RedHat4 Bugzilla4.0.3 安裝

這邊的安裝範例是RedHat4 + Apache + Bugzilla4.0.3
而Bugzilla 還需要用到Sendmail跟MySQL ,但這兩個已經有現程的，所以就不安裝這個部份，若有需要的人，那就請另外找找MySQL 跟sendmail 這套件的安裝吧

一、安裝Apache

1、首先檢查是否已經安裝了httpd服務

rpm -qa|grep httpd

沒有就安裝，如：rpm　-Uvh httpd-2.0.40-21.i386.rpm

2、啟動關閉httpd，命令

service httpd start/stop/restart...分別對應 啟動/停止/重啟     

3、配置：vi /etc/httpd/conf/httpd.conf  

找到 #AddHandler cgi-scrīpt .cgi 並將#符號取消

若沒有該行,就直接添加
於檔中任意地方加入以下設定

Alias /bugzilla/ "/var/www/bugzilla/"  
#“/var/www/bugzilla/” 就是你安裝bugzilla 的地方

＜Directory /var/www/bugzilla＞

  AddHandler cgi-script .cgi

  Options +Indexes +ExecCGI

  DirectoryIndex index.cgi

  AllowOverride All    #若為CGI模式〞這裡請設為All

＜/Directory＞

修改文中
"DirectoryIndex index.html" 在"index.html"前加入"index.cgi"

找到，DocumentRoot “/var/www/html”,將引號中的內容替換為bugzilla的安裝路徑，本例為 /var/www/bugzilla ，替換完結果為：

DocumentRoot "/root/bugzilla"

說明：指定Apache伺服器存放網頁的根目錄

二、安裝MSQL

1、mysql依賴於三個安裝包中，分別是:

MySQL-server-4.0.21-0.i386.rpm

MySQL-client-4.0.21-0.i386.rpm

MySQL-devel-4.0.21-0.i386.rpm

若MySQL 不在Bugzilla 主機,僅須安裝MySQL-devel及MySQL-client

2、查看mysql進程

ps-ef | grep mysql

配置及初始化

3、連接到mysql

mysql　-u　root

注意：初始安裝的MySQL，超級用戶沒有口令

4、設置口令，在mysql提示符下，輸入命令

set password for root=password("123456");

為root設置口令為123456 ，注意sql語句以”；”結束

設置後進入為:

mysql -u root -p

(輸入密碼)！

5、創建資料庫bugs

Create database bugs;

6、創建用戶bugs

GRANT ALL PRIVILEGES ON bugs.* TO 'bugs'@'%' IDENTIFIED BY 'bugs' WITH GRANT OPTION;

7.退出資料庫
exit 或 quit

三、安裝Perl（系統自帶不用安裝）

     perl –v 確認安裝的版本

四、安裝perl模組

＊＊＊網路自動安裝

1、           首先初始化perl的cpan：perl -MCPAN -e 'shell'

A、命令執行以後會進行一系列的配置，都有提示這一步是比較簡單的，一般一路按[Enter]就可以了，最後會選模組搜索伺服器，這個在大陸比較快（http://cpan.linuxforum.net/）把它選在前面就可以了。

B、cpan是Comprehensive Perl Archive Network的英文縮寫，一個巨大的網路資源庫。有了它後面安裝perl的模組會相對簡單一些。

      2、安裝bugzilla所需的perl模組

      必要模組：    

A.        CGI 2.93 or CGI 3.11 if using mod_perl

B.        Date::Format (2.21)

C.        DBI (1.41)

D.       DBD::mysql (2.9003) if using MySQL

E.        DBD::Pg (1.45) if using PostgreSQL

F.         File::Spec (0.84)

G.       Template (2.12)

H.       Email::Send (2.00)

I.          Email::MIME::Modifier (any)

其中DBD因為這個模組需要先安裝mysql，其他模組均可安裝

     可選模組:

