本内容为原创内容,转载请注明:
本文来自http://blog.gsywx.com

一、目的:安装vsftpd+mysql,vsftpd用户由mysql数据表存放虚拟用户
二、安装方式:采用yum进行安装vsftpd及mysql,系统环境为centos5.5(32)
注:所有加#开头的为说明语句

三、具体安装
1、安装vsftpd
yum -y install vsftpd
vi /etc/vsftpd/vsftpd.conf
作如下修改:
anonymous_enable=YES 改为 anonymous_enable=NO
#禁用匿名用户登录
在最后加上:
chroot_local_user=YES
#将本地用户锁定在家目录
chkconfig vsftpd on
service vsftpd start
#以下添加vsftpd的虚拟公共帐户
useradd vsftpdguest -d /home/vsftpdguest -s /sbin/nologin
chmod 755 /home/vsftpdguest

2、安装mysql
yum -y install mysql mysql-devel mysql-server
service mysqld start
#设置mysql密码
mysqladmin -u root password 123654
mysql -u root -p
#输入密码 123654
#建立vsftpd两虚拟用户: aaa 密码: 123456  、bbb 密码: 123654
create database vsftpd;
use vsftpd;
create table users(name char(16) binary,passwd char(16) binary);
insert into users (name,passwd) values ('aaa','123456');
insert into users (name,passwd) values ('bbb','123654');
#给数据库vsftpd赋予用户vsftpdguest密码654321对users表的读取权限
grant select on vsftpd.users to vsftpdguest@localhost identified by '654321';
flush privileges;
select * from users;
#这时可以看到新加的用户和密码,密码是以明文列示的
quit;

3、安装pam_mysql模块,下载地址为:http://sourceforge.net/projects/pam-mysql/files/pam-mysql/
#这里我下载pam_mysql-0.7RC1.tar.gz
tar zxvf pam_mysql-0.7RC1.tar.gz
cd pam_mysql-0.7RC1
./configure
#因为mysql为默认安装,所以可以缺少编译参数,如果自定义安装可以参照以下语句
#(#./configure --with-mysql=/web/mysql)
make
make install
安装后会看到以下语句
#Libraries have been installed in:
#/usr/lib/security
cp /usr/lib/security/pam_mysql.* /lib/security/
#以下备份vsftpd的pam文件以及创建新的认证文件
mv /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
#加上
vi /etc/pam.d/vsftpd  加上:
#%PAM-1.0
auth required /lib/security/pam_mysql.so user=vsftpdguest passwd=654321 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=vsftpdguest passwd=654321 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0


4、配置vsftpd.conf
vi /etc/vsftpd/vsftpd.conf   在最后加上:
guest_enable=YES
guest_username=vsftpdguest
virtual_use_local_privs=YES
重启vsftpd
service vsftpd restart
#说明:以上三句为除了匿名用户外的所有用户都是guest,除了匿名用户外的所有用户使用vsftpdguest,虚拟用户使用与本地用户相同的权限

四、额外的部份权限控制说明:
当virtual_use_local_privs=YES时,只需设置write_enable=YES,虚拟用户就可以就拥有写权限

当virtual_use_local_privs=NO时,anon_world_readable_only=YES,则虚拟用户只读不能上传
                                anon_upload_enable=YES时,匿名用户能上传,但不能覆盖和改写删除文件
                                anon_mkdir_write_enable=YES时,能建立目录
                                anon_other_write_enable=YES时,虚拟用户具体所有读写权限

虚拟用户目录的权限改为只能由vsftpdguest操作:
chown vsftpdguest.vsftpdguest /home/vsftpdguest
chmod 700 /home/vsftpdguest

五、虚拟用户拥有各自的家目录
vi /etc/vsftpd/vsftpd.conf  加上:
user_config_dir=/etc/vsftpd/vsftpd_user_conf
mkdir /etc/vsftpd/vsftpd_user_conf
touch /etc/vsftpd/vsftpd_user_conf/aaa
vi /etc/vsftpd/vsftpd_user_conf/aaa   加上:
local_root=/home/aaa
mkdir /home/aaa
chown vsftpdguest.vsftpdguest /home/aaa

touch /etc/vsftpd/vsftpd_user_conf/bbb
vi /etc/vsftpd/vsftpd_user_conf/aaa  加上:
local_root=/home/bbb
mkdir /home/bbb
chown vsftpdguest.vsftpdguest /home/bbb


六、以上程序安装脚本:

