文件列表:

pure-ftpd-1.0.18\configuration-file\Makefile.am (77, 2002-10-02)
pure-ftpd-1.0.18\configuration-file\Makefile.in (8443, 2004-03-03)
pure-ftpd-1.0.18\configuration-file\pure-config.pl.in (3221, 2004-02-29)
pure-ftpd-1.0.18\configuration-file\pure-config.py.in (7444, 2004-02-29)
pure-ftpd-1.0.18\configuration-file\pure-ftpd.conf.in (10653, 2004-02-29)
pure-ftpd-1.0.18\configure.ac (36739, 2004-03-03)
pure-ftpd-1.0.18\aclocal.m4 (34759, 2004-03-03)
pure-ftpd-1.0.18\Makefile.am (545, 2003-11-22)
pure-ftpd-1.0.18\Makefile.in (18747, 2004-03-03)
pure-ftpd-1.0.18\config.h.in (19747, 2004-03-03)
pure-ftpd-1.0.18\pure-ftpd.spec.in (9415, 2004-03-02)
pure-ftpd-1.0.18\configure (631739, 2004-03-03)
pure-ftpd-1.0.18\AUTHORS (6495, 2004-03-01)
pure-ftpd-1.0.18\COPYING (1259, 2004-02-22)
pure-ftpd-1.0.18\ChangeLog (71206, 2004-03-03)
pure-ftpd-1.0.18\INSTALL (9240, 2004-02-08)
pure-ftpd-1.0.18\NEWS (32595, 2004-03-03)
pure-ftpd-1.0.18\THANKS (11262, 2004-03-03)
pure-ftpd-1.0.18\compile (2774, 2004-02-08)
pure-ftpd-1.0.18\depcomp (13866, 2004-02-08)
pure-ftpd-1.0.18\install-sh (7122, 2004-02-08)
pure-ftpd-1.0.18\missing (10266, 2004-02-08)
pure-ftpd-1.0.18\mkinstalldirs (1988, 2004-02-08)
pure-ftpd-1.0.18\pure-ftpd.spec (9412, 2004-03-03)
pure-ftpd-1.0.18\HISTORY (2236, 2003-08-09)
pure-ftpd-1.0.18\CONTACT (477, 2003-05-24)
pure-ftpd-1.0.18\FAQ (32362, 2004-02-29)
pure-ftpd-1.0.18\Makefile.gui (19, 2002-10-02)
... ...

.:. PURE-FTPD .:. Documentation for version 1.0.18 PDF version available from http://www.pureftpd.org/readme.pdf ------------------------ BLURB ------------------------ Pure-FTPd is a fast, production-quality, standard-conformant FTP server, based upon Troll-FTPd. The server has been designed to be secure in default configuration, it has no known vulnerability, it is really trivial to set up and it is especially designed for modern kernels. It was successfully ported to Linux, FreeBSD, NetBSD, OpenBSD, ISOS, EkkoBSD, BSDi, Solaris, Darwin, Tru***, Irix, AIX and HPUX. Features include chroot()ed and/or virtual chroot()ed home directories, virtual domains, built-in 'ls', anti-warez system, configurable ports for passive downloads, FXP protocol, bandwidth throttling, ratios, LDAP / MySQL / PostgreSQL-based authentication, fortune files, Apache-like log files, fast standalone mode, text / HTML / XML real-time status report, virtual users, virtual quotas, privilege separation, SSL/TLS and more. ------------------------ WHO'S USING IT? ------------------------ Many people new to Unix are running Pure-FTPd because they find it easy to install. But that software is also used on embedded systems and highly loaded production servers, especially for hosting services. A list of some companies successfully using it is available at http://www.pureftpd.org/users.shtml Pure-FTPd was also part of a crack-a-machine challenge with other software, and that machine never got compromised. For large sites with centralized user management, Pure-FTPd provides flexible authentication schemes including SQL and LDAP backends, plus the ability to easily write new custom handlers in any language. ------------------------ COMPILATION ------------------------ In its current form, Pure-FTPd uses some OS-specific system calls. And altough some portability work has been done in order to ease its port to other operating systems, only Linux FreeBSD, NetBSD, OpenBSD, ISOS, EkkoBSD, BSDi, Darwin, Solaris, Tru***, Irix, AIX and HPUX are known to work, other operating systems may need some tweaks. With Linux, any modern distribution should be ok. An unofficial Windows port is available from http://www.pureftpd.org/windows/ If you have Cdialog or Xdialog installed on your system, try the following command to build and install Pure-FTPd: make -f Makefile.gui If you don't have Cdialog or if you prefer the conventional way, here it is: ./configure make install-strip Et voila! The software is now installed in /usr/local/sbin/pure-ftpd To launch the server, just type the following command: /usr/local/sbin/pure-ftpd & If you installed a binary package (RPM, SLP, Debian), maybe use the following command instead: /usr/sbin/pure-ftpd & Your server is ready. Just type 'ftp localhost' to test it. If you want to automatically run the server when the system boots, add the previous command to /etc/rc.d/rc.local or /etc/rc.d/boot.local . Don't forget the '&' sign. Note 1: On Linux systems, you will notice that the server is always running as root. This is intentional and more secure that servers who are changing their effective uid (and only effective uid, they still have root privileges in fact, use ps -U to see what servers are really running as root) . We are using Linux kernel-specific tricks to drop privileges that "ps" can't show. Note 2: To compile under Irix, you have to issue this before typing ./configure: export CC=cc export CFLAGS=-I/usr/freeware/include export LDFLAGS=-L/usr/freeware/lib32 To compile under Solaris 8, use GNU Make, not Solaris basic make. Then do: export PATH=/usr/ccs/bin:$PATH export MAKE=gmake Nota 3: To deinstall Pure-FTPd (no, do you really want to do this?), use: ./configure make uninstall ------------------------ ADVANCED COMPILATION ------------------------ The "./configure" script accepts some arguments you might want to add before the compilation: /-------------------- "--with-" switches --------------------/ --with-altlog: in addition to the syslog output, support logging into a specific file, in an alternative format. Currently, the CLF, Stats, W3C and xferlog formats are implemented. CLF (common log format) is the basic format produced by Apache, WebFS, Roxen and most web servers. These log files only record file transfers and they can feed web statistic software (Analog, Webalizer, etc.) to analyze the load of your FTP server. The Stats format is a special output format, designed for log file analys software. The W3C format is a standard format parsed by most commercial log analyzers (all analyzers with support for IIS should deal with it) . Xferlog is the traditional format created by wu-ftpd. Check the -O option later in this documentation for additional info. --with-brokenrealpath: some Solaris versions have a broken realpath() implementation. If altlog and/or pure-uploadscript doesn't seem to work properly on your system, try to recompile with this switch. --with-certfile=: the file with the SSL certificate (see README.TLS). The default is /etc/ssl/private/pure-ftpd.pem . --with-cookie: display a fortune or a customized banner when an user logs in (see the '-F' option) . --with-diraliases: support directory aliases ("shortcuts" for the "cd" command) . Please read the appropriate section about this (further in this manual) . --with-everything: build a big server with almost all features turned on: altlog, cookies, throttling, ratios, ftpwho, upload script, virtual users (puredb), quotas, virtual hosts, directory aliases, external authentication and rendezvous. --with-extauth: compiles support for external authentication modules. Please read README.Authentication-Modules and the pure-authd(8) man page before enabling this feature. Most users don't need it. --with-ftpwho: support for the 'pure-ftpwho' command. Enabling this feature needs some extra memory. Better use it when the server is run in standalone mode. It can be way slower in inetd mode. --with-language=english --with-language=german --with-language=romanian --with-language=french --with-language=polish --with-language=spanish --with-language=danish --with-language=italian --with-language=brazilian-portuguese --with-language=slovak --with-language=dutch --with-language=korean --with-language=swedish --with-language=norwegian --with-language=russian --with-language=traditional-chinese --with-language=simplified-chinese --with-language=hungarian --with-language=catalan --with-language=czech: change the language of server messages. Default is english. If you want to contribute a translation, please translate the 'src/messages_en.h' file and send it to . --with-largefile: support downloading of files larger than 2 gigabytes on 32-bit architectures. Transfering so huge files through FTP is a strange idea. And your filesystem has to support it. Your kernel and your libc as well. And of course, the FTP client has to be safe against large files, too. And when this feature is enabled, downloads can be a bit slower (or more cpu-intensive) than without it, due to a limitation of actual Linux kernels. To summarize: don't enable this for fun, just if you are really planning to download files over 2 gigabytes. --with-ldap: use the native LDAP directory support. When this option is enabled, system accounts can be bypassed. You need OpenLDAP to use that feature. If OpenLDAP is installed in a custom location, you can use the --with-ldap= syntax. See the README.LDAP file for more info about LDAP and Pure-FTPd. --with-minimal: to efficiently use features of modern FTP clients, Pure-FTPd implements the basics of the FTP protocol, with many extensions (SITE IDLE, SITE CHMOD, MLSD, ...) . Using the --with-minimal directive, these extensions won't be compiled in. Also, there will be no standalone server, no lookup for user/group names, no humor and no ASCII support. But the executable file size will be smaller than in a default installation. You need at least GCC 3.3 to compile with this option. Regular expressions are compiled in. If you still want to reduce the size, use --without-globbing in conjunction with --with-minimal. If you are building an embedded system, use this. In all other cases, to avoid complaints from customers (especially with Windows clients), forget this. --with-mysql: use the native MySQL support for users database. When this option is enabled, system accounts can be bypassed. MySQL client libraries should be installed to use that feature. If MySQL is installed in a custom location, you can use the --with-mysql= syntax. See the README.MySQL file for more info about MySQL and Pure-FTPd. --with-nonroot: set up a server that doesn't need root privileges to be started. Any regular user can run the server. It can be useful if you have a limited shell access to a non-dedicated hosting server. But some features will be disabled and passwords can only be checked via LDAP, SQL or PureDB. When virtual chroot is enabled, people will be restricted to the directory the server was started in. This is an insecure mode, designed for setting up very temporary servers by regular (non-root) users. Port 2121 will be listened by default in standalone mode. If you want to use the nonroot mode, you must compile and *install* the software (./configure --prefix=... && make install-strip) . /sbin, /bin and /man directories will be created in that prefix. But you must also add an /etc directory (readable and writeable by the user pure-ftpd will run as) . --with-pam: use pluggable authentification modules. Don't use this option if your login/passwd pairs are always refused (but the real fix would be to fix your PAM configuration). You need to create a /etc/pam.d/pure-ftpd file to properly use the PAM authentication. The 'pam' directory contains an example of such a file. --with-paranoidmsg: favor paranoid messages over sysadmin-friendly messages. When this option is enabled, login failures will show the same message to the user, regardless of the source of the problem. Without this option, "Authentication failure" is displayed when this is a password problem and "Sorry, I can't trust you" is displayed when the user has been banned by the sysadmin. --with-peruserlimits: enable per-user concurrency limits. Avoid this on very loaded servers. --with-pgsql: use the native Postgres support for users database. When this option is enabled, system accounts can be bypassed. Postgres client libraries should be installed to use that feature. If Postgres is installed in a custom location, you can use the --with-pgsql= syntax. See the README.PGSQL file for more info about Postgres and Pure-FTPd. --with-probe-random-dev: Pure-FTPd uses /dev/arandom, /dev/urandom or /dev/random devices to provide hardly-predicable random numbers. Presence of these devices are usually probed at compile-time. If you want to compile a binary package on a host, then run it on another host, this option will enable the probe at run-time. This is useless on Linux and BSD systems, but it can be needed on Solaris and QNX. --with-puredb: support virtual users, ie. a local users database, independent of your system accounts. Please read the README.Virtual-Users file for more info about virtual users. --with-quotas: enable virtual quotas. With virtual quotas, you can restrict the maximal number of files an user can store in his account. You can also of course restrict the total size. See the "quotas" section later in this document. --with-ratios: support upload/download ratios, to please w4r3z fr34k2. --with-sysquotas: support system quotas (not Pure-FTPd's virtual quotas) . Only enable this if you really plan to use system quotas. --with-throttling: support bandwidth throttling (see below). --with-uploadscript: since 0.***, Pure-FTPd has a nice feature regarding uploads. Any external program or script can be automatically called after a successful upload. It needs another program installed by the Pure-FTPd package, called 'pure-uploadscript'. Check the man page for more info about this. --with-virtualchroot: usually, when an user is chrooted (-A and -a options), it's impossible to go out of his home directory. Enabling that feature makes it possible: symbolic links are always followed, even if they are pointing to directories not located in the user's home directory. This is very useful for having shared directories (for instance, have a symbolic link to /var/incoming in every home directory) . This feature isn't enabled by default. --with-virtualhosts: support virtual hosting. It means that you can have different anonymouns FTP areas for each IP address. If your server has only one IP address, you don't need that feature. But if you have multiple IP addresses and if you want a client that connects to IP xxx to get the content of /etc/pure-ftpd/xxx/ instead of ~ftp/ , enable this option. And read the the "VIRTUAL SERVERS" section at the end of this file. --with-welcomemsg: read 'welcome.msg' files for compatibility with some other FTP servers. This is a security flaw (anonymous users may upload 'welcome.msg' files to add random banners) . Pure-ftpd uses '.banner' files by default. --with-boring: display "professionnal-looking" messages. --with-privsep: enable privilege separation (see notes about this later). --withrendez-vous: enable Rendezvous support on MacOS X (see the -v switch). /----------------------- "--without-" switches -----------------------/ --without-ascii: does not support 7-bits transfers (ASCII) . If you have customers using Windows clients to send scripts and HTML files, don't use this option or they will yell at you. --without-banner: don't display the initial banner. This is stupid security through obscurity. --without-capabilities: if the capabilities library (libcap) is found, Pure-FTPd will try to use it in order to enhance security. This option overrides the test to ignore the library. Try this if capabilities don't work properly on your system. libcap can be downloaded from ftp://ftp.kernel.org/pub/linux/libs/security/linux-privs/ . --without-globbing: don't include the globbing code. It reduces the memory footprint but regular expressions won't