Proftpd+mysql
Proftpd+mysql
一、下载proftpd
二、安装mysql
[root@localhostmedia]# tar-zxvf mysql-5.0.75.tar.gz -C /usr/local/src/
[root@localhostmedia]# cd/usr/local/src/mysql-5.0.75/
[[email protected]]# useradd -M -s /sbin/nologin mysql
[[email protected]]# yum -y installlibtermcap-devel
[[email protected]]#./configure--prefix=/usr/local/mysql --with-mysqld-user=mysql--with-extra-charsets=all
[[email protected]]# make
[[email protected]]# make install
[[email protected]]# cp support-files/my-medium.cnf /etc/my.cnf
[[email protected]]#/usr/local/mysql/bin/mysql_install_db --user=mysql
[[email protected]]# chown -R root:mysql /usr/local/mysql/
[[email protected]]# chown -R mysql /usr/local/mysql/var/
[[email protected]]# echo "/usr/local/mysql/lib/mysql" >>/etc/ld.so.conf
[[email protected]]# ldconfig
[[email protected]]#/usr/local/mysql/bin/mysqld_safe --user=mysql&
[[email protected]]# ps -e| grep mysql 验证是否成功开启
mysql1664pts/2 00:00:00 mysqld_safe1690pts/2 00:00:00 mysqld
[[email protected]]# netstat -ntulp| grep mysql
tcp 0 00.0.0.0:3306 0.0.0.0:* LISTEN 1690/mysqld
[[email protected]]# cp support-files/mysql.server /etc/init.d/mysqld
[[email protected]]# chmod +x /etc/init.d/mysqld
[[email protected]]# chkconfig --add mysqld
[[email protected]]# chkconfig mysqld on
[[email protected]]# export PATH=$PATH:/usr/local/mysql/bin/
[[email protected]]# echo"PATH=$PATH:/usr/local/mysql/bin/" >>/etc/profile
[[email protected]]# mysqladmin -u root password123456 //修改mysql密码
三、安装proftpd
[[email protected]]# tar xvzf proftpd-1.3.4b.tar.gz
[[email protected]]# cd proftpd-1.3.4b
[[email protected]]#./configure--prefix=/usr/local/proftpd --with-modules=mod_sql:mod_sql_mysql --with-includes=/usr/local/mysql/include/mysql --with-libraries=/usr/local/mysql/lib/mysql
[[email protected]]# make && make install
#显示安装后模块的信息
[root@localhostetc]# /usr/local/proftpd/sbin/proftpd -l
四、修改proftpd配置文件
ServerName "FTPServer"
ServerTypestandalone
DefaultServeron
ServerIdentoff
#Port 21 is the standard FTP port.
Port21
#Umask 022 is a good standard umask to prevent new dirs and files
#from being group and world writable.
Umask022
MaxLoginAttempts3
TimeoutLogin120
TimeoutIdle600
TimeoutNoTransfer900
TimeoutStalled3600
MaxClients100
MaxClientsPerHost5
AllowOverwriteno
AllowStoreRestarton
UseReverseDNSoff
#指定是否必须为FTP用户指定一个系统shell,off表示不用指定,on表示必须指定。为了系统安全应该指定为off。
RequireValidShelloff
# 将用户限制在自己的主目录下
#DefaultRoot~
# Toprevent DoS attacks, set the maximum number of child processes
# to30. If you need to allow more than 30concurrent connections
# atonce, simply increase this value. Notethat this ONLY works
# instandalone mode, in inetd mode you should use an inetd server
#that allows you to limit maximum number of processes per service
#(such as xinetd).
MaxInstances 30
#Set the user and group under which the server will run.
User ftpuser
Group ftpgroup
#Bar use of SITE CHMOD by default
DenyAll
DefaultRoot~
#Backend表示用户认证方式为MySQL数据库的认证方式
#Plaintext表示明文认证方式,排在最前面的为最先使用的方式
SQLAuthTypesPlaintext Crypt
#校验数据表
SQLAuthenticateusers* groups*
SQLConnectInfoproftpd@localhost ftp 123
#指定ftp用户数据表的名字和其中的字段名,表名可自行定义,字段名不要改动。
SQLUserInfoftpuser userid passwd uid gid homedir shell
#指定ftp用户组数据表的名字和其中的字段名,这个数据表是可选的,字段名不要改动。
SQLGroupInfoftpgroup groupname gid members
SQLMinID500
#用户登录欢迎窗口中显示登录用户已访问次数
SQLLogPASS updatecount
SQLNamedQueryupdatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'"ftpuser
SQLLogSTOR,DELE modified
SQLNamedQuerymodified UPDATE "modified=now() WHERE userid='%u'" ftpuser
#是否显示欢迎信息
DeferWelcome on
#是否允许root用户登录,off为不允许
RootLoginoff
#指定是否必须为FTP用户指定一个系统shell,off表示不用指定,on表示必须指定。为了系统安全应该指定为off。
RequireValidShelloff
AllowAll
AllowAll
DenyAll
DenyAll
AllowAll
SyslogLevelemerg
SystemLog/var/log/proftpd.system.log
TransferLog/var/log/proftpd.xferlog# Some logging formats
#
LogFormatdefault “%h%l %u %t \”%r\” %s %b”
LogFormatauth “%v[%P] %h %t \”%r\” %s”
