CentOS 5 FTP Setup (vsftpd)

Ref 1: http://www.linuxquestions.org/questions/fedora-35/vsftpd-error-553-could-not-create-file-390569
Ref 2: http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html

Disable SELinux on FTP, so that uploading works:
setsebool -P ftp_home_dir 1

Install the vsftpd package via yum command:
# yum install vsftpd

vsftpd Defaults

Default port: TCP / UDP - 21 and 20
The main configuration file: /etc/vsftpd/vsftpd.conf
Users that are not allowed to login via ftp: /etc/vsftpd/ftpusers

Configure Vsftpd Server

# vi /etc/vsftpd/vsftpd.conf

Turn off standard ftpd xferlog log format:
xferlog_std_format=NO
Turn on verbose vsftpd log format. The default vsftpd log file is /var/log/vsftpd.log:
log_ftp_protocol=YES
Above to directives will enable logging of all FTP transactions. Lock down users to their home directories:
chroot_local_user=YES
Create warning banners for all FTP users:
banner_file=/etc/vsftpd/issue
Turn on vsftpd on boot:
# chkconfig vsftpd on
Start the service:
# service vsftpd start
# netstat -tulpn | grep :21

Configure Iptables To Protect The FTP Server

# vi /etc/sysconfig/iptables
Add the following lines, ensuring that they appear before the final LOG and DROP lines for the RH-Firewall-1-INPUT:
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 21 -j ACCEPT
Open file /etc/sysconfig/iptables-config, enter:
# vi /etc/sysconfig/iptables-config
Ensure that the space-separated list of modules contains the FTP connection tracking module:
IPTABLES_MODULES="OTHER_MODULES ip_conntrack_ftp"
Save and close the file. Restart firewall:
# service iptables restart

Tip: View FTP Log File
Type the following command:
# tail -f /var/log/vsftpd.log

Tip: Restrict Access to Anonymous User Only
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
local_enable=NO

Tip: Disable FTP Uploads
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
write_enable=NO

For upload to work except for anonymous, you might need to:

• create a group, say ftpw
• change the ownership of /var/ftp and its subdirectories to group ftpw
• add ftpw group onto users with write privilege

CentOS on ThinkPad

Note:

• This is my memo for future reference. Hopefully it would be helpful to you, too.
• As of this writting, CentOS is 5.2, RHEL 5.3. Some 3rd party rpms are for the newer kernel, so be aware to choose the right one.

Hardware (main):

• Model: T61p 8889
• Intel Core2 Duo T8300
• NVidia Quadro FX 570M
• 2GiB RAM
• Intel PRO/Wireless 4965AG
• CentOS 5.1 i386 DVD

Installation:

1. CentOS 5.1 does not support this NVidia card, runs black screen if using graphic mode.
2. Switch to text mode (linux text). Proceed installation normally.
3. Reboot into CLI, login root.
4. Modify /etc/yum.repo.d/* to a fast mirror for update. (centos.ustc.edu.cn, enable 4 repos: os, updates, addons, extras).
5. adsl-setup to get ADSL connection to Internet.
6. yum update
7. vim /etc/inittab, set run level to 5.
8. Reboot to GDM, login root, add normal user, re-login user.
9. Lock all applets to panel, preventing accidental move.

<Status>

• It takes long to start udev at boot time.
• Default video driver runs sluggishly, CPU shares a high load.

Repositories:

1. Reference 1: wiki.centos.org
2. Reference 2: en.wikipedia.org
3. yum install yum-priorities
4. vim /etc/yum.repo.d/CentOS-Base.repo
5. Set to-be-protected entries to priority 1.
6. Install repo rpms for:
• RPMforge: apt.sw.be
• ATrpms: dl.atrpms.net
• EPEL: download.fedora.redhat.com
7. Add RPM Fusion as instructed on: rpmfusion.org

<Warning>

• Third party repositories may conflict with each other. yum-priorities doesn't work well for me.
• Better enable one 3rd-party repo at a time.

Video:

1. Reference: support.dell.com
2. Install nvidia-graphics from ATrpms.
3. Edit /boot/grub/menu.lst, remove kernel parameter rhgb. This can reduce boot time significantly.
4. Reboot.

<Status>

• GUI responds well. 3D works.
• Screen brightness Fn no longer display OSD, but functioning. (UPDATE: it works now, though I don't know what I've done to make it work.)

