[CentOS] CentOS for vsftpd with MySQL Virtual user

It's really a big difference to get CentOS from the installation of Ubuntu 12.04.

most of the language, concepts are similar, but there are some differences in the instructions, and Ubuntu has a different place to come out to say otherwise

to make the VSFTPD and MySQL communication must have a value, MySQL plug-ins must be installed

in Ubuntu 12.04 need Libpam-ldap
CentOS 6.3 requires Pam_mysql

vsftpd master configuration Files
/etc/pam.d/vsftpd

crypt=0: PlainText password
crypt=1: Using the Crpyt () function (Encrypt () of the Response SQL table, encrypt () with the machine Salt)
crypt=2: Encrypt with password () function in MySQL
crypt=3: Indicates encryption using MD5 function

using the system and Kit
System:centos 6.3
Software:mysql 5.1, vsftpd 2.2

First, the installation software
1) Use these two software to be sure to install them.
# yum Install vsftpd mysql-server
2) After activating the mysqld, the first time you use MySQL, you must execute the mysqladmin setup password.
#/etc/init.d/mysqld Start
# mysqladmin-u root password ' You root SQL password '

second, set the VSFTPD
1) Create a guest user with MySQL bridge, this account is only used to communicate with MySQL
# useradd-g users-s/sbin/nologin-d/home/vsftpd vsftpd

2) Spare vsftpd.conf avoid setup failure
# cp-v/etc/vsftpd/vsftpd.conf/etc/vsftpd/vsftpd.conf-orig
3) Clear the Setup file
# cat/dev/null >/etc/vsftpd/vsftpd.conf
4) Edit the settings
#vi/etc/vsftpd/vsftpd.conf

5) Content
# No ANONYMOUS users allowed
Anonymous_enable=no
# allow ' local ' users with WRITE permissions (0755)
Local_enable=yes
Write_enable=yes
local_umask=022
Dirmessage_enable=yes
Xferlog_enable=yes

# If you want to LOG VSFTPD activity then uncomment this log_ftp_protocol
# Log_ftp_protocol=yes

Connect_from_port_20=yes

# Uncomment Xferlog_file and Xferlog_std_format if you didn ' T with the line above
# with Log_ftp_protocol-it must is excluding each other
# The name of the log file when Xferlog_enable=yes and Xferlog_std_format=yes
# warning-changing this filename affects/etc/logrotate.d/vsftpd.log
#xferlog_file =/var/log/xferlog
#
# Xferlog_std_format switches between logging into Vsftpd_log_file and xferlog_file files.
# NO writes to Vsftpd_log_file, YES to Xferlog_file
# Xferlog_std_format=yes

#
# You could change the default value of timing out a idle session (in seconds).
#idle_session_timeout =600
#
# The default value for timing out a data connection (in seconds).
#data_connection_timeout =120
#
# define a unique user on your system which the
# FTP Server can use as a totally isolated and unprivileged user.
nopriv_user=vsftpd

Chroot_local_user=yes

Listen=yes

# Here we use the authentication module for VSFTPD to check users name and PASSW
pam_service_name=vsftpd
Userlist_enable=yes
Tcp_wrappers=yes

# If Userlist_deny=yes (default), never allow users in the this file
#/etc/vsftpd/user_list, and do not even prompt for a password.
# Note that the default Vsftpd Pam config also checks/etc/vsftpd/ftpusers
# for users, that is denied.
Userlist_deny=yes

# here the VSFTPD would allow the ' vsftpd ' user-to-login into '/home/vsftpd/$USER directory
Guest_enable=yes
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token= $USER
Virtual_use_local_privs=yes
user_config_dir=/etc/vsftpd/vsftpd_user_conf

Force_local_data_ssl=no
Force_local_logins_ssl=no

# pasv-passive ports for FTP (range 44000-44100; + PASV ports, OPEN FIREWALL for allowing CONNECTIONS
Pasv_enable=yes
pasv_min_port=44000
pasv_max_port=44100

6) Establish VSFTPD's personal settings for virtual user
# mkdir/etc/vsftpd/vsftpd_user_conf

7) Edit personal setup
# Vi/etc/vsftpd/vsftpd_user_conf/user1

8) editing the content
Dirlist_enable=yes
Download_enable=yes
# Full path to the directory where ' user1 ' 'll has access, change to your needs
Local_root=/home/vsftpd/user1
Write_enable=yes

11) VSFTPF setup under PAM.D
# Cp/etc/pam.d/vsftpd/etc/pam.d/vsftpd-orig

12) Clear the setup file
# echo >/ETC/PAM.D/VSFTPD
13) Edit the file and write it into the content
# vi/etc/pam.d/vsftpd
content
#%pam-1.0
Session optional pam_keyinit.so Force revoke
Auth required pam_mysql.so user=vsftpd passwd=vsftpdpasswd host=localhost db=vsftpd table=accounts usercolumn= Username Passwdcolumn=pass crypt=3
Account required pam_mysql.so user=vsftpd passwd=vsftpdpasswd host=localhost db=vsftpd table=accounts usercolumn= Username Passwdcolumn=pass crypt=3

Iii. establishing a Management virtual user db and Table
1) Set the information library name, which is set to VSFTPD
mysql> CREATE DATABASE vsftpd;

2) Set "user" and "password" can manage "vsftpd" This information repository, at the machine side
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP on vsftpd.* to ' username ' @ ' localhost ' identified by ' PA ssWOrd ';

3) Update the information sheet
mysql> FLUSH privileges;
4) Set up the linked fields bits of the information table
mysql> use vsftpd;

mysql> CREATE TABLE ' accounts ' (
' id ' INT not NULL auto_increment PRIMARY KEY,
' username ' VARCHAR (+) not NULL,
' Pass ' VARCHAR (not NULL),
UNIQUE (' username ')
) ENGINE = MYISAM;


5) Establish virtual user and password
mysql> INSERT into accounts (username, pass) VALUES (' User1 ', MD5 (' 123456 '));
mysql> INSERT into accounts (username, pass) VALUES (' Testu ', PASSWORD (' [email protected] ');
6) View the current user
mysql> SELECT * from accounts;

7) Create a catalog of virtual user needs
# Mkdir/home/vsftpd/user1
# chown Vsftpd:users/home/vsftpd/user1

Four, install plug-in
1) Installation and MySQL connection files
http://pkgs.org/centos-6-rhel-6/epel-x86_64/pam_mysql-0.7-0.12.rc1.el6.x86_64.rpm.html
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/pam_mysql-0.7-0.12.rc1.el6.x86_64.rpm

with RPM installed, U-parameters are not installed directly on the software, there is an old version of the auto update for the new version
# RPM-UVH pam_mysql-0.7-0.12.rc1.el6.x86_64.rpm

generally installed in/lib/security/this record, if it is x64 will be under the/lib64/serurity/

2) Install MySQL requires plugin
# yum Install mysql-devel

re-activate service
service mysqld vsftpd Restart

http://rewriterdark.blogspot.tw/2013/01/centos-for-vsftpd-with-mysql-virtual.html