In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-29 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)06/01 Report--
Virtual user:
Where is the user account stored?
File, MySQL,Redis,...
The authentication function of vsftpd is hosted to pam:
Pluggable Authencate Module, authentication framework, authentication library
Complete the authentication function through the module: / usr/lib64/security/
Pam_mysql module:
Download the source package of pam_mysql officially download http://prdownloads.sourceforge.net/pam-mysql/pam_mysql-0.7RC1.tar.gz
(1) prepare to compile and install the environment
[root@server1 ~] # yum-y groupinstall "Development Tools"
[root@server1 ~] # wget http://prdownloads.sourceforge.net/pam-mysql/pam_mysql-0.7RC1.tar.gz
[root@server1 ~] # tar xf pam_mysql-0.7RC1.tar.gz
[root@server1 ~] # cd pam_mysql-0.7RC1/
[root@server1] # / configure-with-pam=/usr-with-mysql=/usr-with-pam-mods-dir=/usr/lib64/security
If this error occurs during compilation, you need to install the mysql-devel package.
[root@server1 pam_mysql-0.7RC1] # yum-y install mysql-devel
If you encounter this error, you also need to install the development package for pam-devel.
[root@server1 pam_mysql-0.7RC1] # yum-y pam-devel
To check the environment to generate the config file is completed, and then only need make and make install
[root@server1 pam_mysql-0.7RC1] # make
[root@server1 pam_mysql-0.7RC1] # make install
After the compilation and installation is complete, check the / usr/lib64/security directory for the files shown in the figure
Prepare the database:
Vsftpd operates on the host of CentOS7 based on virtual user authentication
Install the database
[root@server1 ~] # yum-y install mariadb-server
Next, start the mysql service.
[root@server1 ~] # systemctl start mariadb
[root@server1~] # ss-tnl / / Type this command to see if port 3306 is listening
After that, you need to put the users and passwords authenticated by virtual users into the database, so you need to create a data and a corresponding table for vsftpd, as follows
Create a database
Mysql > CREATE DATABASE vsftpd
Use the newly created database, then use this database and then create the table users
Mysql > USE vsftpd
Mysql > CREATE TABLE vsftpd.users (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, name CHAR (30) NOT NULL UNIQUE KEY,password CHAR (48)
Create data on the users table
Mysql > INSERT INTO users (name,password) VALUES ('tom',PASSWORD (' redhat')), ('jerry',PASSWORD (' redhat'))
Authorize remote users to log in to mysql
Mysql > GRANT ALL ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY' mageedu'
Mysql > GRANT ALL ON vsftpd.* TO 'vsftpd'@'127.0.0.1' IDENTIFIED BY' mageedu'
Mysql > FLUSH PRIVILEGES; / / Refresh authorization to make it effective
Here, localhost and 127.0.0.1 need to be authorized because the database sometimes fails to resolve the ip address, so the user cannot log in, so the two hosts need to be authorized.
Vsftpd's configuration file authenticated by pam_mysql enables pam to use the pam-mysql module to connect to the database to obtain the user name and password in the database, so you need to edit the: / etc/pam.d/vsftpd.mysql file, which is as follows
Auth required / usr/lib64/security/pam_mysql.so user=vsftpd passwd=mageedu host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
Account required / usr/lib64/security/pam_mysql.so user=vsftpd passwd=mageedu host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
User: the user name that connects to the mysql server. This user must have access to the database that authenticates the vsftpd service.
Passwd: the password of the user above
Host:mysql server host address
Db: database name of the authenticated vsftpd service
Table: a table that stores users and passwords
Usercolumn: field corresponding to user name
Passwdcolumn: field corresponding to password
Crypt: password encryption method
Prepare the system user account for anonymous user mapping:
# mkdir / ftproot
# useradd-d / ftproot vuser / / create a user vuser and set the user's home directory to / ftproot
# mkdir / ftproot/ {pub,upload} / / create a public directory and a directory where files are uploaded under the virtual user's root directory
# setfacl-m u:vuser:rwx / ftproot/upload / / add access control lists to virtual users and use the ability to upload files
Configure vsftpd:vsftpd.conf
Pam_service_name=vsftpd.mysql
Guest_enable=YES
Guest_username=vuser
Configure individual permission settings for each anonymous user
Vsftpd.conf, add:
User_config_dir=/etc/vsftpd/users_conf
Create a directory:
# mkdir / etc/vsftpd/vusers_conf
Provide a profile for each user:
/ etc/vsftpd/vusers_conf/ {tom,jerry}
Instructions for configuring permissions:
Anon_upload_enable=YES
Anon_mkdir_write_enable=YES
Anon_other_write_enable=YES
Test:
Log in to ftp on another host to test uploading files
Lftp-u tom,mageedu 10.1.48.11
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.