turn on two virtual machines V2,V3
Installation:
in the Install vsftpd and pam_mysql mysql-devel on V2
Yum Install–y vsftpd Pam_mysql
in the install Mysql-server on V3
Yum Install–y mysql-server
Create a virtual user account:
Service mysqld Start
Mysql
CREATE DATABASE vsftpd;
Use VSFTPD;
GRANT SELECT on vsftpd.* to [e-mail protected]' 172.16.50.2 ' identified by ' Tony ';
FLUSH privileges;
in the V2 on the remote test can be
Mysql-uvsftp-h172.16.50.3–p
SHOW DATABASES;
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6E/C4/wKiom1WGR9SynE2pAACqbKTrpPg075.jpg "title=" 1.png " alt= "Wkiom1wgr9syne2paacqbktrppg075.jpg"/>
can be connected.
in the Create a table on V3
CREATE TABLE users (id INT UNSIGNED notnull auto_increment PRIMARY KEY, name VARCHAR () BINARY not NULL, Passwdchar (48) BINARY not NULL);
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6E/C0/wKioL1WGSaGi_LDVAABY8rAPYpw891.jpg "title=" 2.png " alt= "Wkiol1wgsagi_ldvaaby8rapypw891.jpg"/>
View the Created table
DESC Users
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6E/C4/wKiom1WGR_-SFYkmAACQhcFYu1M291.jpg "title=" 3.png " alt= "Wkiom1wgr_-sfykmaacqhcfyu1m291.jpg"/>
Add a test virtual user
Mysql> INSERT into Users (NAME,PASSWD) VALUES (' Tom ', password (' Tony '));
Mysql> INSERT into Users (NAME,PASSWD) VALUES (' Jerry ', Password (' Tony '));
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6E/C4/wKiom1WGSA7QbQfcAABUsPnVKPQ383.jpg "title=" 4.png " alt= "Wkiom1wgsa7qbqfcaabuspnvkpq383.jpg"/>
View SELECT * from users
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6E/C4/wKiom1WGSB-jBpnGAACGgo4X2JQ245.jpg "title=" 5.png " alt= "Wkiom1wgsb-jbpngaacggo4x2jq245.jpg"/>
in the V2 The required files for PAM certification on the
Vim/etc/pam.d/vsftpd.mysql
Add two lines:
Auth Required pam_mysql.so user=vsftppasswd=tony host=172.16.50.3 db=vsftpd table=users usercolumn=namepasswdcolumn= passwd crypt=0
Account Required pam_mysql.so user=vsftppasswd=tony host=172.16.50.3 db=vsftpd table=users usercolumn= NAMEPASSWDCOLUMN=PASSWD crypt=0
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6E/C0/wKioL1WGSeGBRYutAAB9FN9oT40878.jpg "title=" 6.png " alt= "Wkiol1wgsegbryutaab9fn9ot40878.jpg"/>
Establish a virtual user mapping of the system users and corresponding directories
# useradd-s/sbin/nologin-d/var/ftprootvuser
# chmod Go+rx/var/ftproot
Make sure that the following options are enabled in /etc/vsftpd.conf
Anonymous_enable=yes
Local_enable=yes
Write_enable=yes
Anon_upload_enable=no
Anon_mkdir_write_enable=no
Chroot_local_user=yes
Then add the following options
Guest_enable=yes
Guest_username=vuser
and make sure that the value of the Pam_service_name option is as follows
Pam_service_name=vsftpd.mysql
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6E/C4/wKiom1WGSDiy0oGPAAAulYnP7pU610.jpg "title=" 7.png " alt= "Wkiom1wgsdiy0ogpaaaulynp7pu610.jpg"/>
start the vsftpd service
# service VSFTPD Start
# Chkconfig VSFTPD on
OK It's done.
Configure virtual users to have different access rights
VSFTPD can provide each user with a separate profile in the profile directory to define their FTP service access rights, with each virtual user's profile name and the virtual user's user name. The configuration file directory can be any unused directory, just specify its path and name in vsftpd.conf.
1. Configure vsftpd to use the profile directory for virtual users
# Vim Vsftpd.conf
Add the following options
User_config_dir=/etc/vsftpd/vusers_config
2. Create the required directory and provide the configuration file for the virtual user
# mkdir/etc/vsftpd/vusers_config/
# cd/etc/vsftpd/vusers_config/
# Touch Tom Jerry
3. Configure access rights for virtual users
The virtual user 's access to the VSFTPD service is done through the instructions of the anonymous user. For example, if you need to let Tom users have permission to upload files, you can modify the/etc/vsftpd/vusers_config/tom file, add the following options.
Anon_upload_enable={yes|no}
Anon_mkdir_write_enable={yes|no}
Anon_other_write_enable={yes|no}
Vsftp+pam+mysql (based on different host configurations)