Contents
3.23. install_vsftpd_or_nfs脚本¶
3.23.1. install_vsftpd.sh¶
#!/usr/bin/env bash
#usage:xxx
#scripts_name:xxx.sh
#VAR Set
IP_INFO=$(/usr/sbin/ifconfig| grep inet|sed 1q|awk '{print $2}')
#Server=$(ps -ef| grep vsftpd | grep -v "grep"|wc -l)
CONF_FILE=`rpm -qc vsftpd|more| grep vsftpd.conf`
Save_text="user.txt"
DATE=$(date +%F_%T)
function Base_init {
#close selinux
echo "Close selinux......."
setenforce 0 &>/dev/null
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
systemctl stop firewalld.service
systemctl disable firewalld.service
}
function unstall_vsftpd {
# unstall vsftpd
rpm -qa|grep vsftpd | xargs rpm -e --nodeps &> /dev/null
rm -rf /etc/vsftpd/*
echo -e "\033[32m begin uninstall vsftpd.....!\033[0m"
for (( VAR=0; VAR<=20; VAR++ )); do sleep 0.1;echo -n "#";done
echo
}
function install_vsftpd {
#install vsftpd
/usr/bin/yum -y install vsftpd*
# config_file_fix
echo "vsftpd conf file is -----------> $CONF_FILE"
echo "backup $CONF_FILE --------> ${CONF_FILE}.bak"
cp -rf $CONF_FILE{,.bak}
if systemctl enable vsftpd.service &>/dev/null; then
echo "设置开机自动启动vsftpd服务..... OK"
else
echo "设置开机自动启动vsftpd服务..... fail..."
fi
if systemctl start vsftpd.service &>/dev/null;then
echo "启动vsftpd服务..... OK"
else
echo "启动vsftpd服务..... fail ..."
fi
}
function echo_color {
if [[ $1 == "green" ]]; then
echo -e "\033[32m$2\033[0m"
elif [[ $1 == "red" ]]; then
echo -e "\033[31m$2\033[0m"
elif [[ $1 == "yellow" ]];then
echo -e "\033[33m$2\033[0m"
else
echo -e "\033[32m$1\033[0m"
fi
}
function conf_file_fix {
echo
echo "-------------------------------------------------------"
echo "开始配置config文件"
echo "-------------------------------------------------------"
echo
}
function Restart_ftp {
echo_color "配置完毕,重启vsftpd服务....."
systemctl restart vsftpd
if test $? -eq 0; then
echo_color "vsftpd重启完毕..........."
echo_color yellow "请访问: ftp://${IP_INFO}"
else
echo_color red "vsftpd启动失败....."
exit 1
fi
}
function Anonymous {
# 先检测是否安装vsftpd,如果安装,卸载掉之后重新安装
if rpm -qa|grep vsftpd >/dev/null 2>&1; then
echo -e "\033[32m It was detected that vsftpd was installed.!\033[0m"
unstall_vsftpd
fi
install_vsftpd
local PUB_dir="/var/ftp/pub"
if [ ! -d $PUB_dir ]; then
mkdir -p $PUB_dir
fi
conf_file_fix
echo_color green "vsftp的匿名用户上传下载目录为: $PUB_dir"
chown -R ftp /var/ftp/pub/
chmod 755 /var/ftp/pub/
cat >${CONF_FILE} <<EOF
anonymous_enable=YES
anon_umask=022
anon_mkdir_write_enable=YES
anon_upload_enable=YES
anon_other_write_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
anon_upload_enable=YES
anon_other_write_enable=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
EOF
Restart_ftp
}
function check_pass {
echo_color green "请输入密码:"
read -s passwd
if [ -n "$passwd" ]; then
echo_color green "密码设置成功,密码为:$passwd"
else
echo_color red "密码设置错误......"
check_pass
fi
}
function add_user {
label=1
while [[ $label == 1 ]]; do
read -p "输入用户名:" name
if /usr/sbin/useradd $name &>/dev/null ; then
echo "创建用户 $name 成功..."
check_pass
echo "$passwd" | passwd --stdin $name
if [ "$?" -eq 0 ]; then
echo -e "您创建的用户为 $name \t 密码为 $passwd"
echo -e "$name \t $passwd" >> $Save_text
fi
echo "是否退出,y退出,n继续?【y|n】"
read -p "Please input :" input
if [[ $input == "y" ]]; then
echo "用户名和密码保存在 $Save_text 文件中......"
label=2
fi
else
echo_color red "用户已经存在....."
fi
done
# chomod 777 dir
cat $Save_text|while read line; do
user_info=$line|awk '{print $1}'
chmod -R 777 /home/$user_info
done
}
function System_user_config {
touch /etc/vsftpd/chroot_list
conf_file_fix
cat > $CONF_FILE <<-"EOF"
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ascii_upload_enable=YES
ascii_download_enable=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
allow_writeable_chroot=YES
EOF
for (( VAR = 0; VAR <20; ++VAR )); do sleep 0.2; echo -n "#";done
echo_color "开始重启Vsftpd服务......"
Restart_ftp
cat $Save_text |awk -F" " '{print "用户名:"$1,"密码:"$2}'
}
function System_user_memu {
echo "请问是新增系统用户还是修改配置文件支持系统用户登录?"
echo
echo "1.新增系统用户,使用新增的用户访问"
echo "2.修改配置文件支持系统用户用户名/密码登录,使用系统自带的用户访问"
echo
read -p "输入choice:" choice
case "$choice" in
1)
add_user
System_user_config
;;
2)
System_user_config
;;
*)
echo_color red " Input error, re-enter......"
;;
esac
}
function Virtual_user {
unstall_vsftpd
install_vsftpd
#安装 FTP 虚拟用户需要用到的软件及认证模块
yum install pam* libdb-utils libdb* --skip-broken -y
cat > /etc/vsftpd/ftpusers.txt<<-"EOF"
hujianli1
admin#123
hujianli2
admin#123
EOF
#查看虚拟用户信息
echo_color "Virtual user information is as follows"
local count=1
# 定义数组来装vsftpd的账号
declare -a Account
while read LINE; do
i=$(($count %2))
if [[ $i -eq 1 ]]; then
echo_color "vsftpd登录账号:$LINE"
Account[$count]=$LINE
else
echo_color "vsftpd登录密码:$LINE"
echo "---------------------------"
echo
fi
count=$((count +1))
done </etc/vsftpd/ftpusers.txt
local vsftp_login_DIR="/etc/pam.d/vsftpd"
sed -i '5 i auth sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login' $vsftp_login_DIR
sed -i '6 i account sufficient /lib64/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login' $vsftp_login_DIR
useradd -s /sbin/nologin ftpuser
cat > $CONF_FILE <<-"EOF"
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
ascii_upload_enable=YES
ascii_download_enable=YES
listen=YES
guest_enable=YES
guest_username=ftpuser
pam_service_name=vsftpd
user_config_dir=/etc/vsftpd/vsftpd_user_conf
virtual_use_local_privs=YES
EOF
mkdir -p /etc/vsftpd/vsftpd_user_conf
for i in ${!Account[@]} ; do
mkdir -p /home/ftpuser/${Account[$i]}
chown -R ftpuser:ftpuser /home/ftpuser/
cat >/etc/vsftpd/vsftpd_user_conf/${Account[$i]} <<-EOF
local_root=/home/ftpuser/${Account[$i]}
write_enable=YES
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
EOF
done
Restart_ftp
}
function main {
Base_init
Flag=""
while [[ $Flag == "" ]]; do
echo_color "---------------------------------------------------------------------------------------"
echo_color "#################### Wellcom to vsftpd install memu #####################################"
echo_color "---------------------------------------------------------------------------------------"
cat << EOF
1.匿名用户登录设置
2.系统用户登录配置
3.虚拟用户登录配置
4.卸载Vsftd
5.退出exit
EOF
read -p "Please input you choice:" input
case "$input" in
1)
echo_color "安装匿名用户的vsftpd...................."
