vsftpd+mysql的虚拟用户配置记录
1.安装vsftpd yum install vsftpd就ok
2.需要pam_mysql组件,在这里
3.编译参数看下INSTALL 我这里用了一个参数就 withmysql=/usr/local/amp/mysql5
4.建立mysql数据库、表 db=vsftpd table=users(username,userpass,homedir),建立对应mysql帐户 vsftpd vsftpd(当然也可以用root或者现有帐户)
5.修改/etc/pam.d/vsftpd 新增两行:
- account required /usr/lib/security/pam_mysql.so user=vsftpd passwd=vsftpd host=localhost db=vsftpd table=users usercolumn=username passwdcolumn=userpass
6.建立用来存放虚拟用户配置文件的文件夹,我的在/etc/vsftpd/virtual,里面放了一个配置文件模板叫_tpl write_enable=YES
- anon_mkdir_write_enable=YES
- anon_upload_enable=YES
- anon_other_write_enable=YES
代码意思是,就差一个homedir了
7.打开/etc/vsftpd/vsftpd.conf,设置修改为 #一定要有
- listen=YES
- #listen_port=10021
- connect_from_port_20=YES
- #服务器提示
- ftpd_banner=Welcome to My FTP server.
- #关闭匿名访问
- anonymous_enable=NO
- local_enable=YES
- write_enable=NO
- anon_upload_enable=NO
- anon_mkdir_write_enable=NO
- anon_other_write_enable=NO
- chroot_local_user=YES
- guest_enable=YES
- #虚拟用户所使用的帐号,如果这里是root,那你传上去的文件所有者也是root,
- #一般安全情况下,请设立单独的vsftpd的用户,就像mysql的独立访问用户一样
- guest_username=root
- pasv_min_port=30000
- pasv_max_port=30999
- #这里对应着/etc/pam.d/下的那个vsftpd 见第6条
- pam_service_name=vsftpd
- #虚拟用户配置文件目录
- user_config_dir=/etc/vsftpd/virtual
- xferlog_enable=YES
- #xferlog_file=/var/log/vsftpd.log
- xferlog_file=/data1/logs/vsftpd/vsftpd.log
- anon_world_readable_only=NO
- anon_umask=022
- file_open_mode=0777
- local_umask=022
- #20080811 last modify
- data_connection_timeout=120
要注意这里,local_umask和anon_umask的值,你的文件上传之后的权限值 = 777 local_umask,也就是,上例中的022,你上传之后,文件权限会是755
8./etc/vsftpd/vsftpd restart
9.我这里还有两个shell,但是我的bash很笨,if判断会有错误,增加ftp用户:
- #!/bin/bash
- clear
- echo "******************************"
- echo "* Add vsftpd User Script *"
- echo "* AnVy 2008.0516 *"
- echo "******************************"
- echo "Enter user account:[Enter Key]"
- read username
- echo "Username is $username, Now Enter the password:[Enter Key]"
- read userpass
- echo "Asign the user's ftp home directory:[Enter Key]"
- read home
- echo "create this dir?[y/n]:"
- read $cd
- if [ $cd="y" ]
- then
- mkdir $home
- fi
- #chown R www:www $home
- /usr/local/amp/mysql5/bin/mysql uvsftpd pvsftpd<<EOF
- use vsftpd;
- replace into users (username,userpass,homedir) values ('$username','$userpass','$home');
- \q
- EOF
- cp /etc/vsftpd/virtual/_tpl /etc/vsftpd/virtual/$username
- #在用户配置文件追加家目录配置参数
- echo "local_root=$home" >> /etc/vsftpd/virtual/$username
- echo "$username with homedir= $home was added."
ftp帐户列表以及删除用户
- #!/bin/bash
- clear
- echo "******************************"
- echo "* Add vsftpd User Script *"
- echo "* AnVy 2008.0516 *"
- echo "******************************"
- echo "UserList:"
- /usr/local/amp/mysql5/bin/mysql uvsftpd pvsftpd<<EOF
- use vsftpd;
- select * from users;
- \q
- EOF
- echo "Delete user account:[Enter Key]"
- read username
- /usr/local/amp/mysql5/bin/mysql uvsftpd pvsftpd<<EOF
- use vsftpd;
- delete from users where username='$username';
- \q
- EOF
- unlink /etc/vsftpd/virtual/$username
- echo "$username without homedir was removed."
以上代码设置,可以简单实现我的虚拟用户分配,我也不太懂什么高深的设置,这样就可以实现我输入用户名,密码,家目录,就能开vsftpd帐户了,而且文件上传之后权限是755, 完全可用。