脚本内容
#!/bin/bash
vsftpd_port=21
guestuser=ftp
config_dir=/etc/vsftpd
user_config=${config_dir}/user_config
auth_file=${user_config}/auth
check_install() {
vsftpd_process=$(ps -ef |egrep -v "grep|$(echo $0)" |grep vsftpd|wc -l)
if [ ${vsftpd_process} -ge 1 ];then
echo "Vsftpd already running, please stop it first"
exit
fi
if [[ $(rpm -qa|grep vsftpd-[1-9]|wc -l) -ge 1 ]];then
read -p "vsftpd already installed, do you want to reset it?(Yes/No): " install_select
case ${install_select} in
Y|y|yes)
install_choose=reset
;;
N|n|no)
exit 0;
;;
*)
echo "please input: y/n or yes/no"
esac
else
install_choose=new
fi
}
install_vsftpd() {
echo -e "---------------------------> Install Vsftpd <------------------------------"
if [ "${install_choose}" == "reset" ];then
ls ${config_dir}/vsftpd.conf >> /dev/null 2>&1 && mv ${config_dir}/vsftpd.conf ${config_dir}/vsftpd.conf.bak.$(date '+%Y%m%d')
yum -y remove vsftpd >> /dev/null 2>&1 && echo "Remove Vsftpd completed" || echo "Remove Vsftpd failed"
yum -y install vsftpd libdb-utils >> /dev/null 2>&1 && echo "Install Vsftpd completed" || echo "Install Vsftpd failed"
systemctl restart vsftpd >> /dev/null 2>&1 && echo "Restart Vsftpd completed" || echo "Restart Vsftpd failed"
else
yum -y install vsftpd libdb-utils >> /dev/null 2>&1 && echo "Install Vsftpd completed" || echo "Install Vsftpd failed"
systemctl restart vsftpd >> /dev/null 2>&1 && echo "Start Vsftpd completed" || echo "Start Vsftpd failed"
fi
echo -e "---------------------------------> Done <------------------------------------\n"
}
config_vsftpd() {
ls ${user_config} >> /dev/null 2>&1 || mkdir ${user_config}
cd ${config_dir}
cp vsftpd.conf vsftpd.conf.bak
sed -i "s/anonymous_enable=.*$/anonymous_enable=NO/g" ${config_dir}/vsftpd.conf
sed -i "/connect_from_port_20=YES/ a \listen_port=${vsftpd_port}" ${config_dir}/vsftpd.conf
sed -i "s/^.*chroot_local_user=.*$/chroot_local_user=YES/g" ${config_dir}/vsftpd.conf
sed -i "s/^.*chroot_list_enable=.*$/chroot_list_enable=NO/g" ${config_dir}/vsftpd.conf
sed -i "s:^.*xferlog_file=.*$:xferlog_file=/var/log/vsftpd.log:g" ${config_dir}/vsftpd.conf
sed -i "/^.*listen_ipv6=.*$/ a \guest_enable=YES" ${config_dir}/vsftpd.conf
sed -i "/^.*guest_enable=YES.*$/ a \guest_username=${guestuser}" ${config_dir}/vsftpd.conf
sed -i "/^.*guest_username=${guestuser}.*$/ a \user_config_dir=${user_config}" ${config_dir}/vsftpd.conf
echo -e "\nreverse_lookup_enable=NO""" >> ${config_dir}/vsftpd.conf
echo -e "pasv_enable=YES\npasv_min_port=50000\npasv_max_port=50100" >> ${config_dir}/vsftpd.conf
echo -e "allow_writeable_chroot=YES" >> ${config_dir}/vsftpd.conf
sed -i '/^$/d' ${config_dir}/vsftpd.conf
sed -i '/^#/d' ${config_dir}/vsftpd.conf
pamfile=$(grep pam_service_name ${config_dir}/vsftpd.conf | awk -F"=" '{print $2}')
if [ -n "${pamfile}" ];then
ls /etc/pam.d/${pamfile} >> /dev/null 2>&1 && mv /etc/pam.d/${pamfile} /etc/pam.d/${pamfile}.bak
cat > /etc/pam.d/${pamfile} << END
auth required /lib64/security/pam_userdb.so db=${auth_file}
account required /lib64/security/pam_userdb.so db=${auth_file}
END
fi
}
user_info() {
while true;
do
read -p "Please input ftp username(don't use system user): " username
if [ ${#username} == 0 ];then
echo -e "Username can not be empty"
continue;
elif [ -n "$(grep -w ${username} /etc/vsftpd/user_list)" ];then
echo "Can't use system user"
continue;
else
break;
fi
done
while true;
do
read -p "Please input password(Can't empty): " password
if [ ${#username} == 0 ];then
echo -e "Password can't empty"
continue;
elif (( ${#password} <= 3 ));then
echo "password must be more then 3 characters"
continue;
else
break;
fi
done
while true;
do
read -p "Input ftp path(default path: /data/FTP): " data_dir
if [ ${#data_dir} == 0 ];then
data_dir=/data/FTP
break;
elif [ "${data_dir:0:1}" != '/' ];then
echo "Please use absolute path"
continue;
elif [ "${data_dir:0:1}" == '/' ];then
break;
fi
done
}
user_add() {
if [[ -z "${username}" ]] || [[ -z "${password}" ]] || [[ -z "${data_dir}" ]];then
echo "Incomplete parameters, the script exits"
break;
fi
user_access() {
cat << END
local_root=
write_enable=YES
download_enable=Yes
local_umask=022
anonymous_enable=NO
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
END
}
