Skip to content

Commit

Permalink
Add VSFTPD issue #116
Browse files Browse the repository at this point in the history
  • Loading branch information
@joglomedia
joglomedia committed Dec 4, 2021
1 parent b146585 commit 889d152
Show file tree
Hide file tree
Showing 2 changed files with 323 additions and 0 deletions.
229 changes: 229 additions & 0 deletions scripts/install_vsftpd.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,229 @@
#!/usr/bin/env bash

# VSFTPD Installer
# Min. Requirement : GNU/Linux Ubuntu 18.04
# Last Build : 24/10/2021
# Author : MasEDI.Net (me@masedi.net)
# Since Version : 1.0.0

# Include helper functions.
if [[ "$(type -t run)" != "function" ]]; then
BASE_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
# shellcheck disable=SC1091
. "${BASE_DIR}/helper.sh"
fi

# Make sure only root can run this installer script.
requires_root

DISTRIB_NAME=${DISTRIB_NAME:-$(get_distrib_name)}
RELEASE_NAME=${RELEASE_NAME:-$(get_release_name)}

##
# Install Vsftpd.
##
function init_vsftpd_install() {
local SELECTED_INSTALLER=""

if [[ "${AUTO_INSTALL}" == true ]]; then
if [[ "${INSTALL_VSFTPD}" == true ]]; then
DO_INSTALL_VSFTPD="y"
SELECTED_INSTALLER=${VSFTPD_INSTALLER:-"repo"}
else
DO_INSTALL_VSFTPD="n"
fi
else
while [[ "${DO_INSTALL_VSFTPD}" != "y" && "${DO_INSTALL_VSFTPD}" != "n" ]]; do
read -rp "Do you want to install FTP server (VSFTPD)? [y/n]: " -i y -e DO_INSTALL_VSFTPD
done
fi

if [[ ${DO_INSTALL_VSFTPD} == y* || ${DO_INSTALL_VSFTPD} == Y* ]]; then
echo "Available VSFTPD installation method:"
echo " 1). Install from Repository (repo)"
echo " 2). Compile from Source (source)"
echo "--------------------------------"

while [[ ${SELECTED_INSTALLER} != "1" && ${SELECTED_INSTALLER} != "2" && ${SELECTED_INSTALLER} != "none" && \
${SELECTED_INSTALLER} != "repo" && ${SELECTED_INSTALLER} != "source" ]]; do
read -rp "Select an option [1-2]: " -e SELECTED_INSTALLER
done

case "${SELECTED_INSTALLER}" in
1 | "repo")
echo "Installing FTP server (VSFTPD) from repository..."
run apt-get install -qq -y vsftpd

# Backup original config.
run cp /etc/vsftpd.conf /etc/vsftpd.conf.backup
;;
2 | "source")
echo "Installing FTP server (VSFTPD) from source..."

#https://www.linuxfromscratch.org/blfs/view/svn/server/vsftpd.html

# Install libraries.
case "${DISTRIB_NAME}" in
"debian")
case "${RELEASE_NAME}" in
"stretch")
run apt-get install -qq -y libpam0g libpam0g-dev libcapi20-3 libcapi20-dev \
libcap-dev libcap2 libtirpc-common libtirpc-dev libtirpc1
;;
"buster" | "bullseye")
run apt-get install -qq -y libpam0g libpam0g-dev libcapi20-3 libcapi20-dev \
libcap-dev libcap2 libtirpc-common libtirpc-dev libtirpc3
;;
*)
fail "Unsupported Debian release: ${RELEASE_NAME^}."
;;
esac
;;
"ubuntu")
case "${RELEASE_NAME}" in
"bionic")
run apt-get install -qq -y libpam0g libpam0g-dev libcapi20-3 libcapi20-dev \
libcap-dev libcap2 libtirpc-dev libtirpc1
;;
"focal")
run apt-get install -qq -y libpam0g libpam0g-dev libcapi20-3 libcapi20-dev \
libcap-dev libcap2 libtirpc-common libtirpc-dev libtirpc3
;;
*)
fail "Unsupported Ubuntu release: ${RELEASE_NAME^}."
;;
esac
;;
*)
fail "Unsupported OS distribution: ${DISTRIB_NAME^}."
;;
esac

