请教：pureftpd+mysql创建虚拟用户无法登陆？

zhxd

好久没弄linux了，今天在虚拟机上装了centos5.4，再装上pureftpd+mysql+pureftpd_php_manager，但是通过webpureftpd创建的用户无法进行登陆，总提示：530 Login authentication failed。
在网上搜了很多，都没有正确的解决。。。。
我的pure-ftpd.conf文件内容如下：

1. ChrootEveryone              yes
   
2. 
   
3. # If the previous option is set to "no", members of the following group
   
4. # won't be caged. Others will be. If you don't want chroot()ing anyone,
   
5. # just comment out ChrootEveryone and TrustedGID.
   
6. 
   
7. TrustedGID                    100
   
8. 
   
9. 
   
10. # Turn on compatibility hacks for broken clients
    
11. 
    
12. BrokenClientsCompatibility  no
    
13. 
    
14. 
    
15. # Maximum number of simultaneous users
    
16. 
    
17. MaxClientsNumber            50
    
18. 
    
19. 
    
20. # Fork in background
    
21. 
    
22. Daemonize                   yes
    
23. 
    
24. 
    
25. # Maximum number of sim clients with the same IP address
    
26. 
    
27. MaxClientsPerIP             8
    
28. 
    
29. # If you want to log all client commands, set this to "yes".
    
30. # This directive can be duplicated to also log server responses.
    
31. 
    
32. VerboseLog                  no
    
33. 
    
34. 
    
35. # List dot-files even when the client doesn't send "-a".
    
36. 
    
37. DisplayDotFiles             yes
    
38. 
    
39. 
    
40. # Don't allow authenticated users - have a public anonymous FTP only.
    
41. 
    
42. AnonymousOnly               no
    
43. 
    
44. 
    
45. # Disallow anonymous connections. Only allow authenticated users.
    
46. 
    
47. NoAnonymous                 no
    
48. 
    
49. 
    
50. # Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
    
51. # The default facility is "ftp". "none" disables logging.
    
52. 
    
53. SyslogFacility              ftp
    
54. 
    
55. 
    
56. # Display fortune cookies
    
57. 
    
58. # FortunesFile              /usr/share/fortune/zippy
    
59. 
    
60. 
    
61. # Don't resolve host names in log files. Logs are less verbose, but
    
62. # it uses less bandwidth. Set this to "yes" on very busy servers or
    
63. # if you don't have a working DNS.
    
64. 
    
65. DontResolve                 yes
    
66. 
    
67. 
    
68. # Maximum idle time in minutes (default = 15 minutes)
    
69. 
    
70. MaxIdleTime                 15
    
71. 
    
72. 
    
73. # LDAP configuration file (see README.LDAP)
    
74. 
    
75. # LDAPConfigFile                /etc/pure-ftpd/pureftpd-ldap.conf
    
76. 
    
77. 
    
78. # MySQL configuration file (see README.MySQL)
    
79. 
    
80. MySQLConfigFile               /etc/pure-ftpd/pureftpd-mysql.conf
    
81. 
    
82. 
    
83. # Postgres configuration file (see README.PGSQL)
    
84. 
    
85. # PGSQLConfigFile               /etc/pure-ftpd/pureftpd-pgsql.conf
    
86. 
    
87. # PureDB user database (see README.Virtual-Users)
    
88. 
    
89. # PureDB                        /etc/pure-ftpd/pureftpd.pdb
    
90. 
    
91. # Path to pure-authd socket (see README.Authentication-Modules)
    
92. 
    
93. # ExtAuth                       /var/run/ftpd.sock
    
94. 
    
95. 
    
96. # If you want to enable PAM authentication, uncomment the following line
    
97. 
    
98. PAMAuthentication             yes
    
99. 
    
100. 
     
101. # If you want simple Unix (/etc/passwd) authentication, uncomment this
     
102. 
     
103. # UnixAuthentication            yes
     
104. 
     
105. 
     
106. # Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and
     
107. # UnixAuthentication can be used only once, but they can be combined
     
108. # together. For instance, if you use MySQLConfigFile, then UnixAuthentication,
     
109. # the SQL server will be asked. If the SQL authentication fails because the
     
110. # user wasn't found, another try # will be done with /etc/passwd and
     
111. # /etc/shadow. If the SQL authentication fails because the password was wrong,
     
112. # the authentication chain stops here. Authentication methods are chained in
     
113. # the order they are given.
     
114. 
     
115. 
     
116. # 'ls' recursion limits. The first argument is the maximum number of
     
117. # files to be displayed. The second one is the max subdirectories depth
     
118. 
     
119. LimitRecursion              7500 8
     
120. 
     
121. # Are anonymous users allowed to create new directories ?
     
122. 
     
123. AnonymousCanCreateDirs      no
     
124. 
     
125. 
     
126. # If the system is more loaded than the following value,
     
127. # anonymous users aren't allowed to download.
     
128. 
     
129. MaxLoad                     4
     
130. 
     
131. # Port range for passive connections replies. - for firewalling.
     
132. 
     
133. # PassivePortRange          30000 50000
     
134. 
     
135. # Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
     
136. # Symbolic host names are also accepted for gateways with dynamic IP
     
137. # addresses.
     
138. 
     
139. # ForcePassiveIP                192.168.0.1
     
140. 
     
141. # Upload/download ratio for anonymous users.
     
142. 
     
143. # AnonymousRatio                1 10
     
144. 
     
145. 
     
146. 
     
147. # Upload/download ratio for all users.
     
148. # This directive superscedes the previous one.
     
149. 
     
150. # UserRatio                 1 10
     
151. 
     
152. 
     
153. # Disallow downloading of files owned by "ftp", ie.
     
154. # files that were uploaded but not validated by a local admin.
     
155. 
     
156. AntiWarez                   yes
     
157. 
     
158. 
     
159. # IP address/port to listen to (default=all IP and port 21).
     
160. 
     
161. Bind                      127.0.0.1,21
     
162. 
     
163. 
     
164. 
     
165. # Maximum bandwidth for anonymous users in KB/s
     
166. 
     
167. # AnonymousBandwidth            8
     
168. 
     
169. # Maximum bandwidth for *all* users (including anonymous) in KB/s
     
170. # Use AnonymousBandwidth *or* UserBandwidth, both makes no sense.
     
171. 
     
172. # UserBandwidth             8
     
173. 
     
174. 
     
175. # File creation mask. <umask for files>:<umask for dirs> .
     
176. # 177:077 if you feel paranoid.
     
177. 
     
178. Umask                       133:022
     
179. 
     
180. 
     
181. # Minimum UID for an authenticated user to log in.
     
182. 
     
183. MinUID                      500
     
184. 
     
185. 
     
186. # Do not use the /etc/ftpusers file to disable accounts. We're already
     
187. # using MinUID to block users with uid < 500
     
188. 
     
189. UseFtpUsers no
     
190. 
     
191. 
     
192. # Allow FXP transfers for authenticated users.
     
193. 
     
194. AllowUserFXP                yes
     
195. 
     
196. # Allow anonymous FXP for anonymous and non-anonymous users.
     
197. 
     
198. AllowAnonymousFXP           no
     
199. 
     
200. # Users can't delete/write files beginning with a dot ('.')
     
201. # even if they own them. If TrustedGID is enabled, this group
     
202. # will have access to dot-files, though.
     
203. 
     
204. ProhibitDotFilesWrite       no
     
205. 
     
206. 
     
207. # Prohibit *reading* of files beginning with a dot (.history, .ssh...)
     
208. 
     
209. ProhibitDotFilesRead        no
     
210. 
     
211. # Never overwrite files. When a file whoose name already exist is uploaded,
     
212. # it get automatically renamed to file.1, file.2, file.3, ...
     
213. 
     
214. AutoRename                  no
     
215. 
     
216. 
     
217. # Disallow anonymous users to upload new files (no = upload is allowed)
     
218. 
     
219. AnonymousCantUpload         yes
     
220. 
     
221. # Only connections to this specific IP address are allowed to be
     
222. # non-anonymous. You can use this directive to open several public IPs for
     
223. # anonymous FTP, and keep a private firewalled IP for remote administration.
     
