In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)06/01 Report--
First, install the required programs
1. Install the software packages required for the ftp service
[root@fsy-Centos6 ~] # yum install vsftpd
two。 Install the MySQL database:
[root@fsy-Centos6 ~] # yum-y install mysql-server mysql-devel
3. The environment required for installation, compilation and installation
[root@fsy-Centos6 ~] # yum-y groupinstall "Development Tools"Development Libraries"
4. Compile and install pam_mysql-0.7RC1.tar.gz
[root@fsy-Centos6 ~] # tar xf pam_mysql-0.7RC1.tar.gz
[root@fsy-Centos6 ~] # cd pam_mysql-0.7RC1/
[root@fsy-Centos6 pam_mysql-0.7RC1] # / configure-- with-mysql=/usr-- with-openssl
You may encounter the following problems during compilation and installation:
Configure: error: Cannot find pam headers. Please check if your system is ready for pam module development.
Solution:
[root@fsy-rhel7 pam_mysql-0.7RC1] # yum install pam-devel.x86_64
[root@fsy-Centos6 pam_mysql-0.7RC1] # make
[root@fsy-Centos6 pam_mysql-0.7RC1] # make install
Create a virtual user account
1. Prepare database and related tables
First, make sure that the mysql service is started properly. Then, as needed, set up a database to store the virtual user, which is created as a vsftpd database:
Mysql > create database vsftpd
Mysql > use vsftpd
Mysql > create table users (
-> id int AUTO_INCREMENT NOT NULL
-> name char (20) binary NOT NULL
-> password char (48) binary NOT NULL
-> primary key (id)
->)
Mysql > grant select on vsftpd.* to vsftpd@localhost identified by '123456'
Mysql > grant select on vsftpd.* to vsftpd@127.0.0.1 identified by '123456'
Mysql > flush privileges
2. Add a virtual user for the test
Add the required users as needed, and their passwords are stored in clear text format here, because the password () function of pam_mysql may be different from the password () function of MySQL.
Mysql > insert into users (name,password) values ('tom','123456')
Mysql > insert into users (name,password) values ('jerry','123456')
3. Configure vsftpd
1. Put the compiled files in the corresponding location
[root@fsy-Centos6 ~] # cp / usr/lib/security/pam_mysql.so / lib/security/
[root@fsy-Centos6 ~] # cp / usr/lib/security/pam_mysql.la / lib/security/
two。 Establish the documents required for pam certification
[root@fsy-Centos6 ~] # vim / etc/pam.d/vsftpd.mysql
Add the following two lines
Auth required / usr/lib/security/pam_mysql.so user=vsftpd passwd=123456 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0
Account required / usr/lib/security/pam_mysql.so user=vsftpd passwd=123456
Host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=0
3. Modify the configuration file of vsftpd to adapt to mysql authentication
1) establish the system user and corresponding directory of virtual user mapping
[root@fsy-Centos6] # useradd-s / sbin/nologin-d / var/ftproot vuser
[root@fsy-Centos6 ~] # chmod go+rx / var/ftproot/
2) make sure that the following options are enabled in / etc/vsftpd/vsftpd.conf
Anonymous_enable=YES
Local_enable=YES
Write_enable=YES
Anon_upload_enable=NO
Anon_mkdir_write_enable=NO
Chroot_local_user=YES
Then add the following options
Guest_enable=YES
Guest_username=vuser
And make sure that the value of the pam_service_name option is as follows
Pam_service_name=vsftpd.mysql
Start the vsftpd service for testing
[root@fsy-Centos6 ~] # service vsftpd restart
5. Configure virtual users with different access rights
Vsftpd can provide a separate profile for each user in the profile directory to define their access to ftp services, and the profile name of each virtual user is the same as the user name of the virtual user. The profile directory can be any unused directory, just specify its path and name in vsftpd.conf.
1. Configure vsftpd to use the profile directory for virtual users
[root@fsy-Centos6 ~] # vim vsftpd.conf
Add the following options
User_config_dir=/etc/vsftpd/vusers_dir
2. Create the required directories and provide configuration files for virtual users
[root@fsy-Centos6 ~] # mkdir / etc/vsftpd/vusers_dir/
[root@fsy-Centos6 ~] # cd / etc/vsftpd/vusers_dir/
[root@fsy-Centos6 vuser_dir] # touch tom jerry
3. Configure the access rights of virtual users
The access rights of virtual users to vsftpd services are carried out through the relevant instructions of anonymous users.
6. Common instructions in vfstpd.conf:
Whether anonymous_enable=YES allows anonymous users to log in
Does local_enable=YES allow ordinary users to log in?
Does write_enable=YES allow ordinary users to upload files?
Does anon_upload_enable=YES allow anonymous users to upload files?
Whether anon_mkdir_write_enable=YES allows anonymous users to create files
Whether anon_other_write_enable=YES allows anonymous users to delete files
Dirmessage_enable=YES whether a welcome message is displayed when a user enters a directory
Whether xferlog_enable=YES opens the transfer log (that is, user uploads and downloads of files will be recorded)
Xferlog_file=/var/log/xferlog indicates the file that records the transfer log
Whether the xferlog_std_format=YES log file uses the standard format
Whether to modify the owner of the file after the user uploads the file:
Chown_uploads=YES
Chown_username=whoever
Whether to use text to transfer files:
Ascii_upload_enable=YES
Ascii_download_enable=YES
Imprison users:
Chroot_list_enable=YES is ready to start imprisoning users.
The list file of imprisoned users created by chroot_list_file=/etc/vsftpd/chroot_list. Users in this directory will be locked up in the home directory.
Imprison all users:
Chroot_local_user=YES
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
PG usage tutorial: https://www.yiibai.com/postgresql
© 2024 shulou.com SLNews company. All rights reserved.