work any more (things like 'ls *.rpm') . Most people shouldn't use --without-globbing. Globbing is a nice feature. --without-humor: if you find what this option does without peeking at the source code, you're a lucky guy! --without-inetd: if you will always be running Pure-FTPd in standalone-mode, enabling this flag can save a few code bytes. Don't enable --without-inetd and --without-standalone, because it's impossible to run a server without one of them. These options aren't enabled on binary distributions of Pure-FTPd, so that both inetd-like and standalone mode are supported. --without-iplogging: don't log any IP address to protect confidentiality, especially for political servers. --without-nonalnum: paranoid file name checking: only allow basic alphanumeric characters. Never enable this switch blindly, or your customers will complain. --without-unicode: disallow non-latin characters. Recommended if you don't have special characters in file names. --without-sendfile: on Linux, Solaris, HPUX and FreeBSD kernels, Pure-FTPd tries to reduce the CPU/memory usage by using a special system call (sendfile) . It works very well with most filesystems. However, this optimization is not implemented for all filesystems in current kernels. Users reported that downloading files with Pure-FTPd failed with SMBFS (Samba) on FreeBSD and TmpFS and NTFS on Linux (the error reported by the server is "broken pipe" or "Error during write to data connection") . If you are planning to serve files from these filesystems, you have to use the --without-sendfile switch to enable a workaround. It was also reported that PA-Risc Linux systems need this flag. --without-shadow: ignore the shadow passwords, even though they are auto-detected. Usually a bad idea, unless you use PAM, LDAP or SQL. Pure-FTPd support expiration dates of shadow passwords (both for accounts and passwords) . --without-standalone: the FTP server can normally run in standalone-mode (without any super-server) . If you don't need that feature and if you want to save few code bytes, add this option. A super-server like g2s, xinetd or tcpserver will be mandatory to run the service. But the standalone mode is the recommended mode of operation. --without-usernames: never outputs user and group names in directory listings, only UIDs and GIDs. It improves security and performances, but some people find this not user-friendly. /-------------- Other notes --------------/ Other traditional autoconf options are of course recognised, like "--prefix=" to change the installation prefix, that defaults to "/usr/local/". FYI, the binary RPM packages of Pure-FTPd are configured with the following command line: ./configure --with-everything --with-paranoidmsg --without-capabilities \ --with-virtualchroot RPM packages are also compiled with --without-pam to enhance their portability. ------------------------ STANDALONE INSTALLATION ------------------------ Unless you compiled the server with "--without-standalone", running the server is as easy as typing: /usr/local/sbin/pure-ftpd & In the following examples, we will assume that the 'pure-ftpd' file is located in /usr/local/sbin. This is the default if you compiled the server from the source code tarball. But as I said earlier in this document, if you installed a binary package (RPM, SLP, DEB, TGZ), the server maybe installed in /usr/sbin/. So just replace '/usr/local/sbin/pure-ftpd' with '/usr/sbin/pure-ftpd'. When the previous command is run, the server will listen for incoming connections on every interface, all IP addresses and the standard FTP port (21) . If your system has IPv6 addresses, they should work as well. Now, if you want to listen for an incoming connection on a non-standard port, just append '-S' and the port number: /usr/local/sbin/pure-ftpd -S 42 Service names are also allowed ('-S smtp' and the daemon will be accepting connections on the SMTP port (25) . Very uncommon, but we should please everybody anyway, even disturbed minds) . Now, what if your system has many IP addresses and you want the FTP server to be reachable on only one of these addresses, let's say 192.168.0.42? Just use the following command line: /usr/local/sbin/pure-ftpd -S 192.168.0.42, The final comma is important, don't forget it. Actually, it's a shorthand for: /usr/local/sbin/pure-ftpd -S 192.168.0.42,21 If you prefer host names over IP addresses, it's your choice: /usr/local/sbin/pure-ftpd -S ftp.rtchat.com,21 IPv6 addresses are of course supported. With previous command lines, the server will run in the default configuration. Anonymous FTP logins will be allowed if there's a system account called 'ftp' and every user of your system will be able to access the FTP server using his regular login/password pair. If you need to tweak that default configuration, other command-lines options can be added. For instance: /usr/local/sbin/pure-ftpd -c 50 & or /usr/local/sbin/pure-ftpd -S ftp.rtchat.com,21 -c 50 & And only 50 simultanous connections will be allowed. To discover what options are available please jump to the 'OPTIONS' chapter below. If the server runs perfe ... ...

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：