A.        GD (1.20) for bug charting

B.        Template::Plugin::GD::Image (1.20) for Graphical Reports

C.        Chart::Base (1.0) for bug charting

D.       GD::Graph (any) for bug charting

E.        GD::Text (any) for bug charting

F.         XML::Twig (any) for bug import/export

G.       MIME::Parser (5.406) for bug import/export

H.       LWP::UserAgent (any) for Automatic Update Notifications

I.          PatchReader (0.9.4) for pretty HTML view of patches

J.          Image::Magick (any) for converting BMP image attachments to PNG

K.        Net::LDAP (any) for LDAP Authentication

L.         SOAP::Lite (any) for the web service interface

M.      HTML::Parser (3.40) for More HTML in Product/Group escrīptions

N.       HTML::Scrubber (any) for More HTML in Product/Group Descrīptions

O.       Email::MIME::Attachment::Stripper (any) for Inbound Email

P.        Email::Reply (any) for Inbound Email

Q.       mod_perl2 (1.999022) for mod_perl

R.        CGI (2.93) for mod_perl

S.        Apache::DBI (0.96) for mod_perl2

不過，別急～ perl提供了很簡便的模組安裝方式：
(單模組安裝方式)perl -MCPAN -e 'install 模組名'或用cpan：perl -MCPAN -e 'shell'連上後，鍵入:install xxx 。

(批量安裝方式)比如安裝bugzilla的模組，執行這個命令就可以了：

perl -MCPAN -e 'install "Bundle::Bugzilla"' 。

（上面個命令是將所有模組一起裝，還可以將各模組分開裝，比如:perl -MCPAN -e 'install GD::Graph”'）。

＊＊＊＊＊＊手動下載安裝

先要到網上把bugzilla所需的模組都下下來（http://download.chinaunix.net）然後分別解壓，安裝就OK了。perl模組的安裝稍微有點不同。

./configure換成perl Makefile.PL 後面一樣了make  make test(可選)  然後 make install

五、安裝sendmail
      略....

六、安裝bugzilla

1、下載源碼包：http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-2.22.2.tar.gz

      2、解包：tar zxvf bugzilla-2*

      3、配置：mkdir /var/www/bugzilla    (創建bugzilla目錄

cd bugzilla

mv * /var/www/bugzilla    （移動bugzilla檔到apache服務目錄）

/var/www/bugzilla/checksetup.pl (檢查安裝，如果上一步的perl模組沒有裝好，這裏會提示)

[必須安裝套件,需在bugzilla 目錄中進行下安裝]

COMMANDS TO INSTALL REQUIRED MODULES (You *must* run all these commandsand then re-run this script):

    /usr/bin/perl install-module.pl Digest::SHA

    /usr/bin/perl install-module.pl DateTime

    /usr/bin/perl install-module.pl DateTime::TimeZone

    /usr/bin/perl install-module.pl Email::Send

    /usr/bin/perl install-module.pl Email::MIME

    /usr/bin/perl install-module.pl List::MoreUtils   

/var/www/bugzilla/checksetup.pl  再次檢查安裝狀態

/usr/bin/perl install-module.pl DBD::mysql  安裝MySQL 相關Perl

錯誤訊息

{standard input}: Assembler messages:

{standard input}:31: Warning: size of “use_mysql_use_result” is already 1; not changing to 4

make: *** [dbdimp.o] Error 1

  CAPTTOFU/DBD-mysql-4.020.tar.gz

  /usr/bin/make -- NOT OK

Skipping test because of notest pragma

Running make install

Make had returned bad status, install seems impossible

安裝DBD::mysql需要mysql_config，包含在Headers and libraries安裝包中（MySQL-devel-community-5.1.23-0.rhel4.i386.rpm），並且PATH環境變數中必須包含mysql_config所在的路徑。否則在執行perl Makefile.PL生成makefile的時候會報錯：

Can’t exec “mysql_config”: No such file or directory at Makefile.PL line 76.

Cannot find the file ‘mysql_config’! Your execution PATH doesn’t seem
not contain the path to mysql_config. Resorting to guessed values!
Can’t exec “mysql_config”: No such file or directory at Makefile.PL line 466.

rpm –Uvh MySQL-devel-community-5.1.23-0.rhel4.i386.rpm

以上都配置成功之後才會有localconfig

vi /var/www/bugzilla/localconfig 修改以下內容：

      $db_host = “localhost”;

      $db_name = “bugs”;

      $db_user = “mysql”;

      $db_pass = “YourPassword”;

/var/www/bugzilla/checksetup.pl (自動創建資料庫，設置目錄許可權，完了以後，要你輸入bugzilla管理員的郵箱，密碼等，這是登錄用的，要記住。）

再來一次 /var/www/bugzilla/checksetup.pl 確認已經成功

…….