Anonymous
Flag=1
;;
2)
echo_color "安装系统用户的vsftpd...................."
System_user_memu
Flag=1
;;
3)
echo_color "安装虚拟用户的vsftpd...................."
Virtual_user
Flag=1
;;
4)
echo_color "开始卸载vsftpd...................."
unstall_vsftpd
Flag=1
;;
5)
echo_color "退出......."
Flag=1
;;
*)
echo_color red "-----------------------"
echo_color red "Input error, re-enter......"
echo_color red "-----------------------"
;;
esac
done
}
main
3.23.2. install_nsf.sh¶
#!/usr/bin/env bash
# auto_install_nfs_server
# author:hujl
Share_DIR="/data/"
IP_INFO=`/sbin/ifconfig | grep "inet "|head -1|awk -F" " '{print $2}'`
update_yum(){
# 关闭防火墙和SELINUX
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
systemctl stop firewalld.service
systemctl disable firewalld
#更换阿里源国内源
cp -rf /etc/yum.repos.d/CentOS-Base.repo{,.bak}
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#在国内安装包会很慢,可以改为aliyun的epel源,先备份epel本身的源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo #可选
#生成缓存
yum clean all && yum makecache
if [ $? -eq 0 ]; then
echo -e "\033[32m network yum base update successful! \033[0m"
else
echo -e "\033[31m network yum base update Fail!!\033[0m"
exit 1
fi
}
install_nfs_server() {
# 安装NFS文件服务器
yum -y install nfs*
if [ $? -eq 0 ]; then
echo -e "\033[32m NFS_Server install successful! \033[0m"
else
echo -e "\033[31m NFS_Server install Fail!!\033[0m"
exit 1
fi
}
[ ! -d $Share_DIR ] && mkdir -p $Share_DIR || echo "$Share_DIR already exist!"
cat >> /etc/exports <<EOF
$Share_DIR *(rw,no_root_squash,no_all_squash,sync)
EOF
main(){
update_yum
install_nfs_server
/usr/sbin/service nfs restart
if [ $? -eq 0 ]; then
echo -e "\033[32m NFS start successful! \033[0m"
else
echo -e "\033[31m NFS start Fail!!\033[0m"
exit 1
fi
}
main
echo "***********************************************"
echo "************** nfs info **********************"
exportfs
echo "***********************************************"
DIR=`showmount --exports | awk 'NR==2'|cut -d" " -f1`
echo -e "Usage method 【 mount -t nfs ${IP_INFO}:${Share_DIR} Local path 】"
echo -e "\033[32m For example: \033[0m"
echo -e "Usage method 【 mount -t nfs ${IP_INFO}:${Share_DIR} /mount 】"
3.23.3. vsftp主动和被动模式脚本¶
#!/usr/bin/env bash
# author:hujianli
# by:2019-10-06
# use : minni install vsftpd
if [ "$#" -ne 1 ]; then
echo "*****************************"
echo -e "\033[32m1.vsftpd 主动模式:21端口建立连接,20端口传输数据\033[1m"
echo -e "2.vsftpd 主动模式: >1024端口传输数据"
echo -e "\033[33mUsage: bash `basename $0` 1 or 2\033[0m"
echo "*****************************"
exit 1
fi
check_Root() {
if [ "$(id -u)" -ne 0 ] ; then
echo "You must run this script as root. Sorry!"
