원문 : http://www.ischo.net -- 조인상 // 시스템 엔지니어

Writer : http://www.ischo.net -- ischo // System Engineer in Replubic Of Korea

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

본문 : http://www.ischo.net -- 조인상 //시스템 엔지니어

+++++++++++++++++++++++++++++++++++++++++++++++++++++++


1. /etc/passwd 화일과  /etc/shadow 화일에 아래와 같이 ftp user에 대하여 정의한다.

  /etc/passwd  file:

  ftp:x:30000:30000:Anonymous FTP:/export/ftp:/nosuchshell

  /etc/shadow file:

  ftp:NP:6445::::::


2. 아래의 shell script를 실행한다.


    #!/bin/sh
    # script to setup anonymous ftp area
    #

    # verify you are root
    /usr/bin/id | grep -w 'uid=0' >/dev/null 2>&1
    if [ "$?" != "0" ]; then
echo
exit 1
    fi

    # handle the optional command line argument
    case $# in

# the default location for the anon ftp comes from the passwd file
0) ftphome="`getent passwd ftp | cut -d: -f6`"
  ;;

1) if [ "$1" = "start" ]; then
    ftphome="`getent passwd ftp | cut -d: -f6`"
  else
    ftphome=$1
  fi
  ;;

*) echo "Usage: $0 [anon-ftp-root]"
  exit 1
  ;;
    esac

    if [ -z "${ftphome}" ]; then
echo "$0: ftphome must be non-null"
exit 2
    fi

    case ${ftphome} in
/*) # ok
    ;;

*) echo "$0: ftphome must be an absolute pathname"
  exit 1
  ;;
    esac

    # This script assumes that ftphome is neither / nor /usr so ...
    if [ -z "${ftphome}" -o "${ftphome}" = "/" -o "${ftphome}" = "/usr" ]; then
echo "$0: ftphome must be non-null and neither / or /usr"
exit 2
    fi

    # If ftphome does not exist but parent does, create ftphome
    if [ ! -d ${ftphome} ]; then
  # lack of -p below is intentional
  mkdir ${ftphome}
    fi
    chown root ${ftphome}
    chmod 555 ${ftphome}

    echo Setting up anonymous ftp area ${ftphome}

    # Ensure that the /usr directory exists
    if [ ! -d ${ftphome}/usr ]; then
  mkdir -p ${ftphome}/usr
    fi
    # Now set the ownership and modes to match the man page
    chown root ${ftphome}/usr
    chmod 555 ${ftphome}/usr

    # Ensure that the /usr/bin directory exists
    if [ ! -d ${ftphome}/usr/bin ]; then
  mkdir -p ${ftphome}/usr/bin
    fi
    # Now set the ownership and modes to match the man page
    chown root ${ftphome}/usr/bin
    chmod 555 ${ftphome}/usr/bin

    # this may not be the right thing to do
    # but we need the bin -> usr/bin link
    rm -f ${ftphome}/bin
    ln -s usr/bin ${ftphome}/bin

    # Ensure that the /usr/lib and /etc directories exist
    if [ ! -d ${ftphome}/usr/lib ]; then
  mkdir -p ${ftphome}/usr/lib
    fi
    chown root ${ftphome}/usr/lib
    chmod 555 ${ftphome}/usr/lib

    if [ ! -d ${ftphome}/etc ]; then
  mkdir -p ${ftphome}/etc
    fi
    chown root ${ftphome}/etc
    chmod 555 ${ftphome}/etc

    # a list of all the commands that should be copied to ${ftphome}/usr/bin
    # /usr/bin/ls is needed at a minimum.
    ftpcmd="
/usr/bin/ls
    "

    # ${ftphome}/usr/lib needs to have all the libraries needed by the above
    # commands, plus the runtime linker, and some name service libraries
    # to resolve names. We just take all of them here.

    ftplib="`ldd $ftpcmd | nawk '$3 ~ /lib/ { print $3 }' | sort | uniq`"
    ftplib="$ftplib /usr/lib/nss_* /usr/lib/straddr* /usr/lib/libmp.so*"
    ftplib="$ftplib /usr/lib/libnsl.so.1 /usr/lib/libsocket.so.1 /usr/lib/ld.so.1"
    ftplib="`echo $ftplib | tr ' ' '0 | sort | uniq`"

    cp ${ftplib} ${ftphome}/usr/lib
    chmod 555 ${ftphome}/usr/lib/*

    cp ${ftpcmd} ${ftphome}/usr/bin
    chmod 111 ${ftphome}/usr/bin/*

    # you also might want to have separate minimal versions of passwd and group
    cp /etc/passwd /etc/group /etc/netconfig ${ftphome}/etc
    chmod 444 ${ftphome}/etc/*