Looks like we don't have an administrator set up yet. Either this is

your first time using Bugzilla, or your administrator's privileges

might have accidentally been deleted.

Enter the e-mail address of the administrator: antonio.hsu@xxx.com

Enter the real name of the administrator:

antonio.hsu@xxx.com

Enter a password for the administrator account:

Please retype the password to verify:

antonio.hsu@xxx.com is now set up as an administrator.

Creating initial dummy product 'TestProduct'...

Now that you have installed Bugzilla, you should visit the 'Parameters'

page (linked in the footer of the Administrator account) to ensure it

is set up as you wish - this includes setting the 'urlbase' option to

the correct URL.

第一次進入Bugzilla 還要設定Mail Server

Administration >  Parameters  > Email >

mail_delivery_method : SMTP

mailfrom:bugzilla-daemon

use_mailer_queue:Off

smtpserver:Mail Server Host name or IP

smtp_username:若需要認證，請填入帳號，否則就放空

smtp_password:若需要認證，請填入密碼，否則就放空

smtp_debug:Off

whinedays:7

globalwatchers: 空

設定Mail Server，出現意下錯誤

The new value for smtp_username is invalid: SMTP Authentication is not available. Run checksetup.pl for more details.

Bugzilla 4.0註冊驗證通知等郵件可以通過SendMail之類的來發送，配置也很簡單，但是它發出去的郵件尾碼位址是localhost.localdomain之類的地址，會被一些郵箱攔截，從而收不到郵件。所以通過SMTP來發郵件還是很必要的。
文檔上說的配置SMTP也很簡單，但是我在配置的時候遇到幾個問題，在此記錄下來
1、The new value for smtp_username is invalid: SMTP Authentication is not available. Run checksetup.pl for more details.
這是我在Bugzilla中Create New Account的時候發驗證郵件時產生的，這個的原因是Perl有個模組沒有安裝，安裝下就可以了

perl install-module.pl Authen::SASL(要在bugzilla 安裝目錄中執行)
自己先可以通過$ ./checksetup.pl –check-modules查看下已經安裝了哪些模組
只要安裝好，上述的這個問題就解決了

sendmail 可以支援密碼認證跟IP認證，若你的Mail Server 需要帳號密碼，就在Bugzilla的環境填入帳號跟密碼。若為IP認證，也就是不用帳號密碼，那Mail的User 跟password兩欄都不用填值就可以。

JBoss漏洞導致伺服器中毒

中毒現象：
1. ps axf看到多出了很多進程，尤其是有pnscan這個進程，它會對外掃描整個網路，導致網路擁塞：
sh -c ./pnscan -r JBoss -w "HEAD / HTTP/1.0\r\n\r\n" -t 6400 61.223.0.0/16 8080 > /tmp/sess_008802541
2. crontab -l看到多出了，有些中毒的則沒有這個現象：
1 1 10 * * /root/.sysdbs
1 1 24 * * /root/.sysync.pl
1 1 10 * * /root/.sysdbs
1 1 24 * * /root/.sysync.pl
3. ${JBOSS_HOME}/bin/多出了好多檔，這些檔的owner為未知（比如為1000)：
a.tar.gz
bm.c
bm.h
bm.o
flu.pl
fly.pl
install-sh
ipsort
kisses/
kisses.tar.gz
kisses.tar.gz.1
linda.pl
lindb.pl
Makefile
pnscan
pnscan.c
pnscan.o
version.c
version.o

找到解決辦法：
http://aws.amazon.com/security/security-bulletins/jboss-worm-spreading-via-unpatched-or-unsecured-jboss-application-server/

修改：
1. kill 掉多出來的進程，另外killall perl，kill -9 crond，service crond restart。
2. 刪除crontab 裏面多出來的條目。
3. 刪除${JBOSS_HOME}/bin/ 下面多出來的檔。
4. 刪除${JBOSS_HOME}/server/all(default,minimal)/deploy/management/iesvc.war和zecmd.war文件夾。
    原始的JBOSS應該只有console-mgr.sar 5. 修改jboss配置：

一、MX安全設置：

vi ${JBOSS_HOME}/server/all(default,minimal)/deploy/jmx-console.war/WEB-INF/web.xml

＜!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console.