224. # You can also only allow a non-routable local IP (like 10.x.x.x) to
     
225. # authenticate, and keep a public anon-only FTP server on another IP.
     
226. 
     
227. #TrustedIP                  10.1.1.1
     
228. 
     
229. 
     
230. # If you want to add the PID to every logged line, uncomment the following
     
231. # line.
     
232. 
     
233. #LogPID                     yes
     
234. 
     
235. 
     
236. # Create an additional log file with transfers logged in a Apache-like format :
     
237. # fw.c9x.org - jedi [13/Dec/1975:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
     
238. # This log file can then be processed by www traffic analyzers.
     
239. 
     
240. AltLog                     clf:/var/log/pureftpd.log
     
241. 
     
242. 
     
243. # Create an additional log file with transfers logged in a format optimized
     
244. # for statistic reports.
     
245. 
     
246. # AltLog                     stats:/var/log/pureftpd.log
     
247. 
     
248. 
     
249. # Create an additional log file with transfers logged in the standard W3C
     
250. # format (compatible with most commercial log analyzers)
     
251. 
     
252. # AltLog                     w3c:/var/log/pureftpd.log
     
253. 
     
254. 
     
255. # Disallow the CHMOD command. Users can't change perms of their files.
     
256. 
     
257. #NoChmod                     yes
     
258. 
     
259. 
     
260. # Allow users to resume and upload files, but *NOT* to delete them.
     
261. 
     
262. KeepAllFiles                yes
     
263. 
     
264. 
     
265. # Automatically create home directories if they are missing
     
266. 
     
267. CreateHomeDir               yes
     
268. 
     
269. # Enable virtual quotas. The first number is the max number of files.
     
270. # The second number is the max size of megabytes.
     
271. # So 1000:10 limits every user to 1000 files and 10 Mb.
     
272. 
     
273. #Quota                       1000:10
     
274. 
     
275. 
     
276. # If your pure-ftpd has been compiled with standalone support, you can change
     
277. # the location of the pid file. The default is /var/run/pure-ftpd.pid
     
278. 
     
279. PIDFile                     /var/run/pure-ftpd.pid
     
280. 
     
281. # If your pure-ftpd has been compiled with pure-uploadscript support,
     
282. # this will make pure-ftpd write info about new uploads to
     
283. # /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
     
284. # spawn a script to handle the upload.
     
285. 
     
286. #CallUploadScript yes
     
287. 
     
288. # This option is useful with servers where anonymous upload is
     
289. # allowed. As /var/ftp is in /var, it save some space and protect
     
290. # the log files. When the partition is more that X percent full,
     
291. # new uploads are disallowed.
     
292. 
     
293. MaxDiskUsage               99
     
294. 
     
295. 
     
296. # Set to 'yes' if you don't want your users to rename files.
     
297. 
     
298. #NoRename                  yes
     
299. 
     
300. 
     
301. 
     
302. # Be 'customer proof' : workaround against common customer mistakes like
     
303. # 'chmod 0 public_html', that are valid, but that could cause ignorant
     
304. # customers to lock their files, and then keep your technical support busy
     
305. # with silly issues. If you're sure all your users have some basic Unix
     
306. # knowledge, this feature is useless. If you're a hosting service, enable it.
     
307. 
     
308. CustomerProof              yes
     
309. 
     
310. 
     
311. 
     
312. # Per-user concurrency limits. It will only work if the FTP server has
     
313. # been compiled with --with-peruserlimits (and this is the case on
     
314. # most binary distributions) .
     
315. # The format is : <max sessions per user>:<max anonymous sessions>
     
316. # For instance, 3:20 means that the same authenticated user can have 3 active
     
317. # sessions max. And there are 20 anonymous sessions max.
     
318. 
     
319. # PerUserLimits            3:20
     
320. 
     
321. 
     
322. 
     
323. # When a file is uploaded and there is already a previous version of the file
     
324. # with the same name, the old file will neither get removed nor truncated.
     
325. # Upload will take place in a temporary file and once the upload is complete,
     
326. # the switch to the new version will be atomic. For instance, when a large PHP
     
327. # script is being uploaded, the web server will still serve the old version and
     
328. # immediatly switch to the new one as soon as the full file will have been
     
329. # transfered. This option is incompatible with virtual quotas.
     