LogFormatwrite “%h%l %u %t \”%r\” %s %b”# Lo
ExtendedLog/var/log/proftpd.access_log WRITE,READ write
ExtendedLog/var/log/proftpd.auth_log AUTH auth
ExtendedLog/var/log/proftpd.paranoid_log ALL defaul
五、创建mysql数据库
1、创建proftpd数据库:
Mysql>CREATE DATABASE proftpd;
2、建立一个访问proftpd库用户:ftp
mysql>grant all privileges on proftpd.* to ftp@"localhost" identified by"123";
3.建立组验证表
mysql>CREATE TABLE `ftpgroup` ( `groupname`varchar(16) NOT NULL default '', `gid`smallint(6) NOT NULL default '1000', `members` varchar(16) NOT NULL default '', KEY `groupname` (`groupname`) );
mysql> INSERT INTO `ftpgroup` VALUES ('ftpgroup',1000,'ftpuser');
4.建立用户验证表:
mysql>CREATE TABLE `ftpuser` ( `id` int(10)unsigned NOT NULL auto_increment, `userid` varchar(32) NOT NULL default '', `passwd` varchar(32) NOT NULL default'', `uid` smallint(6) NOT NULL default'1000', `gid` smallint(6) NOT NULLdefault '1000', `homedir` varchar(255)NOT NULL default '', `shell` varchar(16)NOT NULL default '/sbin/nologin', `count` int(11) NOT NULL default '0', `accessed` datetime NOT NULL default '0000-00-00 00:00:00', `modified` datetime NOT NULL default'0000-00-00 00:00:00', PRIMARY KEY(`id`) );
mysql>INSERT INTO ftpuser (userid, passwd, uid, gid, homedir, shell) VALUES ('ftpuser', 'ftppasswd', 1000, 1000,'/tony','/sbin/nologin');
六、为ftp用户创建相应的系统用户
先建立FTPGRP组:
[root@localhost ~]# groupadd -g 1000 -rftpgroup
建立FTPUSR用户:
adduser –u 1000 –g 1000 –d /home/FTP –s /sbin/nologin –r ftpuser
七、设置启动脚本,并且注册系统服务
#!/bin/bash
FTPD_BIN=/usr/local/proftpd/sbin/proftpd
FTPD_CONF=/usr/local/proftpd/etc/proftpd.conf
PIDFILE=/usr/local/proftpd/var/proftpd.pid
if [ -f $PIDFILE ]; then
pid=`cat $PIDFILE`
fi
if [ ! -x $FTPD_BIN ];then
echo "$0: $FTPD_BIN:cannot execute"
exit 1
fi
case $1 in
start)
if [ -n "$pid" ];then
echo "$0: proftpd [PID$pid] already running"
exit
fi
if [ -r $FTPD_CONF ];then
echo "Startingproftpd..."
$FTPD_BIN -c $FTPD_CONF
else
echo "$0: cannot startproftpd -- $FTPD_CONF missing"
fi
;;
stop)
if [ -n "$pid" ];then
echo "Stoppingproftpd..."
kill -TERM $pid
else
echo "$0: proftpd notrunning"
exit 1
fi
;;
restart)
if [ -n "$pid" ];then
echo "Rehashing proftpdconfiguration"
kill -HUP $pid
else
echo "$0: proftpd notrunning"
exit 1
fi
;;
*)
echo "usage: $0{start|stop|restart}"
exit 1
;;
esac
exit 0
[root@localhost~]# chmod +x/etc/init.d/proftpd
[root@localhost~]# chkconfig--add proftpd
[root@localhost~]# chkconfig --levels 2345 proftpd on
八、测试
九、Proftpd的权限都需要设置和限制
ProFTPD是继Wu-FTP之后最为流行的FTP服务器软件。Proftpd的权限都需要设置和限制,来看看我是如何限制的!
CMD:Change Working Directory 改变目录
CDUP/XCUP: change to parent directory 即CD ..
CWD/XCWD:change working directory 即CD
MKD/XMKD:MaKe Directory 建立目录的权限
RNFR/RNTO: rename from/rename to一般在一起用
DELE:DELEte 删除文件的权限
RMD/XRMD:ReMove Directory 删除空目录的权限
RETR:RETRieve 从服务端下载到客户端的权限
STOR: store 上传存在则覆盖
STOU: store unique 上传并随机生成文件名存储
APPE: append 续上传不存在则新建
ALLO: allocate 请求服务器磁盘空间
REST: restart 重新开始(必须后跟RETR,STOR,APPE)
READ:可读的权限,不包括列目录的权限,相当于RETR,STAT等
WRITE:写文件或者目录的权限,包括MKD和RMD
DIRS:是否允许列目录,相当于LIST,NLST等权限,还是比较实用的
ALL:所有权限
LOGIN:是否允许登陆的权限
针对上面这个Limit所应用的对象,又包括以下范围
AllowUser针对某个用户允许的Limit
DenyUser针对某个用户禁止的Limit
AllowGroup针对某个用户组允许的Limit
DenyGroup针对某个用户组禁止的Limit
AllowAll针对所有用户组允许的Limit
DenyAll针对所有用户禁止的Limit
十、设置欢迎信息
十一、phpMyAdmin管理mysql 以数据库的账号密码登录
[root@localhost media]# tar-zxvfphpMyAdmin-3.3.1-all-languages.tar.gz
[root@localhost media]# cd /usr/local/apache2/htdocs
[root@localhost google]# mv phpMyAdmin-3.3.1-all-languages/ phpMyAdmin
[root@localhost google]# cd phpMyAdmin/
[root@localhost phpMyAdmin]# cp config.sample.inc.php config.inc.php
十二、存在问题查看方法
错误一、
[root@ftp-server log]# ftp 127.0.0.1
Connected to 127.0.0.1.
220 220.181.187.158 FTP server ready
500 AUTH not understood
500 AUTH not understood
KERBEROS_V4 rejected as an authentication type
Name (127.0.0.1:root): ipg
331 Password required for ipg
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
执行如下命令查看在密码验证的时候发生了什么错误
./proftpd -nd 9