# Fix error: sysdeputil.o: In function `vsf_sysdep_has_capabilities'
LIB_GNU_DIR="/lib/${ARCH}-linux-gnu"

if [[ "${ARCH}" == "x86_64" ]]; then
LIB_DIR="/lib64"
else
LIB_DIR="/lib"
fi

if [[ -f "${LIB_GNU_DIR}/libcap.so.2" ]]; then
run ln -s "${LIB_GNU_DIR}/libcap.so.2" "${LIB_DIR}/libcap.so"
elif [[ -f "${LIB_GNU_DIR}/libcap.so.1" ]]; then
run ln -s "${LIB_GNU_DIR}/libcap.so.1" "${LIB_DIR}/libcap.so"
elif [[ -f "${LIB_GNU_DIR}/libcap.so" ]]; then
run ln -s "${LIB_GNU_DIR}/libcap.so" "${LIB_DIR}/libcap.so"
else
error "Cannot find libcap.so file."
fi

local CURRENT_DIR && \
CURRENT_DIR=$(pwd)

if [[ "${VSFTPD_VERSION}" == "latest" ]]; then
VSFTPD_FILENAME="vsftpd-3.0.5.tar.gz"
VSFTPD_ZIP_URL="https://security.appspot.com/downloads/${VSFTPD_FILENAME}"
else
VSFTPD_FILENAME="vsftpd-${VSFTPD_VERSION}.tar.gz"
VSFTPD_ZIP_URL="https://security.appspot.com/downloads/${VSFTPD_FILENAME}"
fi

run cd "${BUILD_DIR}" && \
run wget "${VSFTPD_ZIP_URL}" -q --show-progress && \
run tar -zxf "${VSFTPD_FILENAME}" && \
run cd vsftpd-*/ && \
run make && \
run make install && \
run ldconfig /usr/local/lib && \
run cd "${CURRENT_DIR}" || return 1
;;
*)
# Skip installation.
error "Installer method not supported. VSFTPD installation skipped."
;;
esac

# Configure Fal2ban.
echo "Configuring FTP server (VSFTPD)..."

if [[ "${DRYRUN}" != true ]]; then
# Backup default vsftpd conf.
[[ -f /etc/vsftpd.conf ]] && \
run mv /etc/vsftpd.conf /etc/vsftpd.conf.bak

run touch /etc/vsftpd.conf

# Enable jail
cat > /etc/vsftpd.conf <<EOL
listen=NO
listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
allow_writeable_chroot=YES
pam_service_name=vsftpd
force_dot_files=YES
pasv_enable=YES
pasv_min_port=40000
pasv_max_port=50000
user_sub_token=$USER
local_root=/home/$USER
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=Yes
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
ssl_ciphers=HIGH
require_ssl_reuse=NO
EOL
fi

# Add systemd service.
[[ ! -f /lib/systemd/system/vsftpd.service ]] && \
run cp etc/systemd/vsftpd.service /lib/systemd/system/vsftpd.service
[[ ! -f /etc/systemd/system/multi-user.target.wants/vsftpd.service ]] && \
run ln -s /lib/systemd/system/vsftpd.service /etc/systemd/system/multi-user.target.wants/vsftpd.service

# Restart Fail2ban daemon.
echo "Restarting FTP server (VSFTPD)..."
run systemctl unmask vsftpd
run systemctl restart vsftpd

if [[ "${DRYRUN}" != true ]]; then
if [[ $(pgrep -c vsftpd) -gt 0 ]]; then
success "FTP server (VSFTPD) started successfully."
else
info "Something went wrong with FTP server installation."
fi
else
info "FTP server (VSFTPD) installed in dry run mode."
fi
else
info "FTP server (VSFTPD) installation skipped."
fi
}

echo "[FTP Server (VSFTPD) Installation]"