 --＞
   ＜security-constraint＞
     ＜web-resource-collection＞
       ＜web-resource-name＞HtmlAdaptor＜/web-resource-name＞
       ＜description＞An example security config that only allows users with the
         role JBossAdmin to access the HTML JMX console web application
       ＜/description＞
       ＜url-pattern＞/*＜/url-pattern＞
＜!-- 
       ＜http-method＞GET＜/http-method＞
       ＜http-method＞POST＜/http-method＞
--＞
     ＜/web-resource-collection＞
     ＜auth-constraint＞
       ＜role-name＞JBossAdmin＜/role-name＞
     ＜/auth-constraint＞
   ＜/security-constraint＞

把GET和POST两行注释掉，同时security-constraint整个部分不要注释掉。
# vi ${JBOSS_HOME}/server/all(default,minimal)/deploy/jmx-console.war/WEB-INF/jboss-web.xml
＜jboss-web＞
   ＜!-- Uncomment the security-domain to enable security. You will
      need to edit the htmladaptor login configuration to setup the
      login modules used to authentication users.
   --＞
      ＜security-domain＞java:/jaas/jmx-console＜/security-domain＞
＜/jboss-web＞
把security-domain注釋去掉。

# vi ${JBOSS_HOME}/server/all(default,minimal)/conf/props/jmx-console-users.properties
# A sample users.properties file for use with the UsersRolesLoginModule
admin=xxxxx
修改admin密碼

二、WEB-CONSOLE安全設置：
# vi ${JBOSS_HOME}/server/all(default,minimal)/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml

   ＜!-- A security constraint that restricts access to the HTML JMX console
   to users with the role JBossAdmin. Edit the roles to what you want and
   uncomment the WEB-INF/jboss-web.xml/security-domain element to enable
   secured access to the HTML JMX console.
   --＞
   ＜security-constraint＞
   ＜web-resource-collection＞
   ＜web-resource-name＞HtmlAdaptor＜/web-resource-name＞
   ＜description＞An example security config that only allows users with the
   role JBossAdmin to access the HTML JMX console web application
   ＜/description＞
   ＜url-pattern＞/*＜/url-pattern＞
  ＜!-- 
   GET
   POST
   --＞
   ＜/web-resource-collection＞
   ＜auth-constraint＞
   ＜role-name＞JBossAdmin＜/role-name＞
   ＜/auth-constraint＞
   ＜/security-constraint＞
把GET和POST两行注释掉，同时security-constraint整个部分不要注释掉。
# vi ${JBOSS_HOME}/server/all(default,minimal)/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
   ＜!-- Uncomment the security-domain to enable security. You will
   need to edit the htmladaptor login configuration to setup the
   login modules used to authentication users.
   --＞
   ＜security-domain＞java:/jaas/web-console＜/security-domain＞
把security-domain注釋去掉。

# vi ${JBOSS_HOME}/server/all(default,minimal)/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
# A sample users.properties file for use with the UsersRolesLoginModule
admin=xxxxx
修改admin密碼


最後啟動jboss生效。

以上文章摘自http://adaishu.blog.163.com/blog/static/17583128620119313022152/

好吧,小弟不才,還是有不少主機陸續的中毒
我把檢查的指令逐一貼上來，好方便下回查找


###先跳轉到JBOSS 目錄
cd /usr/jboss-4.2.2.GA/server
cd /usr/local/jBoss/Base/server
#####1
grep security-constraint all/deploy/jmx-console.war/WEB-INF/web.xml;
grep security-constraint default/deploy/jmx-console.war/WEB-INF/web.xml;
grep security-constraint minimal/deploy/jmx-console.war/WEB-INF/web.xml;
#####若須要修改
#####找 security-constraint
vim all/deploy/jmx-console.war/WEB-INF/web.xml
vim default/deploy/jmx-console.war/WEB-INF/web.xml
vim minimal/deploy/jmx-console.war/WEB-INF/web.xml
security-constraint整个部分不要注释掉但，同时把GET和POST两行注释掉
           ＜-- ＜http-method＞GET＜/http-method＞
       ＜http-method＞POST＜/http-method＞  --＞


