centos6 mysql+vsftp简单
yum install vsftpd pam_mysql mysql mysql-server mysql-devel ftp -y
3、加用户755useradd vsftpdguest
756passwd vsftpdguest
4、设置MYSQL建数据库create database vsftpdvu;
进入use vsftpdvu; 建表create table users(name char(16) binary,passwd char(41) binary);
加入用户insert into users(name,passwd)values (‘admin’,’admin’)
给用户vsftpdgrest加权限 grant select on vsftpdvu.users to vsftpdguest@localhost identified by 'vsftpdguest';
测试一下#mysql -u vsftpdguest –pvsftpdguest
mysql>select * from users;
vi /etc/pam.d/vsftp
auth required pam_mysql.so user=vsftpdguest passwd=vsftpdguest host=localhost db=vsftpdvu table=users usercolumn=name passwdcolumn=passwd crypt=0
account required pam_mysql.so user=vsftpdguest passwd=vsftpdguest host=localhost db=vsftpdvu table=users usercolumn=name passwdcolumn=passwd crypt=0
vi /etc/vsftpd/vsftpd.conf
pam_service_name=vsftpd
tcp_wrappers=YES
guest_enable=YES
guest_username=vsftpdguest
listen=YES
listen_port=21
pasv_min_port=30000
pasv_max_port=30999
virtual_use_local_privs=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
chroot_local_user=YES
#banner_file=/etc/vsftpd/vsftpd_banner_file
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
use_localtime=YES
mkdir vsftpd_user_conf
Vi /etc/vsftpd/vsftpd_user_conf/admin
anon_world_readable_only=no
write_enable=yes
anon_upload_enable=yes
anon_other_write_enable=yes
anon_mkdir_write_enable=YES
local_root=/home/vsftpdguest/admin
Chmod 777 admin
mkdir /home/vsftpdguest/admin
chown vsftpdguest.guest /home/vsftpdguest/admin
Chmod 777 admin
改防火墙
-A INPUT -p tcp --dport 20 -j ACCEPT
-A INPUT -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -ptcp --dport 30000:30999 -j ACCEPT
1、要先安装openldap服务器(略过)
2、下面直接从安装vsftp开始
设置openldap客户端
#yum -y install openldap
#yum -y install openldap-clients
从CA服务器copy过来
# mv ca-bundle.crt /etc/openldap/certs/
# vi /etc/openldap/ldap.conf
TLS_REQCERT allow
TLS_CACERTDIR /etc/openldap/cacerts
URI ldaps://ldap.testhome.com
BASE dc=testhome,dc=com
验证一下
#ping ldap.testhome.com
# ldapsearch -x
#ldapsearch -x -b "testhome.com"
#yum -y install vsftp
#useradd vsftpdguest
#passwd vsftpdguest
#vi /etc/pam.d/vsftpd
auth required /lib64/security/pam_ldap.so
account required /lib64/security/pam_ldap.so
password required /lib64/security/pam_ldap.so
session required /lib64/security/pam_ldap.so
要有pam_ldap.so文件存在
#vi /etc/vsftpd/vsftpd.conf
pam_service_name=vsftpd
tcp_wrappers=YES
guest_enable=YES
guest_username=vsftpdguest
listen=YES
listen_port=21
pasv_min_port=30000
pasv_max_port=30999
virtual_use_local_privs=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=YES
user_config_dir=/etc/vsftpd/vsftpd_user_conf
chroot_local_user=YES
#banner_file=/etc/vsftpd/vsftpd_banner_file
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
use_localtime=YES
#chkconfig vsftpd on
# service vsftpd restart 楼主真大神!
页:
1
[2]