Monday, December 14, 2009

[Shell script] 自動開啟或關閉 vsftpd匿名登入機制

1 #!/bin/bash
2
3 vsftp_conf="/etc/vsftpd/vsftpd.conf"
4
5 if [ -f $vsftp_conf ]; then
6 if [ $# -ne 1 ]; then
7 echo "Parameters is not allow"
8 echo "usage: $0 on or $0 off"
9 exit 1
10 fi
11
12 case "$1" in
13 on) CMD='YES';;
14 off) CMD='NO';;
15 *)
16 echo "format error!"
17 exit 1
18 ;;
19 esac
20
21 if [ $CMD = 'YES' ]; then
22 sed 's/^.*anonymous_enable=.*/anonymous_enable=YES/' $vsftp_conf > /tmp/$$.vsftpd.conf
23 mv -f /tmp/$$.vsftpd.conf $vsftp_conf
24 /etc/init.d/vsftpd restart
25 else
26 sed 's/^.*anonymous_enable=.*/anonymous_enable=NO/' $vsftp_conf > /tmp/$$.vsftpd.conf
27 mv -f /tmp/$$.vsftpd.conf $vsftp_conf
28 /etc/init.d/vsftpd restart
29 fi
30 else echo "$vsftp_conf is not exist"
31 fi

說明:
列5 先判斷/etc/vsftpd/vsftpd.conf是否存在,若不存在則回報檔案不存在。(列30)
列6 判斷所傳入的引數是否為1個,若不是則回報錯誤並結束。 (列7~10)
列12-19 使用case,判斷是on, off或是格式有誤。
列21-24 若為on則設定anonymous_enable=YES,並重新啟動vsftpd。
列25-28 若為off則設定anonymous_enable=NO,並重新啟動vsftpd。

測試:
1. 允許匿名登入:
[root@centos bin]# ./vsftpd.sh on
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@centos bin]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): ftp
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

2. 不允許匿名登入:
[root@centos bin]# ./vsftpd.sh off
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@centos bin]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): ftp
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp>
References:

No comments: