<b>vsftpd+pam_mysql+mysql</b>
FROM Marion
RH9.0上實作,轉載請保留作者資訊,謝謝!
一、安裝相關軟體包
mysql-5.0.41
pam_mysql-0.7RC1
vsftpd-2.0.5
openssl-0.98e
1.安裝mysql-5.0.41
#groupadd mysql
#useradd -g mysql -s /sbin/nologin -M mysql
#tar zxvf mysql-5.0.41.tar.gz
#cd mysql-5.0.41
#./configure --prefix=/usr/local/mysql --sysconfdir=/etc --enable-thread-safe-client --enable-local-infile --with-charset=gbk --with-extra-charset=all --with-low-memory
#make
#make install
#cp support-files/my-medium.cnf /etc/my.cnf
#cd /usr/local/mysql
#chgrp -R mysql .
#bin/mysql_install_db --user=mysql
#chown -R root .
#chown -R mysql var
#bin/mysqld_safe --user=mysql &
#cd /usr/local/src/mysql-5.0.41
#cp support/mysql.server /etc/rc.d/init.d/mysqld
#chmod 700 /etc/rc.d/init.d/mysqld
#chkconfig --add mysqld
#chkconfig --level 345 mysqld on
測試
#/usr/local/mysql/bin/mysqladmin ping
#/usr/local/mysql/bin/mysqladmin version
#/usr/local/mysql/bin/mysql
添加root密碼
#/usr/local/mysql/bin/mysqladmin -uroot -p 舊密碼 password '新密碼'
修改庫檔案的搜尋路徑
#vi /etc/ld.so.conf
添加如下條目:
/usr/local/mysql/lib/mysql
增加庫檔案及頭檔案的連結
ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
ln -s /usr/local/mysql/include/mysql /usr/include/mysql
2.安裝openssl-0.9.8e
#tar zxvf openssl-0.9.8e.tar.gz
#cd openssl-0.9.8e
#./config shared zlib
#make
#make test
mv /usr/bin/openssl /usr/bin/openssl.OFF
mv /usr/include/openssl /usr/include/openssl.OFF
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
配置庫檔案搜尋路徑
#echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
#ldconfig -v
3.安裝pam_mysql-0.7RC1
#tar zxvf pam_mysql-0.7RC1.tar.gz
#cd pam_mysql-0.7RC1
#./configure --with-mysql=/usr/local/mysql --with-openssl=/usr/local/ssl
#cp /usr/lib/security/pam_mysql.so /lib/security/
4.安裝vsftpd-2.0.5
#mkdir -pv /usr/share/empty /var/ftp
#useradd -s /bin/false -d /var/ftp ftp
#tar xzvf vsftpd-2.0.5.tar.gz
#cd vsftpd-2.0.5
安裝配置檔案
#cp vsftpd.conf /etc
編輯配置檔案/etc/vsftpd.conf
添加:listen=YES
啟動伺服器
#/usr/local/sbin/vsftpd &
#chmod og-w /var/ftp
二、配置
1.準備資料庫及相關表
在此,我們建立名為vsftp的資料庫來存放相關虛拟使用者的帳号
mysql> create database vsftp;
mysql> grant select on vsftp.* to vsftpd@localhost identified by '123456';
mysql> grant select on vsftp.* to [email protected] identified by '123456';
mysql> use vsftp;
mysql> create table users (
-> id int AUTO_INCREMENT NOT NULL,
-> name char(20) binary NOT NULL,
-> passwd char(48) binary NOT NULL,
-> primary key(id)
-> );
添加測試的虛拟使用者,其密碼采取加密存放的方式
mysql> insert into users(name,passwd) values('benet',password('123456'));
mysql> insert into users(name,passwd) values('aptech',password('123456'));
檢視結果
mysql> select * from users;
+----+-----------+----------------------------------------------------------------------------+
| id | name | passwd |
| 1 | benet | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| 2 | aptech | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
3 rows in set (0.00 sec)
2.建立pam認證所需檔案
#vi /etc/pam.d/vsftp.mysql
添加如下兩行
auth required /lib/security/pam_mysql.so user=vsftpd passwd=123456 host=localhost db=vsftp table=users
usercolumn=name passwdcolumn=passwd crypt=2
account required /lib/security/pam_mysql.so user=vsftpd passwd=123456 host=localhost db=vsftp table=users
3.修改vsftpd的配置檔案,使其适應mysql認證
建立虛拟使用者映射的系統使用者及對應的目錄
#useradd -s /sbin/nologin -d /var/ftp2 vsftp
#chmod go+rx /var/ftp2
請確定/etc/vsftpd.conf中已經啟用了以下選項
anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
chroot_local_user=YES
添加以下選項
guest_enable=YES
guest_username=vsftp
listen=YES
pam_service_name=vsftpd.mysql
三、啟動vsftpd服務
檢視端口開啟情況
# netstat -tnlp |grep :21
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23286/vsftpd
使用虛拟使用者登入,驗正配置結果,以下為本機的指令方式測試,你也可以在其它Win Box上用IE或者FTP用戶端工具登入驗正
# ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.0.5)
Name (localhost:root): benet
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,235,31)
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 155985 Jun 06 07:16 vsftpd-2.0.5.tar.gz
226 Directory send OK.
![【MySQL資料庫】資料庫索引事務1.索引2.事務[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)