exit 1
fi
}
simple_jindutiao(){
for((i=1;i<=10;i++));do echo -n "#";sleep 0.5;done
echo
}
VSFTPD_initiative() {
#yum 安装vsftpd,如果有安装,先卸载掉
if rpm -qa| grep vsftpd > /dev/null; then
yum -y remove vsftpd*
fi
yum -y install vsftpd*
local CONF=`rpm -qc vsftpd | grep vsftpd.conf`
cp -rf $CONF{,.bak}
echo "vsftpd的配置文件如下:"
# 查看配置文件
rpm -ql vsftpd | grep /etc*
# 启动vsftpd服务,查看进程
systemctl restart vsftpd.service
if [ $? -eq 0 ]; then
echo -e "\033[32m Start vsftp Successful!...\033[0m"
else
echo -e "\033[31m Start vsftp fail!...\033[0m"
fi
ps -ef| grep vsftpd
echo -e "\033[32m begin Configure Vsftpd 主动模式.......\033[0m"
cat >$CONF <<EOF
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
EOF
echo -e "\033[32m vsftpd 主动模式配置文件写入信息如下:\033[0m"
cat <<EOF
anonymous_enable=YES #开启匿名用户访问
local_enable=YES # 启用本地系统用户访问
write_enable=YES # 本地系统用户写入权限
local_umask=022 # 本地用户创建文件及目录默认权限掩码
dirmessage_enable=YES # 打印目录显示信息,通常用于用户第一次访问目录时,信息提示
xferlog_enable=YES # 启用上传/下载日志记录
connect_from_port_20=YES # FTP使用20端口进行数据传输,主动模式
xferlog_std_format=YES # 日志文件将根据xferlog的标准格式写入
listen=NO # vsftpd不以独立的服务启动,通过Xinetd服务管理,建议改成yes
listen_ipv6=YES # 启用IPv6监听
pam_service_name=vsftpd # 登录FTP服务器,依据/etc/pam.d/vsftpd中内容进行认证
userlist_enable=YES # vsftpd.user_list 和ftpusers配置文件里用户禁止访问FTP
tcp_wrappers=YES # 设置访问控制,通过该hosts.allow和/etc/hosts.deny中设置来判断是否允许访问
EOF
echo -e "\033[32m Restart vsftpd.......\033[0m"
simple_jindutiao
systemctl restart vsftpd.service
[ "$?" -eq 0 ] && echo -e "\033[32mSuccessful execution!\033[0m" || echo -e "\033[31m fail execution!\033[0m"
}
VSFTPD_passive() {
#yum 安装vsftpd,如果有安装,先卸载掉
if rpm -qa| grep vsftpd > /dev/null; then
yum -y remove vsftpd*
fi
yum -y install vsftpd*
local CONF=`rpm -qc vsftpd | grep vsftpd.conf`
cp -rf $CONF{,.bak}
echo "\033[32m vsftpd被动模式的配置文件如下:\033[0m"
echo
# 查看配置文件
rpm -ql vsftpd | grep /etc*
# 启动vsftpd服务,查看进程
systemctl restart vsftpd.service
if [ $? -eq 0 ]; then
echo -e "\033[32m Start vsftp Successful!...\033[0m"
else
echo -e "\033[31m Start vsftp fail!...\033[0m"
fi
ps -ef| grep vsftpd
echo -e "\033[32m begin Configure Vsftpd 被动模式.......\033[0m"
echo
cat >$CONF <<EOF
anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
xferlog_std_format=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
pasv_enable=YES
pasv_min_port=60000
pasv_max_port=60100
EOF
echo -e "\033[32m vsftpd被动模式配置文件写入信息如下:\033[0m"
echo
cat <<EOF
anonymous_enable=YES #开启匿名用户访问
local_enable=YES # 启用本地系统用户访问
write_enable=YES # 本地系统用户写入权限
local_umask=022 # 本地用户创建文件及目录默认权限掩码
dirmessage_enable=YES # 打印目录显示信息,通常用于用户第一次访问目录时,信息提示
xferlog_enable=YES # 启用上传/下载日志记录
xferlog_std_format=YES # 日志文件将根据xferlog的标准格式写入
listen=NO # vsftpd不以独立的服务启动,通过Xinetd服务管理,建议改成yes
listen_ipv6=YES # 启用IPv6监听
pam_service_name=vsftpd # 登录FTP服务器,依据/etc/pam.d/vsftpd中内容进行认证
userlist_enable=YES # vsftpd.user_list 和ftpusers配置文件里用户禁止访问FTP