#####2
grep security-domain all/deploy/jmx-console.war/WEB-INF/jboss-web.xml;
grep security-domain default/deploy/jmx-console.war/WEB-INF/jboss-web.xml;
grep security-domain minimal/deploy/jmx-console.war/WEB-INF/jboss-web.xml;
#####若須要修改
#####找 security-domain
vim all/deploy/jmx-console.war/WEB-INF/jboss-web.xml
vim default/deploy/jmx-console.war/WEB-INF/jboss-web.xml
vim minimal/deploy/jmx-console.war/WEB-INF/jboss-web.xml

#####3
grep admin all/conf/props/jmx-console-users.properties;
grep admin default/conf/props/jmx-console-users.properties;
grep admin minimal/conf/props/jmx-console-users.properties;
#####若須要修改
#####設定密碼 admin=xxxx
vim all/conf/props/jmx-console-users.properties
vim default/conf/props/jmx-console-users.properties
vim minimal/conf/props/jmx-console-users.properties


#####4
grep security-constraint all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml;
grep security-constraint default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml;
grep security-constraint minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml;
#####若須要修改
#####找 security-constraint
vim all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
vim default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml
vim minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml

security-constraint整个部分不要注释掉但，同时把GET和POST两行注释掉
           ＜-- ＜http-method＞GET＜/http-method＞
       ＜http-method＞POST＜/http-method＞  --＞


#####5
grep security-domain all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml;
grep security-domain default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml;
grep security-domain minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml;
#####若須要修改
#####找 security-domain
vim all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
vim default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml
vim minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/jboss-web.xml


#####6
grep admin all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties;
grep admin default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties;
grep admin minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties;
#####若須要修改
#####設定密碼 admin=xxxx
vim all/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
vim default/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties
vim minimal/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties

#####7

find . -type f -name "*.o";
find . -type f -name "*.pl";
find /root -type f -name "*.o";
find /tmp -type f -name "*.o";
find /root -type f -name "*.pl";
find /tmp -type f -name "*.pl";
ls default/deploy/management/
####除了console-mgr.sar 是系統預設的，其餘的看有沒有認識的，不認識的基本上都可以砍
chmod 644 /usr/local/jBoss/Base/server/default/log/*
crontab -l;#看看有沒有不應該出現的排程，比如
#1 1 10 * * ~/.sysdbs
#1 1 24 * * perl ~/.sysync.pl

檢查Linux 版本

今天找到了一個能100%確認是那一套Linux distribution的指令了，lsb_release，以下列出了cat /etc/issue與lsb_release去確認Linux distribution的結果：

1.lsb_release -a
[root@pollux max]# lsb_release -a
LSB Version:    :core-3.0-ia32:core-3.0-noarch:graphics-3.0-ia32:graphics-3.0-noarch
Distributor ID: RedHatEnterpriseAS
Description:    Red Hat Enterprise Linux AS release 4 (Nahant Update 4)
Release:        4
Codename:       NahantUpdate4

2.cat /etc/issue
[root@pollux max]# cat /etc/issue
Red Hat Enterprise Linux AS release 4 (Nahant Update 4)
Kernel \r on an \m

umount 發生device is busy

# umount /misc/remoteshare
umount: /misc/remoteshare: device is busy
umount: /misc/remoteshare: device is busy

查詢是否有程序在使用該目錄，但是出現 Input/output error
# fuser -m /misc/remoteshare
/misc/remoteshare: Input/output error

強制將該目錄釋放
# umount -l /misc/remoteshare


查詢是否有程序在使用該目錄，PID
# fuser -m /misc/remoteshare/
/misc/remoteshare/:   3324    4538c

後面c的意義如下
c: current directory.
e: executable being run.
f: open file. f is omitted in default display mode.
F: open file for writing. F is omitted in default display mode.
r: root directory.
m: mmap'ed file or shared library.


