Shulou(Shulou.com)06/01 Report--

First, install the required programs

1. Install the development environment and mysql database beforehand

# yum-y install mysql-server mysql-devel

# yum-y groupinstall "Development Tools"Development Libraries"

two。 Install pam_mysql-0.7RC1

# tar zxvf pam_mysql-0.7RC1.tar.gz

# cd pam_mysql-0.7RC1

#. / configure-with-mysql=/usr-with-openssl

# make

# make install

3. Install vsftpd

# yum-y install vsftpd

Create a virtual user account

1. Prepare database and related tables

First, make sure that the mysql service is started properly. Then, as needed, set up a database to store the virtual user, which is created as a vsftpd database.

Mysql > create database vsftpd

Mysql > grant select on vsftpd.* to vsftpd@localhost identified by 'www.magedu.com'

Mysql > grant select on vsftpd.* to vsftpd@127.0.0.1 identified by 'www.magedu.com'

Mysql > flush privileges

Mysql > use vsftpd

Mysql > create table users (

-> id int AUTO_INCREMENT NOT NULL

-> name char (20) binary NOT NULL

-> password char (48) binary NOT NULL

-> primary key (id)

->)

2. Add a virtual user for the test

To add the required users as needed, it is important to note that their passwords are stored in clear text format because the password () function of pam_mysql may be different from the password () function of MySQL.

Mysql > insert into users (name,password) values ('tom','magedu')

Mysql > insert into users (name,password) values ('jerry','magedu')

3. Configure vsftpd

1. Establish the documents required for pam certification

# vi / etc/pam.d/vsftpd.mysql

Add the following two lines

Auth required / lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0

Account required / lib/security/pam_mysql.so user=vsftpd passwd=www.magedu.com host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0

two。 Modify the configuration file of vsftpd to adapt to mysql authentication

Establish the system user and corresponding directory of virtual user mapping

# useradd-s / sbin/nologin-d / var/ftproot vuser

# chmod go+rx / var/ftproot

Make sure the following options are enabled in / etc/vsftpd.conf

Anonymous_enable=YES

Local_enable=YES

Write_enable=YES

Anon_upload_enable=NO

Anon_mkdir_write_enable=NO

Chroot_local_user=YES

Then add the following options

Guest_enable=YES

Guest_username=vuser

And make sure that the value of the pam_service_name option is as follows

Pam_service_name=vsftpd.mysql

Start the vsftpd service

# service vsftpd start

# chkconfig vsftpd on

Check the port opening condition

# netstat-tnlp | grep: 21

Tcp 0 0 0.0.0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0

Log in to the virtual user and verify the configuration result. The following is a local command test. You can also log in to verify the result with IE or FTP client tools on other Win Box.

# ftp localhost

5. Configure virtual users with different access rights

Vsftpd can provide a separate profile for each user in the profile directory to define their access to ftp services, and the profile name of each virtual user is the same as the user name of the virtual user. The profile directory can be any unused directory, just specify its path and name in vsftpd.conf.

1. Configure vsftpd to use the profile directory for virtual users

# vim vsftpd.conf

Add the following options

User_config_dir=/etc/vsftpd/vusers_dir

2. Create the required directories and provide configuration files for virtual users

# mkdir / etc/vsftpd/vusers_dir/

# cd / etc/vsftpd/vusers_dir/

# touch tom jerry

3. Configure the access rights of virtual users

The access rights of virtual users to vsftpd services are carried out through the relevant instructions of anonymous users. For example, if you need to give tom users permission to upload files, you can modify the / etc/vsftpd/vusers/tom file and add the following option to it.

Anon_upload_enable=YES

Since then, the whole FTP service has been built, and the file transfer can be realized.

In the next series, we will learn about NFS.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.