#!bin/bash
yum -y install vsftpd
sed -i 's#anonymous_enable=YES#anonymous_enable=NO#'  /etc/vsftpd/vsftpd.conf
echo "chroot_local_user=YES" >>/etc/vsftpd/vsftpd.conf
chkconfig vsftpd on
service vsftpd start
useradd vsftpdguest -d /home/vsftpdguest -s /sbin/nologin
chmod 755 /home/vsftpdguest
yum -y install mysql mysql-devel mysql-server
service mysqld start
mysqladmin -u root password 123654
mysql -u root -p
create database vsftpd;
use vsftpd;
create table users(name char(16) binary,passwd char(16) binary);
insert into users (name,passwd) values ('aaa','123456');
insert into users (name,passwd) values ('bbb','123654');
grant select on vsftpd.users to vsftpdguest@localhost identified by '654321';
flush privileges;
select * from users;
quit;
#pam_mysql文件上传在系统根目录
cd /
tar zxvf pam_mysql-0.7RC1.tar.gz
cd pam_mysql-0.7RC1
./configure
make
make install
cp /usr/lib/security/pam_mysql.* /lib/security/
mv /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
cat >>/etc/pam.d/vsftpd<<EOF
#%PAM-1.0
auth required /lib/security/pam_mysql.so user=vsftpdguest passwd=654321 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=vsftpdguest passwd=654321 host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
EOF
echo "guest_enable=YES" >>/etc/vsftpd/vsftpd.conf
echo "guest_username=vsftpdguest" >>/etc/vsftpd/vsftpd.conf
echo "virtual_use_local_privs=YES" >>/etc/vsftpd/vsftpd.conf
service vsftpd restart
echo "user_config_dir=/etc/vsftpd/vsftpd_user_conf" >>/etc/vsftpd/vsftpd.conf
mkdir /etc/vsftpd/vsftpd_user_conf
touch /etc/vsftpd/vsftpd_user_conf/aaa
echo "local_root=/home/aaa" >>/etc/vsftpd/vsftpd_user_conf/aaa
mkdir /home/aaa
chown vsftpdguest.vsftpdguest /home/aaa
touch /etc/vsftpd/vsftpd_user_conf/bbb
echo "local_root=/home/bbb" >>/etc/vsftpd/vsftpd_user_conf/bbb
mkdir /home/bbb
chown vsftpdguest.vsftpdguest /home/bbb
service vsftpd restart

为linux添加163网易源

[不指定 2010/09/03 20:07 | by xiaoyuwxz ]
网易开源镜像站:
http://mirrors.163.com/
网易开源镜像使用帮助:
http://mirrors.163.com/.help/

CentOS镜像使用帮助
http://mirrors.163.com/.help/centos.html

centos更改为163源操作:
cd /etc/yum.repos.d/
wget http://mirrors.163.com/.help/CentOS-Base-163.repo
yum makecache


Fedora更改为163源操作:
cd etc/yum.repos.d/
wget http://mirrors.163.com/.help/fedora-163.repo
wget http://mirrors.163.com/.help/fedora-updates-163.repo
yum makecache
    
ubuntu
karmic更改为163源操作:
cd /etc/apt/
mv sources.list sources.list.bak
wget http://mirrors.163.com/.help/sources.list.karmic
mv sources.list.karmic sources.list

更多的操作请直接访问http://mirrors.163.com/
Tags: ,
脚本仅作参考,具体为什么,请参考vsftpd配置文件,转载请注明地址,谢谢
附件此脚本服务控制脚本.
下载文件 (已下载 167 次)



#!/bin/bash
clear
echo "----------------源码安装vsftpd安装程序,按任意键继续----------------"  
get_char()
  {
  SAVEDSTTY=`stty -g`
  stty -echo
  stty cbreak
  dd if=/dev/tty bs=1 count=1 2> /dev/null
  stty -raw
  stty echo
  stty $SAVEDSTTY
  }
  echo ""
  echo "本安装为配置tom和jack两虚拟用户登录各自的目录,请按任意键继续......"
  char=`get_char`

mkdir -p /usr/local/man/man8/
mkdir -p /usr/local/man/man5/
tar zxvf vsftpd-2.2.2.tar.gz
cd vsftpd-2.2.2
make
make install
cp vsftpd.conf /etc/
touch /etc/vsftpd.chroot_list
touch /etc/ftpusers
cp RedHat/vsftpd.pam /etc/pam.d/vsftpd
cp ../vsftpd /etc/rc.d/init.d/
chmod 755 /etc/rc.d/init.d/vsftpd
chkconfig --add vsftpd
chkconfig  vsftpd on

sed -i 's#anonymous_enable=YES#anonymous_enable=NO#'  /etc/vsftpd.conf
sed -i 's\#local_enable=YES\local_enable=YES\g'  /etc/vsftpd.conf
sed -i 's\#write_enable=YES\write_enable=YES\g'  /etc/vsftpd.conf
sed -i 's\#local_umask=022\local_umask=022\g'  /etc/vsftpd.conf
sed -i 's\#ftpd_banner=Welcome to blah FTP service.\ftpd_banner=Welcome to xiaoyuwxzs FTP service.\g' /etc/vsftpd.conf
sed -i 's\dirmessage_enable=YES\#dirmessage_enable=YES\g' /etc/vsftpd.conf
sed -i 's\xferlog_enable=YES\#xferlog_enable=YES\g' /etc/vsftpd.conf
sed -i 's\connect_from_port_20=YES\#connect_from_port_20=YES\g' /etc/vsftpd.conf
echo "pam_service_name=vsftpd" >>/etc/vsftpd.conf
echo "chroot_local_user=YES" >>/etc/vsftpd.conf
echo "guest_enable=YES " >>/etc/vsftpd.conf
echo "guest_username=virtualuser" >>/etc/vsftpd.conf
echo "virtual_use_local_privs=YES" >>/etc/vsftpd.conf
echo "user_config_dir=/etc/vftp" >>/etc/vsftpd.conf

