pam_mysql怎么用_vsftpd+pam_mysql+mysql安装配置教程
vsftpd+pam_mysql+mysql安装配置教程。
RH9.0上实现,转载请保留作者信息,谢谢!
一、安装相关软件包 mysql-5.0.41 pam_mysql-0.7RC1 vsftpd-2.0.5 openssl-0.98e
1.安装mysql-5.0.41
#groupadd mysql #useradd -g mysql -s /sbin/nologin -M mysql #tar zxvf mysql-5.0.41.tar.gz #cd mysql-5.0.41 #./configure –prefix=/usr/local/mysql –sysconfdir=/etc –enable-thread-safe-client –enable-local-infile –with-charset=gbk –with-extra-charset=all –with-low-memory #make #make install #cp support-files/my-medium.cnf /etc/my.cnf #cd /usr/local/mysql #chgrp -R mysql . #bin/mysql_install_db –user=mysql #chown -R root . #chown -R mysql var #bin/mysqld_safe –user=mysql & #cd /usr/local/src/mysql-5.0.41 #cp support/mysql.server /etc/rc.d/init.d/mysqld #chmod 700 /etc/rc.d/init.d/mysqld #chkconfig –add mysqld #chkconfig –level 345 mysqld on
测试 #/usr/local/mysql/bin/mysqladmin ping #/usr/local/mysql/bin/mysqladmin version #/usr/local/mysql/bin/mysql
添加root密码 #/usr/local/mysql/bin/mysqladmin -uroot -p 旧密码 password ‘新密码’
修改库文件的搜索路径 #vi /etc/ld.so.conf 添加如下条目: /usr/local/mysql/lib/mysql
增加库文件及头文件的链接 ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql ln -s /usr/local/mysql/include/mysql /usr/include/mysql
2.安装openssl-0.9.8e #tar zxvf openssl-0.9.8e.tar.gz #cd openssl-0.9.8e #./config shared zlib #make
#make test #make install mv /usr/bin/openssl /usr/bin/openssl.OFF mv /usr/include/openssl /usr/include/openssl.OFF ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl ln -s /usr/local/ssl/include/openssl /usr/include/openssl
配置库文件搜索路径 #echo “/usr/local/ssl/lib” >> /etc/ld.so.conf #ldconfig -v
3.安装pam_mysql-0.7RC1
#tar zxvf pam_mysql-0.7RC1.tar.gz #cd pam_mysql-0.7RC1 #./configure –with-mysql=/usr/local/mysql –with-openssl=/usr/local/ssl #make #make install #cp /usr/lib/security/pam_mysql.so /lib/security/
4.安装vsftpd-2.0.5 #mkdir -pv /usr/share/empty /var/ftp #useradd -s /bin/false -d /var/ftp ftp #tar xzvf vsftpd-2.0.5.tar.gz #cd vsftpd-2.0.5 #make #make install
安装配置文件 #cp vsftpd.conf /etc
编辑配置文件/etc/vsftpd.conf 添加:listen=YES
启动服务器 #/usr/local/sbin/vsftpd &
#chmod og-w /var/ftp
二、配置
1.准备数据库及相关表
在此,我们建立名为vsftp的数据库来存放相关虚拟用户的帐号
mysql> create database vsftp;
mysql> grant select on vsftp.* to vsftpd@localhost identified by ’123456′; mysql> grant select on vsftp.* to [email protected] identified by ’123456′;
mysql> use vsftp; mysql> create table users ( -> id int AUTO_INCREMENT NOT NULL, -> name char(20) binary NOT NULL, -> passwd char(48) binary NOT NULL, -> primary key(id) -> );
添加测试的虚拟用户,其密码采取加密存放的方式
mysql> insert into users(name,passwd) values(‘benet’,password(’123456′)); mysql> insert into users(name,passwd) values(‘aptech’,password(’123456′));
查看结果 mysql> select * from users; +—-+———–+—————————————————————————-+ | id | name | passwd | +—-+———–+—————————————————————————-+ | 1 | benet | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | | 2 | aptech | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
+—-+———–+—————————————————————————-+ 3 rows in set (0.00 sec)
2.建立pam认证所需文件
#vi /etc/pam.d/vsftp.mysql 添加如下两行 auth required /lib/security/pam_mysql.so user=vsftpd passwd=123456 host=localhost db=vsftp table=users
usercolumn=name passwdcolumn=passwd crypt=2 account required /lib/security/pam_mysql.so user=vsftpd passwd=123456 host=localhost db=vsftp table=users
usercolumn=name passwdcolumn=passwd crypt=2
3.修改vsftpd的配置文件,使其适应mysql认证
建立虚拟用户映射的系统用户及对应的目录 #useradd -s /sbin/nologin -d /var/ftp2 vsftp #chmod go+rx /var/ftp2
请确保/etc/vsftpd.conf中已经启用了以下选项 anonymous_enable=YES local_enable=YES write_enable=YES anon_upload_enable=NO anon_mkdir_write_enable=NO chroot_local_user=YES
添加以下选项 guest_enable=YES guest_username=vsftp listen=YES pam_service_name=vsftpd.mysql
三、启动vsftpd服务
#/usr/local/sbin/vsftpd &
查看端口开启情况
# netstat -tnlp |grep :21 tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 23286/vsftpd
使用虚拟用户登录,验正配置结果,以下为本机的命令方式测试,你也可以在其它Win Box上用IE或者FTP客户端工具登录验正 # ftp localhost Connected to localhost (127.0.0.1). 220 (vsFTPd 2.0.5) Name (localhost:root): benet 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (127,0,0,1,235,31) 150 Here comes the directory listing. -rw-r–r– 1 0 0 155985 Jun 06 07:16 vsftpd-2.0.5.tar.gz 226 Directory send OK.