創建ftp伺服器,在新硬碟上提供ftp所有的服務,本地賬號擁有自己的私有空間,限制為10M,同時在線用戶數量100,每用戶連接數2,本地速率1M/S,匿名100k/s,ftp伺服器只能在上班時間訪問(08-20:00).
配置磁碟配額
1.1格式化新盤
[root@mail ~]# fdisk –l --查看新硬碟的名稱
Disk /dev/sdb: 8589 MB, 8589934592 bytes
[root@mail ~]# fdisk /dev/sdb –--建新分區
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won't be recoverable.
The number of cylinders for this disk is set to 1044.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition's system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-1044, default 1): 1
Last cylinder or size or sizeM or sizeK (1-1044, default 1044): 1044
Command (m for help): p
Disk /dev/sdb: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 1044 8385898 83 Linux
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@mail ~]# mkfs -t ext3 /dev/sdb1
1.2.添加永久掛載
[root@mail ~]# mkdir /mnt/ftp
[root@mail ~]# vim /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-sda3 swap swap defaults 0 0
/dev/sdb1 /mnt/ftp auto defaults,usrquota 0 0
[root@mail ~]# mount -a --或者重啟
[root@mail ~]# mount
/dev/sda2 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sda1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
/dev/sdb1 on /mnt/ftp type ext3 (rw,usrquota)
1.3.檢查配額
[root@mail ~]# quotacheck -augvc
quotacheck: Scanning /dev/sdb1 [/mnt/ftp] quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Old group file not found. Usage will not be substracted.
done
quotacheck: Checked 3 directories and 2 files
quotacheck: Old file not found.
[root@mail ~]# cd /mnt/ftp
[root@mail ftp]# ll
total 24
-rw------- 1 root root 6144 Aug 29 09:25 aquota.user
drwx------ 2 root root 16384 Aug 29 09:22 lost found
1.4.配額應用
[root@mail ftp]# edquota -u user1
Disk quotas for user user1 (uid 501):
Filesystem blocks soft hard inodes soft hard
/dev/sdb1 0 10000 10000 0
0 0
[root@mail ftp]# edquota -p user1 user2
[root@mail ftp]# edquota -u user2
Disk quotas for user user2 (uid 502):
Filesystem blocks soft hard inodes soft hard
/dev/sdb1 15572 10000 10000 36 0 0
1.5.啟用配額
[root@mail ftp]# quotaon /dev/sdb1
開機啟動選項
[root@mail ftp]# vim /etc/rc.d/rc.local
touch /var/lock/subsys/local
quotaon /dev/sdb1
ftp伺服器的配置
2.1.創建ftp的公共目錄和新的家目錄
[root@mail ftp]# pwd
/mnt/ftp
[root@mail ftp]# mkdir public
[root@mail ftp]# cd public/
[root@mail public]# touch test1
[root@mail public]# touch test2
[root@mail ftp]# pwd
/mnt/ftp
[root@mail ftp]# mkdir home
移動用戶家目錄
[root@mail home]# ll /home
total 20
drwx------ 3 redhat redhat 4096 Aug 27 14:35 redhat
drwx------ 4 user1 user1 4096 Aug 27 21:02 user1
drwx------ 4 user2 user2 4096 Aug 27 21:29 user2
drwx------ 3 user3 user3 4096 Aug 28 01:28 user3
[root@mail home]# mv * /mnt/ftp/home
2.2更改已有本地用戶的目錄
[root@mail home]# vim /etc/passwd
user1:x:501:501::/mnt/ftp/home/user1:/bin/bash
user2:x:502:502::/mnt/ftp/home/user2:/bin/bash
apache:x:48:48:Apache:/var/www:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
user3:x:503:503::/mnt/ftp/home/user3:/bin/bash
"/etc/passwd" 41L, 1902C written
2.3.新建本地用戶更改目錄
[root@mail home]# useradd -D -b /mnt/ftp/home
[root@mail home]# useradd user4 --新建用戶家目錄存放在新盤上
[root@mail home]# passwd user4
[root@mail ~]# grep user /etc/passwd
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
user1:x:501:501::/mnt/ftp/home/user1:/bin/bash
user2:x:502:502::/mnt/ftp/home/user2:/bin/bash
user3:x:503:503::/mnt/ftp/home/user3:/bin/bash
user4:x:504:504::/mnt/ftp/home/user4:/bin/bash
[root@mail ~]#
2.4.更改匿名用戶登錄目錄
[root@mail home]# vim /etc/vsftpd/vsftpd.conf
115 anon_root=/mnt/ftp/public
[root@mail home]# service vsftpd restart
2.5.配額的使用
[root@mail home]# dd if=/dev/zero of=f2 bs=1M count=5
5 0 records in
5 0 records out
5242880 bytes (5.2 MB) copied, 0.0430487 seconds, 122 MB/s
[root@mail home]# ll -h
total 5.1M
-rw-r--r-- 1 root root 5.0M Aug 29 09:47 f2
測試:
[root@mail home]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): user1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> !dir
f4
ftp> put f4
local: f4 remote: f4
227 Entering Passive Mode (127,0,0,1,194,201)
150 Ok to send data.
226 File receive OK.
5242880 bytes sent in 0.018 seconds (2.8e 05 Kbytes/s)
ftp> bye
221 Goodbye.
[root@mail home]# mv f4 f3
[root@mail home]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): user1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> !dir
f3
ftp> put f3
local: f3 remote: f3
227 Entering Passive Mode (127,0,0,1,143,97)
150 Ok to send data.
451 Failure writing to local file.
ftp> bye
221 Goodbye.
[root@mail home]# quota user1
Disk quotas for user user1 (uid 501):
Filesystem blocks quota limit grace files quota limit grace
/dev/sdb1 10000* 10000 10000 30 0 0
[root@mail home]#
2.6.用戶訪問ftp的限制
[root@mail ~]# vim /etc/vsftpd/vsftpd.conf
115 anon_root=/mnt/ftp/public --匿名用戶訪問ftp的目錄
116 max_clients=100 --最大用戶連接數100
117 max_per_ip=2 --用戶主機最大連接數是2
118 local_max_rate=1000000 --本地速率1m/s
119 anon_max_rate=100000 --匿名用戶100k/s
"/etc/vsftpd/vsftpd.conf" 122L, 4532C written
[root@mail ~]# service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@mail ~]#
ftp限制測試
3.1本地用戶速率測試
[root@mail home]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): user2
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir
227 Entering Passive Mode (127,0,0,1,118,191)
150 Here comes the directory listing.
-rw-r--r-- 1 502 502 0 Aug 29 02:13 f2
-rw-r--r-- 1 502 502 5242880 Aug 29 01:57 f3
-rw-r--r-- 1 502 502 5242880 Aug 29 01:58 f4
drwx------ 4 502 502 4096 Aug 27 14:42 mail
-rw------- 1 502 502 3283 Aug 27 12:22 mbox
226 Directory send OK.
ftp> get f3
local: f3 remote: f3
227 Entering Passive Mode (127,0,0,1,125,50)
150 Opening BINARY mode data connection for f3 (5242880 bytes).
226 File send OK.
5242880 bytes received in 5.3 seconds (9.7e 02 Kbytes/s)
ftp>
3.2匿名用戶測試
[root@mail ~]# dd if=/dev/zero of=file bs=1M count=5
5 0 records in
5 0 records out
5242880 bytes (5.2 MB) copied, 0.0371746 seconds, 141 MB/s
[root@mail ~]# cp -p file /mnt/ftp/public/
[root@mail ~]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> !dir
anaconda-ks.cfg Desktop file install.log install.log.syslog mbox
ftp> die
?Invalid command
ftp> dir
227 Entering Passive Mode (127,0,0,1,23,254)
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 5242880 Aug 29 02:38 file
-rw-r--r-- 1 0 0 0 Aug 29 01:29 test1
-rw-r--r-- 1 0 0 0 Aug 29 01:29 test2
226 Directory send OK.
ftp> get file
local: file remote: file
227 Entering Passive Mode (127,0,0,1,252,141)
150 Opening BINARY mode data connection for file (5242880 bytes).
226 File send OK.
5242880 bytes received in 52 seconds (99 Kbytes/s)
ftp>
3.3用戶連接數測試
超級守護進程
通過守護進程限制訪問ftp的時間
[root@mail xinetd.d]# vim /etc/vsftpd/vsftpd.conf
109 listen=no
[root@mail xinetd.d]# pwd
/etc/xinetd.d
[root@mail xinetd.d]# cp tftp vsftp
[root@mail xinetd.d]# vim /etc/xinetd.d/vsftpd
service ftp
{
id =vsftpd
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/vsftpd
server_args = /etc/vsftpd/vsftpd.conf
disable = no
accesss_times =8:00-20:00
}
[root@mail xinetd.d]# service vsftpd restart
Shutting down vsftpd: [FAILED]
Starting vsftpd for vsftpd: 500 OOPS: vsftpd: not configured for standalone, must be started from inetd
[FAILED]
[root@mail xinetd.d]# service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@mail xinetd.d]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 Welcome to lwy's FTP service.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): user1
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.
本文出自 「一抹茶色陽光」 博客,請務必保留此出處http://sweetsingle.blog.51cto.com/3429592/742195
[火星人 ] linux-vsftp磁碟配額管理已經有720次圍觀