Securing-Optimizing-RH-Linux-1_2_434
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
434
Compilation
Decompress the tarball (tar.gz).
[root@deep /]# cp wu-ftpd-version.tar.gz /var/tmp
[root@deep /]# cd /var/tmp
[root@deep tmp]# tar xzpf wu-ftpd-version.tar.gz
Compile and Optimize
Move into the new Wu-ftpd directory and type the following on your terminal:
Step 1
Edit the ftpcount.c file (vi +241 src/ftpcount.c) and change the line:
#if defined (LINUX)
To read:
#if defined (LINUX_BUT_NOT_REDHAT_6_0)
Step 2
Edit the pathnames.h.in file (vi +42 src/pathnames.h.in) and change the line:
#define _PATH_EXECPATH "/bin/ftp-exec"
To read:
#define _PATH_EXECPATH "/usr/bin/ftp-exec"
We change the /bin directory of ftp-exec to be under /usr/bin in Red Hat Linux.
Step 3
Type the following commands on your terminal to configure Wu-ftpd:
CC="egcs" \
CFLAGS="-O9 -funroll-loops -ffast-math -malign-double -mcpu=pentiumpro -march=pentiumpro -fomit-
frame-pointer -fno-exceptions" \
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--disable-dnsretry \
--enable-quota \
--enable-pam \
--disable-daemon \
--disable-newlines \
--disable-virtual \
--disable-plsm \
--disable-pasvip \
--disable-anonymous \
--enable-ls \
--enable-numericuid
This tells Wu-ftpd to set itself up for this particular hardware setup with:
- Don't retry failed DNS lookups to improve performance.
- Add QUOTA support for more security (only if your OS supports it).
- Add PAM support for more security.
- Don't allow running as standalone daemon to allow FTPD to be controlled by the TCP-Wrappers.
- Suppress some extra blank lines.
- Don't support virtual servers.