Lamp Modular +vsftd+samba

The leader looked after, said you also try PHP and FTP on the same machine, and give you a machine to do samba and FTP to let people put a bit of information, at the same time I would like you to learn more about the basic meaning of the VFTPD configuration file, when sharing the leadership and special posts are written permission.

650) this.width=650; "title=" image "style=" border-left-0px; border-right-width:0px; Background-image:none; border-bottom-width:0px; padding-top:0px; padding-left:0px; padding-right:0px; border-top-width:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M00/75/4F/ Wkiom1y12u7iijutaabegm6vqkg461.jpg "width=" "height="/>

One, modular lamp

1. Install LIBXML2 Support Library:

Yum install-y libxml2-devel Support Library

2. Backup httpd.conf Files:

Cp/etc/httpd24/httpd.conf/etc/httpd24/httpd.bak.conf

3. Download and compile PHP

Cd/usr/local/download

[Email protected] download]# wget http://au2.php.net/get/php-5.5.30.tar.gz/from/this/mirror

./configure--with-apxs2=/usr/local/apache/bin/apxs--PREFIX=/USR/LOCAL/PHP5--with-config-file-path=/usr/local/ PHP5--enable-sockets--enable-mbstring--with-mysql=mysqlnd--with-mysqli=mysqlnd--with-pdo-mysql=mysqlnd

Make && make install

[email protected] php-5.5.30]# CP Php.ini-production/etc/php.ini

4. Compiling httpd files

Vim/etc/httpd24/httpd.conf

DocumentRoot "/web/myadmin" to turn on the primary server

<directory "/web/myadmin" >

Options Indexes followsymlinks Change to none based on security considerations

AllowOverride None does not allow overwriting

Require all granted allow all hosts to access files under this document

</Directory>

#Include/etc/httpd24/extra/httpd-vhosts.conf shut down the virtual host

#LoadModule proxy_module modules/mod_proxy.so Close the proxy module

#LoadModule proxy_fcgi_module Modules/mod_proxy_fcgi.sodule Close the fcgi proxy module

AddType application/x-httpd-php. PHP Validation supports PHP file types
AddType Application/x-httpd-php-source. Phps

<ifmodule dir_module>
DirectoryIndex index.php index.html confirm PHP Index
</IfModule>
5. phpMyAdmin Configuration

Cd/web/myadmin

[email protected] myadmin]# CP config.sample.inc.php config.inc.php

[Email protected] myadmin]# vim config.inc.php

$cfg [' Servers '] [$i] [' auth_type '] = ' cookie ';
/* Server Parameters */
$cfg [' Servers '] [$i] [' host '] = ' 192.168.3.56 '; Database server address
$cfg [' Servers '] [$i] [' connect_type '] = ' TCP ';
$cfg [' Servers '] [$i] [' compress '] = false;
$cfg [' Servers '] [$i] [' allownopassword '] = false;

[Email protected] php-5.5.30]# service httpd restart

Execution results

650) this.width=650; "title=" image "style=" border-left-0px; border-right-width:0px; Background-image:none; border-bottom-width:0px; padding-top:0px; padding-left:0px; margin:0px; padding-right:0px; border-top-width:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M01/75/4F/ Wkiom1y12u7hklpiaaadtyvjs4y938.jpg "width=" 244 "height=" "/>

Second, the installation configuration of VSFTP

1, install VSFTPD, and check the corresponding file location and role

Yum Install vsftpd

RPM-QL vsftpd

/ETC/PAM.D/VSFTPD boot file for PAM-certified VSFTPD
/ETC/RC.D/INIT.D/VSFTPD VSFTPD Service startup file
/etc/vsftpd
/etc/vsftpd/ftpusers whether the user is allowed to log on to the VSFTPD server
/etc/vsftpd/user_list user list (whitelist or blacklist)
/etc/vsftpd/vsftpd.conf vsftp Master configuration file

/var/ftp/pub vsftp Public Folders

2. View VSFTPD configuration options

Vim/etc/vsftpd/vsftpd.conf

Anonymous_enable=yes whether anonymous access is allowed;

Local_enable=yes whether the system user is allowed to log on;

Write_enable=yes Open Write access;

local_umask=022 file upload permissions, with the highest permissions 666 minus you give is the file upload permissions;

Anon_upload_enable=yes allow anonymous users to upload files;

Anon_mkdir_write_enable=yes allow anonymous users to create folders;

Dirmessage_enable=yes If the directory description file is displayed, the default is yes but you need to create the. message file manually;

Xferlog_enable=yes record the user all upload and download information;

Connect_from_port_20=yes Controls whether Port 20 is used for data transfer in port mode;

Chown_uploads=yes Open Anonymous user upload user mapping, not enabled by default;

CHOWN_USERNAME=WHOEVER Specifies the user name of the anonymous user upload map;

XFERLOG_FILE=/VAR/LOG/XFERLOG specifies the path of the upload download information record file;

Xferlog_std_format=yes

idle_session_timeout=600 Session timeout disconnect time;

data_connection_timeout=120 data connection time-out disconnection;

nopriv_user=ftpsecure Specify a secure user account that allows the FTP server to be used as a standalone user with complete isolation and no privileges;

Async_abor_enable=yes whether the Special FTP command is allowed to run async Abor;

Ascii_upload_enable=yes uploading files in binary format;

Ascii_download_enable=yes download files in binary format;

Ftpd_banner=welcome to blah FTP service. Welcome information after login to FTP;

Deny_email_enable=yes refused to specify the email address of the user login;

BANNED_EMAIL_FILE=/ETC/VSFTPD/BANNED_EMAILS Specifies the address list of the denied login email;

Chroot_local_user=yes whether to lock all users in the home directory;

Chroot_list_enable=yes Open the list of users who lock the home directory;

chroot_list_file=/etc/vsftpd/chroot_list Specifies the file path of the locked user list;

Ls_recurse_enable=yes Ls_recurse_enable=yes whether to allow the use of commands such as ls-r;

Listen=yes open IPv4 monitoring;

Listen_ipv6=yes Open IPv6 monitoring;

PAM_SERVICE_NAME=VSFTPD set the name that Pam uses, the default value is/ETC/PAM.D/VSFTPD;

When Userlist_enable=yes is YES, users in the/etc/vsftpd/user__list file will not be able to access the VSFTPD server;

Tcp_wrappers=yes Enable Tcp_wrappers to implement server-side access control for client requests;

3. Configure virtual user access vftpd

1) Install Pam_mysql

Vim/etc/yum.repos.d/centos-base.repo

[Ali-epel]
Name=aliyun for Centos6-epel
baseurl=http://mirrors.aliyun.com/epel/6/x86_64/
Enabled=1
Gpgcheck=0

[email protected] ~]# Yum repolist

[email protected] ~]# Yum install Pam_mysql

2) Database Setup user

Enter the database server 192.168.3.56

Mysql

MariaDB [(None)]> CREATE DATABASE vsftpd CHARACTER SET UTF8 COLLATE utf8_general_ci;

Grant SELECT on vsftpd.* to ' my ' @ ' 192.168.3.55 ' identified by '[email protected]';

Flush privileges;

MariaDB [(None)]> use VSFTPD

MariaDB [vsftpd]> CREATE TABLE users (
-ID int auto_increment not NULL,
, name char (a) binary not NULL,
Password char () binary not NULL,
-primary key (ID)
);

MariaDB [vsftpd]> INSERT into users (Name,password) VALUES (' Tom ', password (' magedu '));

MariaDB [vsftpd]> INSERT into users (Name,password) values (' Ray ', password (' magedu '));

3, Configuration vsftpd

1) Set up the required files for PAM Certification

#vim/etc/pam.d/vsftpd.mysql
Add the following two lines
Auth required/lib/security/pam_mysql.so user=mytest [email protected] host=192.168.3.56 db=vsftpd table= Users Usercolumn=name Passwdcolumn=password crypt=0
Account required/lib/security/pam_mysql.so user=mytest [email protected] host=192.168.3.56 db=vsftpd table=users Usercolumn=name Passwdcolumn=password crypt=0

2) Modify the VSFTPD configuration file to adapt it to MySQL authentication

Establish a virtual user mapping of the system users and corresponding directories
# useradd-s/sbin/nologin-d/var/ftproot VUser
# chmod Go+rx/var/ftproot

Vim/etc/vsftpd.conf confirm that the following options are turned on

Anonymous_enable=yes
Local_enable=yes
Write_enable=yes
Anon_upload_enable=no
Anon_mkdir_write_enable=no
Chroot_local_user=yes

Then add the following options
Guest_enable=yes
Guest_username=vuser

And make sure that the value of the Pam_service_name option is as follows
Pam_service_name=vsftpd.mysql

