localhost, 192.168.2., .friend.example.co.jp
	   Deny  from All
	  
	  
	    DenyAll
	  
	

    Limitftp/Limit
    
----[  ]----------------------------------------------------------
	Limit
	CWD		(Change Workin Directory)
	MKD		(MaKe Directory)
	RNFR, RNTO	(ReName FRom/TO)
	DELE		(DELEte)
	RMD		(ReMove Directory)
	RETR		GET(RETRieve)
	STOR		PUT(STORe)
	SITE_CHMOD	chmod(CHange MODe bits)

	Limit
	READ		FTP(RETR, STAT)
			
	WRITE		//FTP
			(MKD, RMD)
	DIRS		(LIST, NLST)
	ALL		FTP(READ WRITE DIRS)

	Limit
	LOGIN		
----------------------------------------------------------------------

    LOGINLimit Order 
    /"Order
    Allow,Deny" Allow
    Deny
    AllowDeny
    
     "Order Allow, Deny" 
     "Order Deny, Allow" 
    

  

  ProFTPD
  

    

    ProFTPDproftpd.conf 
    MaxClients

	MaxClients	30

    
    
    

    MaxInstances
    DoS(Denial of Service: 
    )
    

    ProFTPDinetd
    PC-UNIXinetd 
    1
    UNIX
     publicfile 
     ucspi-tcp daemontools 
    ProFTPD 

	#!/bin/sh
	ProFTPD=/usr/local/proftpd
	exec env - \
	PATH=/usr/local/bin:$ProFTPD/sbin:$PATH \
	envuidgid nobody softlimit -o20 -d5000000 \
	tcpserver -DRHl0 -b20 -c40 0 ftp proftpd

    
    40(-c40)
    
     daemontools  tcpserver 
    COLUMN


    

    ftp
    
    
    ftp
    
    
    

    ProFTPD
    RateReadBPSRateReadFreeBytesRateReadHardBPS
    

	* RateReadBPS		1
				
				Bytes/s(bit)0
				
				
	* RateReadFreeBytes	1
				RateReadBPS 
				
				
				RateReadBPS 
	* RateReadHardBPS	RateReadFreeBytes 
				 RateReadFreeBytes 
				 RateReadBPS
				
				 on, off 
				RateFreeBytes
				ReteReadBPS
				
				
				

    proftpd
    
    ftp
     ProFTPD 
    
    

  ProFTPD

  ProFTPD
  1999
  1120004ProFTPD
  

publicfile

publicfile qmail D. J. Bernstein HTTPFTP

publicfile
http://cr.yp.to/publicfile.html publicfile


	* 
          chroot()root
	* 
          publicfile
	* user, group, other 
          
	* HTTP, FTP
          
	* HTTP CGI()FTP
          SITE EXEC
	* stdio

---[ ]-----------------------------------------------------------
shttpd(http://www.superscript.com/shttpd/intro.html) 

---------------------------------------------------------------------

publicfile
ProFTPD


 publicfile 

 anonymous ftp 
publicfile ftp

publicfile 

publicfileucspi-tcp, daemontools 
ucspi-tcp, daemontools 

D. J. Bernstein 
publicfile

	1. ucspi-tcp
	2. daemontools
	3. daemontools
	4. publicfile
	5. publicfile

ucspi-tcp, daemontools4
1

  ucspi-tcp

   ucspi-tcp-0.88 http://cr.yp.to/ucspi-tcp.html
   "How to install ucspi-tcp" 
  

	# gzip -dc ucspi-tcp-0.88.tar.gz | tar xvpf -
	# cd ucspi-tcp-0.88
	# make
	# make setup check

  ucspi-tcp /usr/local 
  (
   /usr/local/bin 
  conf-home 
  daemontoolsucspi-tcp 
  (PATH)
  

  ucspi-tcp inetd
  publicfile configure 
  ftp tcpserver (ucspi-tcp
  ) ucspi-tcp 
  

--[COLUMN 1 tcpserver]-----------------------------------------------------

ucspi-tcp  tcpserver TCP

/
inetd
inetd/etc/inetd.conf 

()