# Start running things from a call at the end so if this script is executed
# after a partial download it doesn't do anything.
if [[ -n $(command -v vsftpd) ]]; then
info "FTP Server (VSFTPD) already exists. Installation skipped..."
else
init_vsftpd_install "$@"
fi
94 changes: 94 additions & 0 deletions scripts/remove_vsftpd.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
#!/usr/bin/env bash

# VSFTPD Uninstaller
# Min. Requirement : GNU/Linux Ubuntu 18.04
# Last Build : 24/10/2021
# Author : MasEDI.Net (me@masedi.net)
# Since Version : 2.5.0

# Include helper functions.
if [[ "$(type -t run)" != "function" ]]; then
BASE_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
# shellcheck disable=SC1091
. "${BASE_DIR}/helper.sh"
fi

# Make sure only root can run this installer script.
requires_root

function init_vsftpd_removal() {
# Stop VSFTPD process.
if [[ $(pgrep -c vsftpd) -gt 0 ]]; then
run systemctl stop vsftpd
fi

if dpkg-query -l | awk '/vsftpd/ { print $2 }' | grep -qwE "^vsftpd$"; then
echo "Found FTP server (VSFTPD) package installation. Removing..."
run apt-get remove --purge -qq -y vsftpd
else
info "FTP server (VSFTPD) package not found, possibly installed from source."
echo "Remove it manually!!"

VSFTPD_BIN=$(command -v vsftpd)
echo "Deleting vsftpd binary executable: ${VSFTPD_BIN}"

[[ -x "${VSFTPD_BIN}" ]] && run rm -f "${VSFTPD_BIN}"
fi

[[ -f /etc/systemd/system/multi-user.target.wants/vsftpd.service ]] && \
run unlink /etc/systemd/system/multi-user.target.wants/vsftpd.service
[[ -f /lib/systemd/system/vsftpd.service ]] && run rm /lib/systemd/system/vsftpd.service

# Remove VSFTPD config files.
echo "Removing FTP server (VSFTPD) configuration..."
warning "!! This action is not reversible !!"

if [[ "${AUTO_REMOVE}" == true ]]; then
if [[ "${FORCE_REMOVE}" == true ]]; then
REMOVE_VSFTPD_CONFIG="y"
else
REMOVE_VSFTPD_CONFIG="n"
fi
else
while [[ "${REMOVE_VSFTPD_CONFIG}" != "y" && "${REMOVE_VSFTPD_CONFIG}" != "n" ]]; do
read -rp "Remove FTP server (VSFTPD) configuration files? [y/n]: " -e REMOVE_VSFTPD_CONFIG
done
fi

if [[ "${REMOVE_VSFTPD_CONFIG}" == y* || "${REMOVE_VSFTPD_CONFIG}" == Y* ]]; then
[[ -f /etc/vsftpd.conf ]] && run rm -f /etc/vsftpd.conf
[[ -f /etc/vsftpd.conf.bak ]] && run rm -f /etc/vsftpd.conf.bak
echo "All configuration files deleted permanently."
fi

# Final test.
if [[ "${DRYRUN}" != true ]]; then
if [[ -z $(command -v vsftpd) ]]; then
success "FTP server (VSFTPD) removed succesfully."
else
info "Unable to remove FTP server (VSFTPD)."
fi
else
info "FTP server (VSFTPD) server removed in dry run mode."
fi
}

echo "Uninstalling FTP server (VSFTPD)..."

if [[ -n $(command -v vsftpd) ]]; then
if [[ "${AUTO_REMOVE}" == true ]]; then
REMOVE_VSFTPD="y"
else
while [[ "${REMOVE_VSFTPD}" != "y" && "${REMOVE_VSFTPD}" != "n" ]]; do
read -rp "Are you sure to remove FTP server (VSFTPD)? [y/n]: " -e REMOVE_VSFTPD
done
fi

if [[ "${REMOVE_VSFTPD}" == y* || "${REMOVE_VSFTPD}" == Y* ]]; then
init_vsftpd_removal "$@"
else
echo "Found FTP server (VSFTPD), but not removed."
fi
else
info "Oops, FTP server (VSFTPD) installation not found."
fi

0 comments on commit 889d152

Please sign in to comment.