1INSTALL 2======= 3 4This file details how to build and install / run vsftpd from the vsftpd 5distribution .tar.gz file. 6 7Step 1) Build vsftpd. 8 9Switch to the directory created when you unpacked the vsftpd .tar.gz file. 10e.g.: 11 12cd vsftpd-1.1.2 13 14edit "builddefs.h" to handle compile-time settings (tcp_wrappers build, 15etc). 16 17Just type "make" (and mail me to fix it if it doesn't build ;-). 18This should produce you a vsftpd binary. You can test for this, e.g.: 19 20[chris@localhost vsftpd]$ ls -l vsftpd 21-rwxrwxr-x 1 chris chris 61748 Sep 27 00:26 vsftpd 22 23Step 2) Satisfy vsftpd pre-requisites 242a) vsftpd needs the user "nobody" in the default configuration. Add this 25user in case it does not already exist. e.g.: 26 27[root@localhost root]# useradd nobody 28useradd: user nobody exists 29 302b) vsftpd needs the (empty) directory /usr/share/empty in the default 31configuration. Add this directory in case it does not already exist. e.g.: 32 33[root@localhost root]# mkdir /usr/share/empty/ 34mkdir: cannot create directory `/usr/share/empty': File exists 35 362c) For anonymous FTP, you will need the user "ftp" to exist, and have a 37valid home directory (which is NOT owned or writable by the user "ftp"). 38The following commands could be used to set up the user "ftp" if you do not 39have one: 40 41[root@localhost root]# mkdir /var/ftp/ 42[root@localhost root]# useradd -d /var/ftp ftp 43 44(the next two are useful to run even if the user "ftp" already exists). 45[root@localhost root]# chown root.root /var/ftp 46[root@localhost root]# chmod og-w /var/ftp 47 48Step 3) Install vsftpd config file, executable, man page, etc. 49 50Running "make install" will try to copy the binary, man pages, etc. to 51somewhere sensible. 52Or you might want to copy these things by hand, e.g.: 53cp vsftpd /usr/local/sbin/vsftpd 54cp vsftpd.conf.5 /usr/local/man/man5 55cp vsftpd.8 /usr/local/man/man8 56 57"make install" doesn't copy the sample config file. It is recommended you 58do this: 59cp vsftpd.conf /etc 60 61Step 4) Smoke test (without an inetd). 62 63vsftpd can run standalone or via an inetd (such as inetd or xinetd). You will 64typically get more control running vsftpd from an inetd. But first we will run 65it without, so we can check things are going well so far. 66Edit /etc/vsftpd.conf, and add this line at the bottom: 67 68listen=YES 69 70This tells vsftpd it will NOT be running from inetd. 71Right, now let's try and run it! 72Log in as root. 73Make sure you are not running other FTP servers (or vsftpd will not be able 74to use the FTP port, 21). 75Run the binary from wherever you put it, e.g.: 76 77[root@localhost root]# /usr/local/sbin/vsftpd & 78[1] 2104 79 80If all is well, you can now connect! e.g.: 81 82[chris@localhost chris]$ ftp localhost 83Connected to localhost (127.0.0.1). 84220 (vsFTPd 1.1.1) 85Name (localhost:chris): ftp 86331 Please specify the password. 87Password: 88230 Login successful. Have fun. 89Remote system type is UNIX. 90Using binary mode to transfer files. 91ftp> ls 92227 Entering Passive Mode (127,0,0,1,229,133) 93150 Here comes the directory listing. 94d--x--x--x 2 0 0 4096 Jan 14 2002 bin 95d--x--x--x 2 0 0 4096 Apr 21 20:52 etc 96drwxr-xr-x 2 0 0 4096 Apr 21 20:52 lib 97drwxr-sr-x 2 0 50 4096 Jul 26 22:58 pub 98226 Directory send OK. 99ftp> 100 101Step 5) Run from an inetd of some kind (optional - standalone mode is now 102recommended) 103 104You may want to run the binary from an inetd of some kind, because this can 105give you extra features - e.g. xinetd has a lot of settings. (Note that 106vsftpd's inbuilt listener covers most of the more useful xinetd settings). 107 1085a) If using standard "inetd", you will need to edit /etc/inetd.conf, and add 109a line such as: 110 111ftp stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/vsftpd 112 113(Make sure to remove or comment out any existing ftp service lines. If you 114don't have tcp_wrappers installed, or don't want to use them, take out the 115/usr/sbin/tcpd part). 116 117inetd will need to be told to reload its config file: 118kill -SIGHUP `pidof inetd` 119 1205b) If using "xinetd", you can follow a provided example, by looking at the 121file EXAMPLE/INTERNET_SITE/README. Various other examples show how to leverage 122the more powerful xinetd features. 123 124 125Step 6) Set up PAM for local logins (optional) 126 127If you are running vsftpd on a PAM enabled machine, you will need to have a 128/etc/pam.d/ftp file present, otherwise non-anonymous logins will fail. [NOTE - 129if you have an older version of PAM, that file might be /etc/pam.conf] 130 131For a standard setup, you can just copy a provided example file: 132cp RedHat/vsftpd.pam /etc/pam.d/ftp 133 134 135Step 7) Customize your configuration 136 137As well as the above three pre-requisites, you are recommended to install a 138config file. The default location for the config file is /etc/vsftpd.conf. 139There is a sample vsftpd.conf in the distribution tarball. You probably want 140to copy that to /etc/vsftpd.conf as a basis for modification, i.e.: 141 142cp vsftpd.conf /etc 143 144The default configuration allows neither local user logins nor anonymous 145uploads. You may wish to change these defaults. 146 147Other notes 148=========== 149 150Tested platforms (well, it builds) 151- Any modern, well featured platform should work fine! Recent versions of 152the platforms listed below, and often older ones, should work fine. 153- Fedora Core 154- RedHat Linux 155- RedHat Enterprise Linux 156- Solaris / GNU tools (Solaris 8 or newer) 157- SuSE Linux 158- Debian Linux 159- OpenBSD 160- FreeBSD 161- NetBSD 162- HP-UX / GNU tools 163- IRIX / GNU tools 164- AIX / GNU tools 165- Mac OS X (note; older versions have setgroups() problem. 10.3.4 reported OK) 166 167