              
                       
  +-------------+--------------+----------------+-----------------+-----+
   inetd  | Port21(ftp)  | Port23(telnet) | Port110(pop)    | ... |
                +--------------+----------------+-----------------+-----+
                                     
 inetd        ftpd          telnetd            pop3d


 tcpserver tcpserver 


                 
                               
  +-----------+ +-----------+ +-----------+
  |  Port21   | |  Port23   | | Port 110  |
  |(tcpserver)| |(tcpserver)| |(tcpserver)|
  +-----------+ +-----------+ +-----------+
                               
      ftpd          telnetd       pop3d

tcpserver

	tcpserver []   

IP
IP
IP0
IP
 /etc/service 


http://cr.yp.to/ucspi-tcp/tcpserver.html 

  
  =========================================================================
  -q		
  -Q		()
  -v		(Verbose)
		
  
  =========================================================================
  -c N		N
  -x cdb	tcprulescdb
  -X		-x cdb
		
  -B "BANNER"	
  -g GID	ID
  -u UID	ID
  -U		-u $UID -g $GID 
  -1		
  -b 	TCP SYNbacklog
  -o		IP
		()
  -O		()IP
  -d		
  -D		-d

  
  =========================================================================
  -h		()DNS
		 $TCPREMOTEHOST 
  -H		-hDNS
  -p		IP
		IP
		 $TCPREMOTEHOST 
  -P		-p
  -l localname	DNS"localname" 
		 0 
  -r		(default) $TCPREMOTEINFO 
  -R		-r
  -t N		$TCPREMOTEINFON
		26
--[COLUMN 1 ]-----------------------------------------------------

  daemontools

   daemontools-0.76 http://cr.yp.to/daemontools.html
   "How to install daemontools" 
  

	# mkdir -p /package
	# chmod 1755 /package
	# cd /package

   daemontools-0.76.tar.gz 
  

	# gzip -dc daemontools-0.76.tar.gz | tar xvpf -
	# cd admin/daemontools-0.76
	# package/install

   daemontools  /usr/local/bin/ 
  ()

---[ ]-----------------------------------------------------------
  /usr/local/bin 
---------------------------------------------------------------------

  daemontools

  install
  daemontools svscan 
  
  svscan 
   
  archive/boot.rclocal () 
  

---[ ]-----------------------------------------------------------
csh -cf '/command/svscanboot &'
-------------------------------------------------------------------------


--[COLUMN 2 daemontools]-----------------------------------------------------

UNIX
/etc 

 -HUP 
PID

OSBINDApache 






daemontools
()
()
 svscanboot daemontools  svscan 
svscan() /service 

 supervise 

supervise
 "run" 

./run 

(15)

svscan, supervise
(ftpd)
svcsvc


  -u  
  -d  
  -o  
  -p   STOP (Pause)
  -c   CONT 
  -h   HUP 
  -a   ALRM 
  -i   INT 
  -t   TERM 
  -k   KILL 
  -x  supervise 
      



  # svc  

 /service/ 
(
/service/ftpd) svc -d /service/ftpd
supervise 


  # touch /service/ftpd/down
  # svc -d /service/ftpd

"down" supervise


  # rm /service/ftpd/down
  # svc -u /service/ftpd



--[COLUMN 2 ]--------------------------------------------------------


  publicfile

   publicfile  publicfile-0.52.tar.gz 
   http://cr.yp.to/publicfile.html  "How to install publicfile" 
  
  

	# gzip -dc publicfile-0.52.tar.gz
	# cd publicfile-0.52
	# make
	# make setup check

  /usr/local/publicfile publicfile
  ()

---[ ]-----------------------------------------------------------
  /usr/local/publicfile/bin 
 