確認該程序是否可以停掉
ps -ef |grep 3324
ps -ef |grep 4538

停止該程序
kill 3324 4538

卸載目錄
umount /misc/remoteshare

如果還是不行，也可以使用強制卸載
umount -l /misc/remoteshare

JBOSS無法啟動

某天,跑的好好的JBOSS,有天突然不會跑了,出現的錯誤訊息如下

ERROR [MainDeployer] Could not create deployment: file:/usr/local/jboss-4.2.3.GA/server/default/conf/jboss-service.xml
org.jboss.deployment.DeploymentException: - nested throwable: (java.lang.reflect.InvocationTargetException)

檢查該xml 格式是對的

經過google大神的查詢,有人提到是主機名稱無法正確解析

hostname : tvap15

/etc/sysconfig/network 設定hostname的地方

/etc/hosts 設定hostname 對應IP的地方

192.168.0.55            tvap06

發現現有主機的資料沒有對應的

手動加上

192.168.0.56           tvap15

hostname tvap15

service network restart

再重新啟動jboss 就正常了

vsftpd log format

Thu Mar 4 08:12:30 2004 1 202.114.40.242 37 /incoming/index.html a _ o a guest@my.net ftp 0 * c

1. Thu Mar 4 08:12:30 2004
   current-time 
2. 1
   transfer-time
3. 202.114.40.242
   remote-host  
4. 37
   byte-count
5. /incoming/index.html
   filename
6. a
   transfer-type
7. _
   special-action-flag
8. o
    direction
9. a
   access-mode
10. guest@my.net
    username
11. ftp
    service-name
12. 0
    authentication-method
13. *
    authenticated-user-id
14. c
    completion-status

• current-time  
  The current local time in the form "DDD MMM dd hh:mm:ss
  YYYY", where DDD is the day of the week, MMM is the month,
  dd is the day of the month, hh is the hour, mm is the min-utes,
  ss is the seconds, and YYYY is the year.

• transfer-time
  The total time of the transfer in seconds.

• remote-host
  The remote host name.

• byte-count
  The amount of transferred bytes.

• filename
  The canonicalized (all symbolic links are resolved) abso-lute pathname of the transferred file.
  
  In case of the chrooted FTP session this field can be interpreted as the pathname in the chrooted nvironment(the default interpretation) or as the one in the realfile system. The second type of interpretation can be enabled by the command-line options of the ftpd(.

• transfer-type
  The single character that indicates the type of the trans-fer. The set of possible values is:
• a         An ascii transfer.
• b         A binary transfer.

• special-action-flag
  One or more single character flags indicating any special action taken. The set of possible values is:
• _          No action was taken
• C         The file was compressed (not in use).
• U         The file was uncompressed (not in use).
• T         The file was tar'ed (not in use).

• direction
  The direction of the transfer. The set of possible values is:
• o          The outgoing transfer.
• i           The incoming transfer.

• access-mode
  The method by which the user is logged in. The set of pos-sible values is:
• a (anonymous)  The anonymous guest user.
• g (guest)           The real but chrooted user (this capability is guided by ftpchroot(5) file).
• r (real)           The real user.

• username
  The user's login name in case of the real user, or the user's identification string in case of the anonymous user (by convention it is an email address of the user).

• service-name
  The name of the service being invoked. The ftpd( utility uses the ``ftp'' keyword.

• authentication-method
  The used method of the authentication. The set of possible values is:
• 0         None.
• 1         RFC931 Authentication (not in use).

• authenticated-user-id
  The user id returned by the authentication method. The `*' symbol is used if an authenticated user id is not avail-able.

• completion-status
  The single character that indicates the status of the transfer. The set of possible values is:
• c         A complete transfer.
• i         An incomplete transfer.

vsftpd与log有关的选项：
vsftpd_log_file
xferlog_enable
xferlog_std_format
xferlog_file
dual_log_enable
syslog_enable
log_ftp_protocol
no_log_lock