Standalone ProFTPD

Situation: We are running ProFTPD as the FTP daemon on our Solaris 7 anonymous FTP server. ProFTPD is currently servicing FTP requests via the inetd "superserver." Since we have no other services using "inetd" on this machine, we will configure ProFTPD to be run in "standalone" mode instead. The standalone configuration can more efficiently service periods of heavy anonymous FTP requests, and we will not have to be concerned about future "inetd" exploits on this server.

1. Edit your ProFTPD configuration file.
vi /usr/local/etc/proftpd.conf

2. Change the following line in the configuration file:
From: ServerType inetd
To: ServerType standalone

3. Make sure to prepend a "#" to comment out the "ftp" line in /etc/inetd.conf:
#ftp stream tcp nowait root /usr/local/sbin/in.proftpd in.proftpd

4. Send the inetd process a HUP signal via kill -HUP `ps -ef | grep [i]netd | awk '{print $2}'` or similar command.

5. Create a ProFTPD startup/shutdown script in /etc/inetd.conf. Here is our /etc/init.d/proftpd script:

#!/bin/sh

case $1 in
'start' )
/usr/local/sbin/proftpd
;;
'stop' )
kill `ps -ef | grep proftpd | grep -v grep | awk '{print $2}'` > /dev/null 2>&1
;;
*)
echo "usage: $0 {start|stop}"
esac

6. Create symbolic links to execute the ProFTPD script during system startup/shutdown. In our case, we will start ProFTPD in run level 3, and shut it down in run level 1.

ln -s /etc/init.d/proftpd /etc/rc3.d/S99proftpd
ln -s /etc/init.d/proftpd /etc/rc1.d/K99proftpd

7. Start ProFTPD in standalone mode.
/etc/init.d/proftpd start

Back to brandonhutchinson.com.

Last modified: 04/18/2002