安装mysql(不要使用红帽的RPM版的mysql)
使用编译或静态库安装mysql
1、编译安装pam_mysql
下载软件:
http://downloads.sourceforge.net/project/pam-mysql/pam-mysql/0.7RC1/pam_mysql-0.7RC1.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpam-mysql%2F&ts=1308550644&use_mirror=nchc
tar xzvf pam_mysql-0.7RC1.tar.gz -C /usr/local/src/
cd /usr/local/src/pam_mysql-0.7RC1/
./configure --with-mysql=/opt/mysql/ && make && make install
rpm包安装
rpm -ivh pam_mysql-0.7RC1-1.x86_64.rpm
Preparing... ########################################### [100%]
1:pam_mysql ########################################### [100%]
2、安装vsftpd
yum -y install vsftpd
配置vsftpd服务器
vim /etc/vsftpd/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
guest_enable=YES
guest_username=virtual
pam_service_name=/etc/pam.d/vsftpd.mysql
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
vim /etc/pam.d/vsftpd.mysql
auth required /usr/lib/security/pam_mysql.so user=ftp passwd=123456 host=localhost db=vsftpd table=users usercolumn=username passwdcolumn=password crypt=2
account required /usr/lib/security/pam_mysql.so user=ftp passwd=123456 host=localhost db=vsftpd table=users usercolumn=username passwdcolumn=password crypt=2
添加一个系统账号,并指定家目录。
useradd virtual -d /ftproot -s /sbin/nologin
chmod 755 /ftproot/
3、配置mysql
mysql>detele from mysql.user where user=' ';
mysql>detele from mysql.db where user=' ';
mysql> create database vsftp;
mysql>create table vsftp.users(id int auto_increment primary key, username char(30), password char(50));
mysql>insert into vsftp.users(username,password) values('a',password('123')),('b',password('456')),('c',password('789'));
mysql>grant all on vsftp.* to runftp@'10.170.36.27' identified by '123;
mysql>flush privileges;
service vsftpd restart
让虚拟用户登录服务器时记录登录状态和时间:
mysql> create table logs(
-> msg varchar(255),
-> user char(16) ,
-> pid int(11),
-> host char(32),
-> rhost char(32),
-> logtime timestamp);
Query OK, 0 rows affected (0.01 sec)
vim /etc/pam.d/vsftpd.mysql
auth required /usr/lib/security/pam_mysql.so user=ftp passwd=123456 host=localhost db=vsftpd table=users usercolumn=username passwdcolumn=password crypt=2 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
account required /usr/lib/security/pam_mysql.so user=ftp passwd=123456 host=localhost db=vsftpd table=users usercolumn=username passwdcolumn=password crypt=2 sqllog=1 logtable=logs logmsgcolumn=msg logusercolumn=user logpidcolumn=pid loghostcolumn=host logrhostcolumn=rhost logtimecolumn=logtime verbose=1
service vsftpd restart
虚拟用户扩展
vim /etc/vsftpd/vsftpd.conf
user_config_dir=/etc/vsftpd/ew 定义用户的在扩展的目录中
给a用户定义一个配置文件
vim /etc/vsftpd/ew/a
local_root=/home/ftpsite/a
anon_max_rate=200000(200kb)
给b用户定义一个配置文件
vim /etc/vsftpd/ew/b
local_root=/home/ftpsite/b
anon_max_rate=100000(100kb)
anon_world_readable_only=NO
anon_upload_enable=YES
write_enable=YES
给c用户定义一个配置文件
vim /etc/vsftpd/ew/c
local_root=/home/ftpsite/c
anon_world_readable_only=NO
anon_max_rate=0
anon_upload_enable=YES
write_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES