#!/bin/bash ################################################# ## ## ## FTPsFTP ## ## installation script ## ## ## ################################################# # **** ftpsftp installation routine **** # **** configuration section **** giturl="http://git.gitorious.org/aec/ftpsftp.git" acclogfile="/var/log/ftpsftp_accounts.log" #changed logfile="/var/log/ftpsftp.log" #new configfile="/etc/ftpsftp.conf" #changed reporoot="/opt" #new # **** am i root? **** if [ "$(whoami)" != "root" ]; then echo echo "$USER, in order to do this you need to gain root privileges." echo exit 1; fi # **** uninstall **** if [ -z $1 ]; then : elif [ $1 = "--uninstall" ]; then # **** removing files **** rm -r $reporoot/ftpsftp rm $logfile rm $acclogfile rm $configfile rm /etc/vsftpd.chroot_list rm /usr/local/bin/ftpsftp rm /etc/fstab mv /etc/fstab_orig /etc/fstab rm cp /etc/vsftpd.conf mv /etc/vsftpd.conf_orig /etc/vsftpd.conf rm /etc/vsftpd.group_list rm cp /etc/pam.d/vsftpd mv /etc/pam.d/vsftpd_orig /etc/pam.d/vsftpd rm /etc/ssh/sshd_config mv /etc/ssh/sshd_config_orig /etc/ssh/sshd_config rm /etc/shells mv /etc/shells_orig /etc/shells # **** removing groups **** #delgroup $sftpgroup #delgroup $ftpgroup echo "info: everything except the system groups and the packages installed with apt successfully removed" fi # **** installing dependencies **** echo "info: trying to install dependencies via apt" apt-get update apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim # **** reading configuration from user **** echo "specify under which path the account home dirs should be stored (no tailing slash)" read accpath echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)" read quotamountpoint echo "specify the fqdn of your host" read acchost echo "specify a system group for your sftp users [default: sftpusers]" read sftpgroup if [ -z $sftpgroup ]; then sftpgroup="sftpusers" fi echo "specify a system group for your ftp users [default: ftpusers]" read ftpgroup if [ -z $ftpgroup ]; then ftpgroup="ftpusers" fi # **** creating needed directorys **** # just in case, they should be already there echo "info: creating directorys" mkdir -p /var/log mkdir -p $reporoot # **** creating configfiles and logfiles **** echo "info: creating configuration and log files" # creating chroot_list echo "$USER" > /etc/vsftpd.chroot_list # creating log files echo "type name pass quota reguester timestamp" > $acclogfile touch $logfile # create ftpsftp configuration file (default: /etc/ftpsftp/ftpsftp.conf) echo '## ftpsftp configuration file ## accpath="'$accpath'" # this should point to where your accounts should be located quotamountpoint="'$quotamountpoint'" # mount point for quota configuration acchost="'$acchost'" # the dns name where your sever is reachable sftpgroup="'$sftpgroup'" # system group ftpgroup="'$ftpgroup'" # system group trackrequester="1" # switch to 0 if you do not want to track the account requester logging="1" # set this to 0 if you do not want any logging ' > $configfile # **** cloning master branch of ftpsftp git repo **** echo "info: cloning files from git repository to /opt/ftpsftp" cd $reporoot git clone $giturl # **** set symlink for script in /usr/local/bin **** echo "info: creating symlink for script in /usr/local/bin" cd /usr/local/bin ln -s $reporoot/ftpsftp/ftpsftp.sh ftpsftp # **** configure quota **** echo "info: configuring quota in fstab for $quotamountpoint" cp /etc/fstab /etc/fstab_orig cat /etc/fstab | grep -v $quotamountpoint > /etc/~fstab storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}') sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab cat /etc/fstab | grep $quotamountpoint >> /etc/~fstab rm /etc/fstab && mv /etc/~fstab /etc/fstab umount $quotamountpoint mount -a /etc/init.d/quota restart # **** configure vsftp **** cp /etc/vsftpd.conf /etc/vsftpd.conf_orig #sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf # creating vsftpd.group_list (used by pam) addgroup $ftpgroup echo " $ftpgroup admin " > /etc/vsftpd.group_list # adding group list to pam.d cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd_orig sed '2 a auth required pam_listfile.so item=group sense=allow file=/etc/vsftpd.group_list onerr=fail' /etc/pam.d/vsftpd > /etc/pam.d/vsftpd_new rm /etc/pam.d/vsftpd && mv /etc/pam.d/vsftpd_new /etc/pam.d/vsftpd # restarting ftp service /etc/init.d/vsftpd restart # **** configure sshd **** echo "info: configuring ssh server" addgroup $sftpgroup cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config echo " ##### ssh configuration done by ftpsftp ############ AllowGroups admin $sftpgroup Match group sftpusers ChrootDirectory $accpath/sftp_accounts/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp " >> /etc/ssh/sshd_config /etc/init.d/ssh restart ## adding shells cp /etc/shells /etc/shells_orig echo " /bin/false /usr/lib/sftp-server " >> /etc/shells echo "you can now delete this script." echo "all you need is in $reporoot/ftpsftp, $configfile, $acclogfile and $logfile" echo 'everything should be set to create your first user. try "ftpsftp -a "' echo exit 0