    # need /etc/default/init for timezone to be correct
    if [ ! -d ${ftphome}/etc/default ]; then
mkdir ${ftphome}/etc/default
    fi
    chown root ${ftphome}/etc/default
    chmod 555 ${ftphome}/etc/default
    cp /etc/default/init ${ftphome}/etc/default
    chmod 444 ${ftphome}/etc/default/init

    # Copy timezone database
    mkdir -p ${ftphome}/usr/share/lib/zoneinfo
    (cd ${ftphome}/usr/share/lib/zoneinfo
    (cd /usr/share/lib/zoneinfo; find . -print | cpio -o) 2>/dev/null | cpio -imdu 2>/dev/null
    find . -print | xargs chmod 555
    find . -print | xargs chown root
    )


    # Ensure that the /dev directory exists
    if [ ! -d ${ftphome}/dev ]; then
  mkdir -p ${ftphome}/dev
    fi

    # make device nodes. ticotsord and udp are necessary for
    # 'ls' to resolve NIS names.

    for device in zero tcp udp ticotsord ticlts
    do
line=`ls -lL /dev/${device} | sed -e 's/,//'`
major=`echo $line | awk '{print $5}'`
minor=`echo $line | awk '{print $6}'`
rm -f ${ftphome}/dev/${device}
mknod ${ftphome}/dev/${device} c ${major} ${minor}
    done

    chmod 666 ${ftphome}/dev/*

    ## Now set the ownership and modes
    chown root ${ftphome}/dev
    chmod 555 ${ftphome}/dev

    # uncomment the below if you want a place for people to store things,
    # but beware the security implications
    #if [ ! -d ${ftphome}/pub ]; then
    #  mkdir -p ${ftphome}/pub
    #fi
    #chown ftp ${ftphome}/pub
    #chmod 1777 ${ftphome}/pub
번호 제목 글쓴이 날짜 조회 수
공지 [공지] 게시자료 열람자유. 불펌금지입니다. 조인상 2010.12.07 20164
33 운영체제별 명령어 비교 조인상 2010.05.12 7111
32 Sun/Qlogic HBA WWN 알아보는법 조인상 2010.05.12 18276
31 SUN 용 시리얼케이블 제작법 file 조인상 2010.05.12 16190
30 솔라리스 이더넷카드 인터페이스 종류 조인상 2010.05.12 8992
29 Sun Performance And Tuning - Sparc & Solaris file 조인상 2010.05.12 6499
28 Solaris 10 Virtual Exam file 조인상 2010.05.12 6522
27 number of files (nofiles : File descriptor)값 변경하는 법 조인상 2010.05.12 11753
26 about iostat 조인상 2010.05.12 7797
25 솔라리스 10 매뉴얼 file 조인상 2010.05.12 14214
24 Solaris Volume Manager Admin Guide file 조인상 2010.05.12 7838
23 NIC 속도 확인방법 조인상 2010.05.12 19792
22 솔라리스 10 접속서비스 설정 (telnet ftp ssh) 조인상 2010.05.12 16490
21 같은아이디로 여러번 로그인(멀티로그인) 금지 방법 조인상 2010.05.12 10674
20 솔라리스8 ssh 설치 조인상 2010.05.12 17356
19 솔라리스10에서 tcp_wrapper 사용하기/설정 조인상 2010.05.12 19589
18 [ksh] 여러개의 프로세스 kill 시키는 스크립트 조인상 2010.05.12 15568
17 FTP 관련 포트 정리 file 조인상 2010.05.12 19225
16 UTP 케이블. 다이렉트/크로스 제작방법 조인상 2010.05.12 15617
15 C++ 테스트 코드 조인상 2010.05.12 14050
14 SUN ILOM 2.0 기능 및 설명 file 조인상 2010.05.24 31286
서버에 요청 중입니다. 잠시만 기다려 주십시오...