330. 
     
331. # NoTruncate               yes
     
332. 
     
333. 
     
334. 
     
335. # This option can accept three values :
     
336. # 0 : disable SSL/TLS encryption layer (default).
     
337. # 1 : accept both traditional and encrypted sessions.
     
338. # 2 : refuse connections that don't use SSL/TLS security mechanisms,
     
339. #     including anonymous sessions.
     
340. # Do _not_ uncomment this blindly. Be sure that :
     
341. # 1) Your server has been compiled with SSL/TLS support (--with-tls),
     
342. # 2) A valid certificate is in place,
     
343. # 3) Only compatible clients will log in.
     
344. 
     
345. # TLS                      1
     
346. 
     
347. 
     
348. 
     
349. # Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
     
350. # By default, both IPv4 and IPv6 are enabled.
     
351. 
     
352. # IPV4Only                 yes
     
353. 
     
354. 
     
355. 
     
356. # Listen only to IPv6 addresses in standalone mode (ie. disable IPv4)
     
357. # By default, both IPv4 and IPv6 are enabled.
     
358. 
     
359. # IPV6Only                 yes
     
360. 
     
361. # UTF-8 support for file names (RFC 2640)
     
362. # Define charset of the server filesystem and optionnally the default charset
     
363. # for remote clients if they don't use UTF-8.
     
364. # Works only if pure-ftpd has been compiled with --with-rfc2640
     
365. 
     
366. # FileSystemCharset        big5
     
367. # ClientCharset                big5

复制代码

查看系统日志：

1. Nov 29 17:33:02 CentOS pure-ftpd: (?@192.168.80.198) [INFO] Logout.
   
2. Nov 29 17:33:02 CentOS pure-ftpd: (?@192.168.80.198) [INFO] New connection from 192.168.80.198
   
3. Nov 29 17:33:03 CentOS pure-ftpd: (?@192.168.80.198) [ERROR] The SQL server seems to be down [Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)]
   
4. Nov 29 17:33:05 CentOS pure-ftpd: (?@192.168.80.198) [WARNING] Authentication failed for user [a]
   
5. Nov 29 17:33:25 CentOS pure-ftpd: (?@192.168.80.198) [INFO] Logout.
   
6. Nov 29 17:33:26 CentOS pure-ftpd: (?@192.168.80.198) [INFO] New connection from 192.168.80.198
   
7. Nov 29 17:33:27 CentOS pure-ftpd: (?@192.168.80.198) [ERROR] The SQL server seems to be down [Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)]
   
8. Nov 29 17:33:29 CentOS pure-ftpd: (?@192.168.80.198) [WARNING] Authentication failed for user [abc]
   
9. [root@CentOS ftpdir]#

复制代码

通过phpmyadmin查看到通过pureftpd_php_manager添加的帐号已经进了数据库里去了。
不知道是哪里的问题，还请遇到过的朋友发表一下见解。
---------------------------------------------------------------------------------------------------------------------------------------------------

搞定了，原来是因为通过pureftpd_php_manager添加的FTP帐号没有对密码进行MD5加密所造成的，通过phpmyadmin登陆进去，将相关帐号的密码再执行一次MD5加密，就可以正常登陆了。

但有一点想不明白，pureftpd里面设置的是要对所添加的帐号的密码进行MD5加密，为什么pureftpd_php_manager添加了以后却没有进行加密呢？（截图见附件。为方便测试，其中帐号user，密码也是user，在pureftpd_php_manager添加时，密码显示的为明文，在phpmyadmin后台里面显示的也是明文，就因为没有加密，而帐号在登陆时，系统却以为已经进行过MD5加密过，所以造成登陆不进去的情况。附件中图1前两个用户是我手工在phpmyadmin里将用户密码进行MD5加密的，可以正常登陆；图2为phpmyadmin所显示的，进去时varchar(64)那里什么也没选，“MD5”是我手工选择的。）

不知道哪位朋友解决过这个问题。

[ 本帖最后由 zhxd 于 2009-11-29 22:09 编辑 ]