Gentoo安裝配置pure-ftpd結合Mysql權限驗證全過程 一、安裝pure-ftpd服務端 # echo 'net-ftp/pure-ftpd mysql'>>/etc/portage/package.use Gentoo會自動把本機的mysql裝上。 # emerge pure-ftpd www.2cto.com 配置mysql數據庫root的密碼,以及安裝初始化目錄。 我配置的root密碼為root,如果設置為其它的則下面的密碼也需要跟著改 # ebuild /var/db/pkg/dev-db/mysql-5.5.28/mysql-5.5.28.ebuild config 把client這個段的內容修改成如下 ,這是為了方便我們進入mysql數據庫 # vim /etc/mysql/my.cnf [client] user = root password = root host = 127.0.0.1 port = 3306 socket = /var/run/mysqld/mysqld.sock [mysqld] server-id = 220 skip-name-resolve # /etc/init.d/mysql start 二、在Mysql中創建相應的庫和表來存儲用戶權限 www.2cto.com # mysql –A (之前配置my.cnf裡的用戶和密碼就是為了這兒) mysql> CREATE DATABASE IF NOT EXISTS pureftpd; mysql> USE pureftpd; mysql> CREATE TABLE IF NOT EXISTS `ftpd` ( `User` varchar(16) NOT NULL DEFAULT '' COMMENT '用戶名', `status` enum('0','1') NOT NULL DEFAULT '0' COMMENT '可用狀態:0 - 不可用;1 - 正在使用', `Password` varchar(64) NOT NULL DEFAULT '' COMMENT '密碼', `Uid` varchar(11) NOT NULL DEFAULT '-1' COMMENT '用戶ID', `Gid` varchar(11) NOT NULL DEFAULT '-1' COMMENT '組ID', `Dir` varchar(128) NOT NULL DEFAULT '' COMMENT '擁有的權限路徑', `ULBandwidth` smallint(5) NOT NULL DEFAULT '0' COMMENT '上傳帶寬', `DLBandwidth` smallint(5) NOT NULL DEFAULT '0' COMMENT '下載帶寬', `comment` tinytext NOT NULL COMMENT '備注', `ipaccess` varchar(15) NOT NULL DEFAULT '*' COMMENT 'IP地址', `QuotaSize` smallint(5) NOT NULL DEFAULT '0' COMMENT '大小配額', `QuotaFiles` int(11) NOT NULL DEFAULT '0' COMMENT '文件類型配額', PRIMARY KEY (`User`) ) ENGINE=MyISAM DEFAULT CHARSET=gbk COMMENT='ftp用戶名密碼表'; mysql > 添加用戶ftpduser讓它對pureftpd下面的庫有select權限 grant select on pureftpd.* to ftpduser@'%' identified by 'ftpdpassword'; mysql > 添加一條測試數據,等會兒用來登錄 INSERT INTO `ftpd` (`User`, `status`, `Password`, `Uid`, `Gid`, `Dir`, `ULBandwidth`, `DLBandwidth`, `comment`, `ipaccess`, `QuotaSize`, `QuotaFiles`) VALUES ('testuser', '1', md5('testpassword'), '1002', '81', '/var/www', 0, 0, '備注', '*', 0, 0); 三、修改配置文件,使用MYSQL進行權限驗證 # vim /etc/conf.d/pure-ftpd IS_CONFIGURED="yes" SERVER="-S 10.36.32.220,21" MAX_CONN="-c 50" MAX_CONN_IP="-C 20" AUTH="-l mysql:/etc/pureftpd-mysql.conf" MISC_OTHER="-A -H -x -j -R -Z -E -p 50001:59999 -O clf:/var/log/pureftpd/pureftpd.log" # mkdir –p /var/log/pureftpd/ 這裡的MYSQL配置與我們PHP連接MYSQL雷同,需要注意的是MYSQLCrypt 這是指的咱們對用戶密碼的加密方式。 www.2cto.com # vim /etc/pureftpd-mysql.conf MYSQLServer 127.0.0.1 MYSQLPort 3306 MYSQLUser ftpduser MYSQLPassword ftpdpassword MYSQLDatabase pureftpd MYSQLCrypt md5 MYSQLGetPW SELECT Password FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MYSQLGetUID SELECT Uid FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MYSQLGetGID SELECT Gid FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MYSQLGetDir SELECT Dir FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MySQLGetBandwidthUL SELECT ULBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MySQLGetBandwidthDL SELECT DLBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MySQLGetQTASZ SELECT QuotaSize FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") MySQLGetQTAFS SELECT QuotaFiles FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R") 四、添加nfsuser用戶,並修改web目錄的權限,如果沒有就先創建吧 # groupadd apache; useradd nfsuser -u 1002 -g apache -d /dev/null -s /sbin/nologin # mkdir -p /var/www # chown -R nfsuser:apache /var/www 五、啟動pureftpd並用客戶端連接測試 # /etc/init.d/pure-ftpd start