---------------------------------------------------------------------

  publicfile

   publiacfile  anonymous
  ftp 
  http://cr.yp.to/publicfile/install.html httpd
   publicfile httpd
  

  ftp /usr/local/publicfile/bin  
  configure configure 
  

/usr/local/publicfile/bin/configure     

  

			(
			UID/GID )
		(
			multilogUID/GID)
			ftpd, httpd 
			(configure
			)
			
			IP

  

			aftp
			aftplog
		/opt/public
			ftp.uu.ymzk.org
	IP		10.0.0.21

   anonymous ftp 

  1. 

      aftp 
      aftp 

	(Solaris2, Linux, NetBSD, OpenBSD)
	# groupadd aftp
	# useradd -s /bin/noshell -d /opt/public/ftpd -g aftp aftp
	(FreeBSD)
	# pw useradd aftp -s /noshell -d /opt/public/ftpd

      aftplog 

	(Solaris2, Linux, NetBSD, OpenBSD)
	# groupadd aftplog
	# useradd -s /bin/noshell -d /opt/public/ftpd/log -g aftplog aftplog
	(FreeBSD)
	# pw useradd aftplog -s /noshell -d /opt/public/ftpd/log

  2. 

      /opt/public 
      publicfile configure
      /opt/public 
     configure
     mkdir

  3. configure

     

	# /usr/local/publicfile/bin/configure \
		aftp aftplog /opt/public ftp.uu.ymzk.org 10.0.0.21

     /opt/public  
     
 ------------------------------------------------------------
ftp# ls -lF /opt/public
total 3
drwxr-sr-x  3 root  wheel  512 Jul 28 18:08 file/
drwx--S--T  3 root  wheel  512 Jul 28 18:08 ftpd/
drwx--S--T  3 root  wheel  512 Jul 28 18:08 httpd/

ftp# ls -lF /opt/public/file
total 1
drwxr-sr-x  2 root  wheel  512 Jul 28 18:08 0/
lrwxr-xr-x  1 root  wheel    1 Jul 28 18:08 10.0.0.21@ -> 0
lrwxr-xr-x  1 root  wheel    1 Jul 28 18:08 ftp.uu.ymzk.org@ -> 0

ftp# ls -lF /opt/public/ftpd
total 2
drwxr-sr-x  3 root  wheel  512 Jul 28 18:08 log/
-rwxr-xr-x  1 root  wheel  166 Jul 28 18:08 run*

ftp# ls -lF /opt/pf/httpd
total 2
drwxr-sr-x  3 root  wheel  512 Jul 28 18:08 log/
-rwxr-xr-x  1 root  wheel  142 Jul 28 18:08 run*
----------------------------------------------------------------------

  4. 

     /service ftpd
     

	# ln -s /opt/public/ftpd /service

     localhost ftp

	# ftp localhost
	Connected to localhost.
	220 Features: a p .
	Name (localhost:yuuji): 

     publicfile ftpd anonymousftp
      anonymous login 

	Name (localhost:yuuji): hoge
				~~~~
	230 Hi. No need to log in; I'm an anonymous ftp server.
	Remote system type is UNIX.
	Using binary mode to transfer files.
	ftp> 

  publicfile ftpd 

  publicfile configure 
  file/ 
   0/ publicfile
  ftpd  anonymous ftp login 
  
  
  chroot

   IP 
   publicfile httpd  
  http://host/index.html 
  file/host/index.html HTTP 
  virtualhost 
  file/10.0.0.21,
  file/ftp.uu.ymzk.org  file/0 
  anonymous ftp 
  


yuuji@gentei.org
Fingerprint16 = FF F9 FF CC E0 FE 5C F7 19 97 28 24 EC 5D 39 BA
HIROSE Yuuji - ASTROLOGY / BIKE / EPO / GUEST BOOK / YaTeX [Tweet]