tcp_wrappers=YES # 设置访问控制,通过该hosts.allow和/etc/hosts.deny中设置来判断是否允许访问
pasv_enable=YES # 开启被动模式
pasv_min_port=60000 # 被动连接的端口范围
pasv_max_port=60100
EOF
echo -e "\033[32m Restart vsftpd.......\033[0m"
simple_jindutiao
systemctl restart vsftpd.service
[ "$?" -eq 0 ] && echo -e "\033[32mSuccessful execution!\033[0m" || echo -e "\033[31m fail execution!\033[0m"
}
Usage_choice() {
if [[ "$1" -eq "1" ]]; then
VSFTPD_initiative
elif [[ "$1" -eq "2" ]]; then
VSFTPD_passive
else
echo -e "\033[33mUsage: bash `basename $0` 1 or 2\033[0m"
fi
}
check_Root
Usage_choice $1
3.23.4. auto_config_vsftpd.sh¶
#!/usr/bin/env bash
#usage:xxx
#scripts_name:${NAME}.sh
# author:xiaojian
SUCCESS="echo -en \\033[1;32m" #green
FAILURE="echo -en \\033[1;31m" #红色
WARNING="echo -en \\033[1;33m" #黄色
NORMAL="echo -en \\033[1;39m" #黑色
config_file=/etc/vsftpd/vsftpd.conf
#function
function menu() {
clear
echo "------------------------------------------"
echo "# 菜单 #"
echo "------------------------------------------"
echo "# 1.安装配置vsftpd."
echo "# 2.创建FTP账户."
echo "# 3.删除FTP账户."
echo "# 4.配置匿名账户."
echo "# 5.启动关闭vsftpd."
echo "# 6.退出脚本."
echo "-------------------------------------------"
echo
}
# 定义配置匿名账户的子菜单
function anon_sub_menu() {
clear
echo "----------------------------------------------"
echo "# 服务管理子菜单(Menu)"
echo "----------------------------------------------"
echo "# 1.启动vsftpd."
echo "# 2.关闭vsftpd."
echo "# 3.重启vsftpd."
echo "----------------------------------------------"
echo
}
function test_yum() {
num=$(yum repolist|tail -1|sed 's/.*: *//;s/,//')
if [ ${num} -le 0 ]; then
$FAILURE
echo "没有可用的Yum源."
$NORMAL
exit
else
if ! yum list vsftpd &>/dev/null;then
$FAILURE
echo "Yum源中没有vsftpd软件包."
$NORMAL
exit
fi
fi
}
function install_vsftpd() {
if test rpm -q vsftpd &> /dev/null; then
$WARNING
echo "vsftpd已安装."
$NORMAL
exit
else
yum -y install vsftpd
fi
}
function init_config() {
[ ! -e $config_file ] && cp $config_file $config_file{,.bak}
[ ! -d /common/pub ] && mkdir -p /common/pub
chmod a+w /common/pub
grep -q local_root $config_file|| sed -i '$a local_root=/common' $config_file
sed -i 's/^#chroot_local_user=YES/chroot_local_user=YES/' $config_file
}
function create_ftpuser() {
local $1
local $2
if id $1 &> /dev/null; then
$FAILURE
echo "${1}账户已存在"
$NORMAL
exit
else
useradd $1
echo "$2"|passwd --stdin $1 &>/dev/null
fi
}
function delete_user() {
local $1
if id $1 &> /dev/null; then
$FAILURE
echo "${1}账户不存在"
$NORMAL
exit
else
userdel $1
fi
}
#第一个参数1,匿名账户禁用
#第一个参数2,开启匿名账户登录功能
#第一个参数3,允许匿名账户上传文件
function anon_config() {
case $1 in
1)
:
# 待实现
;;
2)
:
# 待实现
:
;;
3)
:
# 待实现
;;
esac
}
# 服务管理
#第一个参数start,启动vsftpd
#第一个参数restart,重启vsftpd
#第一个参数stop,关闭vsftpd
function proc_manager() {
case $1 in
start)
:
;;
restart)
:
;;
stop)
:
;;
esac
}
menu
read -p "please choice 【1-6】: " input
case $input in
1)
test_yum
;;
2)
:
;;
3)
:
;;
4)
:
;;
6)
:
;;
*)
:
;;
esac