Sound:

1. Reference: bugzilla.redhat.com
2. No need to compile and apply the patch.
3. The ALSA kernel module and driver are not installed by default.
4. yum install alsa-kmdl-`uname -r` alsa-driver
5. Reboot.

<Status>

• Sound works.
• Boot time udev passes faster. (I forget it's after video or sound)

Wireless:

1. Reference: kbase.redhat.com
2. Install iwl4965-firmware from RPMforge.
3. Reboot.
4. Enable NetworkManager:

   chkconfig NetworkManager on
service NetworkManager start

5. edit /etc/sysconfig/network-scripts/ifcfg-wmaster*, set ONBOOT=no.

<Status>

• NetworkManager applet shows in system tray.
• Wireless works.

NTFS:

1. Reference: wiki.centos.org
2. In order to bring in minimum dependencies, install fuse from ATrpms, and fuse-ntfs-3g from RPMforge.
3. Add /dev/sda# /media/# ntfs-3g rw,umask=0000,defaults 0 0 to /etc/fstab.
4. Reboot.

Multimedia:

1. Enable repo RPMforge; disable all other 3rd-party repo.
2. yum install gstreamer-ugly gstreamer-bad
3. Find and install gstreamer-ffmpeg on rpm.pbone.net.
4. yum install ffmpeg
• Playable: mp3, wma/wmv, avi
5. Download and install RealPlayer from www.real.com.
6. Run RealPlayer, Tools > Preferences > Internet, uncheck all options.
• Playable: rm/rmvb
7. yum install flash-plugin; or download and install from get.adobe.com.

<Status>

• Now system basically runs as expected.

Optional software:

• From base:
• Asian language support
• pidgin
• gcc-c++
• gdb
• freeglut-devel
• From EPEL:
• java-1.6.0-openjdk, from EPEL. (RHEL 5.3 has it, so should CentOS 5.3 soon)
• From RPMforge:
• unrar
• p7zip
• gnochm
• gconf-editor
• amule
• deluge
• Games (RPMforge):
• wesnoth
• armagetronad

Amule:

1. Reference 1: forums.fedoraforum.org
2. Reference 2: www.amule.org
3. Start amule and get error:

amule: error while loading shared libraries: /usr/lib/libcryptopp.so.1: cannot restore segment prot after reloc: Permission denied

4. According to reference 1, it's SELinux denying the operation.
5. Solutions:
• System > Administration > Security Level and Firewall, tab SELinux, set as Permissive
• Or execute: chcon -t textrel_shlib_t /usr/lib/libcryptopp.so.1
6. Use server list: www.emule.org.cn.
7. According to reference 2, allowing KAD to pass firewall needs adding 3 ports (default settings) in Security Level and Firewall:
• 4662 TCP
• 4665 UDP
• 4672 UDP

Qt 4.5 rc1:

1. Reference: doc.trolltech.com
2. Qt is downloaded from www.qtsoftware.com.
3. Install dependent development libraries:
   • QtGui:
     • libXrender-devel
     • libXrandr-devel
     • libXcursor-devel
     • libXfixes-devel
     • libXinerama-devel
     • libXi-devel
     • libXt-devel
     • libXext-devel
     • libX11-devel
     • libSM-devel
     • libICE-devel
     • glib2-devel
   • QtOpenGL
     • mesa-libGLU-devel
   • QtDBus
     • dbus-devel
   • Other:
     • libXft-devel
     • libmng-devel
     • libpng-devel
     • fontconfig-devel
     • freetype-devel
     • libjpeg-devel
     • zlib-devel
     • openssl-devel
4. ./configure
5. make -i --jobs=2 (NOTE: sometimes -j could take up all 2GiB memory, use --jobs={your available cores} to come over)
6. sudo make -i -j install
7. Install QtCreator from ftp.trolltech.com
8. Some parts still don't work. (Use make -i to ignore errors)
   • QtTest with error
   • Phonon not enabled

<Parts still not functioning>

• Fingerprint Reader
• Active Protection System for Hard drive
• Intel Turbo Memory (?)
• Bluetooth is working, but with no GUI command entry.
• Not many power-saving options, it seems fan is running all the time.
• Suspend and hibernate don't work as expected.