#修改pam认证文件
sed -i 's\auth       required     /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed\#auth       required     /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed\g' /etc/pam.d/vsftpd
sed -i 's\auth       required     /lib/security/pam_unix.so shadow nullok\#auth       required     /lib/security/pam_unix.so shadow nullok\g' /etc/pam.d/vsftpd
sed -i 's\auth       required     /lib/security/pam_shells.so\#auth       required     /lib/security/pam_shells.so\g' /etc/pam.d/vsftpd
sed -i 's\account    required     /lib/security/pam_unix.so\#account    required     /lib/security/pam_unix.so\g' /etc/pam.d/vsftpd
sed -i 's\session    required     /lib/security/pam_unix.so\#session    required     /lib/security/pam_unix.so\g' /etc/pam.d/vsftpd
echo "auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login" >>/etc/pam.d/vsftpd
echo "account required /lib/security/pam_userdb.so db=/etc/vsftpd_login" >>/etc/pam.d/vsftpd

useradd virtualuser -d /home/virtualuser -s /sbin/nologin
rpm -ivh db4*
touch /login.txt
echo "tom" >>/login.txt
echo "123456" >>/login.txt
echo "jack" >>/login.txt
echo "654321" >>/login.txt
db_load -T -t hash -f /login.txt /etc/vsftpd_login.db
chmod 600 /etc/vsftpd_lofgin.db
mkdir /etc/vftp
touch /etc/vftp/tom
echo "local_root=/home/tom" >>/etc/vftp/tom
touch /etc/vftp/jack
echo "local_root=/home/jack" >>/etc/vftp/jack
mkdir /home/tom
mkdir /home/jack
chown virtualuser.virtualuser /home/tom
chown virtualuser.virtualuser /home/jack
chmod 700 /home/tom
chmod 700 /home/jack

service vsftpd start

sleep 1
echo "删除安装临时文件.............."
rm -Rf vsftpd-2.2.2
echo
echo
echo " ------------------- 如需增加新用户,请使用以下命令 -------------------"
echo "|                     echo "用户名" >>/login.txt                       |"
echo "|                     echo "密码" >>/login.txt                         |"
echo "|        db_load -T -t hash -f /login.txt /etc/vsftpd_login.db         |"
echo "|                     touch /etc/vftp/用户名                           |"
echo "|                     mkdir /home/用户名                               |"
echo "|               chown virtualuser.virtualuser /home/用户名             |"
echo "|                     chmod 700 /home/用户名                           |"
echo "|     echo "local_root=/home/用户名" >>/etc/vftp/jack/用户名           |"
echo "|                      service vsftpd start                            |"
echo "|               如需禁用用户,增加用户名到 /etc/ftpusers               |"
echo " -------------------------- vsftpd 安装结束! --------------------------"
sleep 1
较前一vsftpd安装脚本(yum安装)  改了本地用户验证方式,添加用户时不用再向chroot文件添加用户名

具体脚本如下:

#!/bin/bash

echo "--------------------------------vsftpd 自动安装脚本--------------------------------"
yum -y install vsftpd
sed -i 's#anonymous_enable=YES#anonymous_enable=NO#'  /etc/vsftpd/vsftpd.conf
sed -i 's\#ftpd_banner=Welcome to blah FTP service.\ftpd_banner=Welcome to my vsftpd FTP service.\g' /etc/vsftpd/vsftpd.conf
echo "chroot_local_user=YES" >>/etc/vsftpd/vsftpd.conf
mkdir -p /wwwroot/htdocs
groupadd www
useradd www -g www -d /wwwroot/htdocs -s /sbin/nologin
passwd www
chown www.www /wwwroot/htdocs
chkconfig vsftpd on
service vsftpd start
echo "--------------------------------vsftpd 安装说明------------------------------------"
echo "|                                                                                  |"
echo "|               用户为 www 密码为刚才所设 FTP根目录为/wwwroot/htdocs               |"
echo "| 新增用户样例为(新增用户ktm):useradd ktm -g www -d /wwwroot/ktm -s /sbin/nologin  |"
echo "|                              service vsftpd restart                              |"
echo "|                                                                                  |"
echo "--------------------------------vsftpd 安装结束!-----------------------------------"
sleep 2
分页: 1/4 第一页 1 2 3 4 下页 最后页 [ 显示模式: 摘要 | 列表 ]