4. Configuring and Using Virtual users

1) Add Virtual user Profile path

# Vim Vsftpd.conf

Add the following options
User_config_dir=/etc/vsftpd/vusers_config

mkdir/etc/vsftpd/vusers_config/
cd/etc/vsftpd/vusers_config/
Touch Tom Jerry

2) Add a virtual user profile

Vim Tom

Anon_upload_enable=yes
Anon_mkdir_write_enable=yes
Anon_other_write_enable=yes

650) this.width=650; "title=" image "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M02/75/4F/ Wkiom1y12u-y75kxaaaryv3smma836.jpg "" 244 "height="/>

5. Verify the effect:

650) this.width=650; "title=" image "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M00/75/4F/wKiom1Y12u_ Jye1laaa0wgyi-00508.jpg "" 244 "height="/>

650) this.width=650; "title=" image "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M01/75/4F/ Wkiom1y12vdakus2aabazstkhlw288.jpg "" 244 "height=" "/>

Iii. Sharing of Samba

1. Download and install Samaba

Yum Install Samba.x86_64–y

2. Create shared users and groups

1) Establish system users

[email protected] test]# groupadd-r Develop
[Email protected] test]# groupadd-r readonly
[Email protected] test]# useradd-g readonly-g develop-s/bin/nologin Gentoo
[[email protected] test]# ID Gentoo
uid=502 (Gentoo) gid=492 (readonly) groups=492 (readonly), 493 (develop)
[Email protected] test]# useradd-g readonly-g develop-s/bin/nologin CentOS
[Email protected] test]# useradd-g readonly-s/bin/nologin Ubuntu

2) Create a shared user

Smbpasswd–a Ubuntu

Smbpasswd–a CentOS

Smbpasswd–a Gentoo

Password is mageedu

SMBPASSWD options:
-a adds the system user as a samba user;
-D disables this account in Samba;
-e Enable disabled account
-X Remove this account from Samba

3. Edit the Shared file:

Vim/etc/samba/smb.conf

1) Description of the file options

Workgroup = MyGroup Define Workgroup
NetBIOS name = MYSERVER in NetBIOS parsing
Interfaces = Define the listening address
Host Allow = Defines a whitelist based on IP control;
with [custom sharing]
Path= the directory you want to share
Guest ok= whether to allow guest accounts
Whether wirteable= has write permissions
Printable= whether to print
Writelist= + you want to give write permission to the Group This option to indicate which users you want to write to.
Testparm test syntax is incorrect

2) Actual configuration

       workgroup = magedu Set Workgroup to magedu
         NetBIOS name = magedu Test NetBIOS parsing to a named magedu Test
        hosts allow = 127.192.168.3. Allow only native and 192.168.3 machine access in the network segment
         [shared]  share named shared
          comment = mage  comment Mage
          path =/data    to share data from the local root directory
         Guest OK = no    does not allow guest access to
         writable = yes     Write permission
         Write list = +readonly readonly Group member writable, not actually writable Also requires authorization from the system

650) this.width=650; "title=" image "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M02/75/4F/ Wkiom1y12vdaga8jaabyonbnth4311.jpg "" 244 "height=" 234 "/>

4, set up the System folder, start the service test:

1) Mkdir/data

Setfacl-m G:develop:rwx/data

Getfacl-a/data

650) this.width=650; "title=" image "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M00/75/4F/ Wkiom1y12vgdc89gaaa4im35ntq338.jpg "" 244 "height="/>

[[Email protected] samba]$ service SMB start;service NMB start

Service Iptables Stop

Setenforce 0

5, the client test results such as:

650) this.width=650; "title=" image "style=" border-left-0px; border-right-width:0px; Background-image:none; border-bottom-width:0px; padding-top:0px; padding-left:0px; padding-right:0px; border-top-width:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M01/75/4F/ Wkiom1y12vgxy43oaaa5cfnejqg923.jpg "width=" 244 "height=" "/>"

650) this.width=650; "title=" image "style=" border-left-0px; border-right-width:0px; Background-image:none; border-bottom-width:0px; padding-top:0px; padding-left:0px; margin:0px; padding-right:0px; border-top-width:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M01/75/4F/ Wkiom1y12vgcdh6xaaa6plbxagq035.jpg "width=" 244 "height=" Bayi "/>

650) this.width=650; "title=" image "style=" border-left-0px; border-right-width:0px; Background-image:none; border-bottom-width:0px; padding-top:0px; padding-left:0px; margin:0px; padding-right:0px; border-top-width:0px "border=" 0 "alt=" image "src=" http://s3.51cto.com/wyfs02/M02/75/4D/ Wkiol1y12yzrijksaabespbf-b4777.jpg "width=" 244 "height=" 104 "/>

Take care of the lead acceptance!

Lamp Modular +vsftd+samba