db_file=$(awk '/db=/' /etc/pam.d/$(grep pam_service_name ${config_dir}/vsftpd.conf|awk -F"=" '{print $2}') |awk -F"=" '{print $2}'|uniq)
user_config=$(awk /user_config_dir/ ${config_dir}/vsftpd.conf|awk -F"=" '{print $2}')
cd ${user_config};
user_access >> ${username}
cat >> $auth_file <<END
$username
$password
END
if [ $? -eq 0 ];then
echo "Create access file complate"
else
echo "Create access file complate"
fi
sed -i "s:local_root=.*$:local_root=${data_dir}:g" ${user_config}/${username}
ls ${data_dir} >> /dev/null 2>&1 || mkdir -p ${data_dir} && chown $guestuser.$guestuser ${data_dir} -R && echo "Create user directory complate" || echo "Create user directory failed"
if [ ! -f ${auth_file}.db ];then
vsftpd_restart=yes
fi
db_load -T -t hash -f ${auth_file} ${db_file}.db && echo "Generate the db file" || echo "Generate the db file failed"
if [ "${vsftpd_restart}" == "yes" ];then
systemctl restart vsftpd >> /dev/null 2>&1 && echo "Restart Vsftpd completed" || echo "Restart Vsftpd failed"
fi
if [ $? -eq 0 ];then
echo -e "\n\033[32m ------------------------> Add user information <------------------------\033[0m"
echo -e "\033[31m username: $username \033[0m"
echo -e "\033[31m password: $password \033[0m"
echo -e "\033[31m ftp_port: $(grep -e "listen_port=.*$" ${config_dir}/vsftpd.conf|awk -F"=" '{print $2}') \033[0m"
echo -e "\033[31m user_dir: ${data_dir} \033[0m"
echo -e "\033[31m 如无法登录,请检查防火墙和SElinux配置 \033[0m"
echo -e "\033[32m ------------------------------> Done <---------------------------------\033[0m"
else
echo "vsftpd 启动失败,请手动检查配置"
fi
}
user_del() {
if [ ! -f ${auth_file} ];then
echo "auth file not found, exit..."
exit 1;
fi
db_file=$(awk '/db=/' /etc/pam.d/$(grep pam_service_name ${config_dir}/vsftpd.conf|awk -F"=" '{print $2}') |awk -F"=" '{print $2}'|uniq)
user_config=$(awk /user_config_dir/ ${config_dir}/vsftpd.conf|awk -F"=" '{print $2}')
while true;
do
cat ${auth_file} |awk 'NR%2'|nl
read -p "Please select a user number: " user_choose_num
if [ ${#user_choose_num} == 0 ]; then
echo -e "\033[31;1mEmpty option, task terminated\033[0m"
continue;
fi
if [[ "$user_choose_num" == "q" ]] || [[ "$user_choose_num" == "quit" ]] || [[ "$user_choose_num" == "Q" ]] || [[ "$user_choose_num" == "Quit" ]]; then
break;
fi
username=$(cat ${auth_file}|awk 'NR%2'|sed -n "${user_choose_num}p")
if [ ! -n "$username" ]; then
echo -e "\033[31;1mInvalid option, Please enter the correct number\033[0m"
continue;
fi
user_list_num=$(nl ${auth_file}|awk 'NR%2'| grep -w ${username}| awk '{print $1}')
echo -e "User directory: $(awk /local_root/ ${user_config}/${username} |awk -F"=" '{print $2}')"
read -p "Do you want to delete user directory? Yes/No: " del_dir_choose
case ${del_dir_choose} in
Yes|Y|yes|y)
echo -e "\033[32m ------------------------> Delete user information <------------------------\033[0m"
rm -rf $(awk /local_root/ ${user_config}/${username} |awk -F"=" '{print $2}') && echo "User directory delete completed" || echo "User directory delete failed"
;;
No|N|no|n)
echo "User Directory Reservation"
;;
0|q|Q|quit|Quit|exit)
continue;
;;
*)
echo "Unsupported options, please enter the correct option"
continue;
;;
esac
if [[ -n "${user_config}" ]] && [[ -n "${auth_file}" ]] && [[ -n "${user_list_num}" ]] && [[ -n "${username}" ]];then
sed -i "$((${user_list_num}+1))d" ${auth_file} && echo "User authentication has been deleted" || echo "User authentication deleted failed"
sed -i "${user_list_num}d" ${auth_file} && echo "User password has been deleted" || echo "User password deleted failed"
rm -f ${user_config}/${username} && echo "User configuration file has been deleted" || echo "User configuration file deleted failed"
db_load -T -t hash -f ${auth_file} ${db_file}.db && echo "Regenerate the db file" || echo "Regenerate the db file failed"
echo -e "\033[32m ---------------------------------> Done <----------------------------------\033[0m"
fi
done
}
while true;
do
echo -e "[1]. Install Vsftpd\n[2]. Add ftp user\n[3]. Delete ftp user\n[0]. Quit"
read -p "Please enter options: " choose
case $choose in
1)
check_install
install_vsftpd
config_vsftpd
;;
2)
user_info
user_add
;;
3)
user_del
;;
0|q|Q|quit|Quit|exit)
exit 0;
;;
*)
echo "Unsupported options, please enter the correct option"
continue;
;;
esac
done