Pureftp the use of Mysql to implement user authentication operation tutorial _mysql

PUREFTP integrated MySQL authentication is to save the FTP user information to the MySQL database, so that a large number of FTP server to do centralized management, user account maintenance as long as through the operation of MySQL can be completed.

First, download the PUREFTP source code, and make sure MySQL has been installed well

Tar zxvf pure-ftpd-1.0.20.tar.gz cd pure-ftpd-1.0.20
./configure--prefix=/usr/local/pureftpd \
- With-cookie \
--with-throttling \
--with-ratios \
--with-quotas \
--with-sysquotas \
-- With-uploadscript \
--with-virtualhosts \
--with-virtualchroot \
--with-virtualchroot \--
with-diraliases \
--with-peruserlimits \
--with-language=simplified-chinese \
--with-mysql=/usr/ Local/mysql \
--with-paranoidmsg \
--with-altlog make to
check make
install
mkdir- M 777/USR/LOCAL/PUREFTPD/ETC
CP pureftpd-mysql.conf  /usr/local/pureftpd/etc/pureftpd-mysql.conf
CP configuration-file/pure-ftpd.conf/usr/local/pureftpd/etc/pure-ftpd.conf
CP configuration-file/ pure-config.pl  /usr/local/pureftpd/bin/pure-config.pl

Note the –PREFIX=/USR/LOCAL/PUREFTPD parameter specifies the PUREFTPD installation path –with-mysql=/usr/local/mysql parameter specifies the MySQL installation path –with-language= The Simplified-chinese parameter specifies the language used by the server to return information

Add PUREFTPD to System services

# cp contrib/redhat.init/etc/init.d/pureftpd
# VI/ETC/INIT.D/PUREFTPD

Modify 18/19 Lines

fullpath=/usr/local/sbin/$prog
pureftpwho=/usr/local/sbin/pure-ftpwho

For:

fullpath=/usr/local/pureftpd/sbin/$prog
pureftpwho=/usr/local/pureftpd/sbin/pure-ftpwho

Modify 24 lines

$fullpath/etc/pure-ftpd.conf--daemonize

For

$fullpath/usr/local/pureftpd/etc/pure-ftpd.conf--daemonize
# chmod 755/etc/init.d/pureftpd
# chkconfig- Add pureftpd
# chkconfig PUREFTPD on

Modify configuration file

# vi/usr/local/pureftpd/etc/pure-ftpd.conf

which can modify the maximum number of connections, idle time, etc., detailed introduction see http://everspring.blog.51cto.com/497193/104618
There are several items to be modified:

• Chrooteveryone Yes limited to your home directory
• Noanonymous Yes does not allow anonymous logons
• Bind 127.0.0.1,21 Monitor native loop < optional >
• Bind 192.168.0.254,21 listens for native IP < adds itself, not required >
• Createhomedir Yes allows users to automatically create home directories after logging in < must >

If Iptables is enabled, you must also modify the following line:
PassivePortRange 30000 50000 Save exit.

Iptables Open related ports:

Iptables-i input-p TCP--dport 21-j ACCEPT iptables-i
input-p TCP--dport 30000:50000-j

/etc/rc.d/init.d/iptables Save

Second, the establishment of MySQL certification database table
establish PUREFTPD database in MySQL server

Mysql>create DATABASE pureftpd;
Mysql>grant all on pureftpd.* to pureftpd@ "localhost" identified by ' pureftpd ';
Mysql>use pureftpd; Mysql>create TABLE ' users ' (' id ' int ' unsigned NOT null auto_increment, ' User ' varchar "NOT null default ', ' Pa 
ssWOrd ' varchar NOT null default ', ' Uid ' varchar (one) NOT null default '-1 ', ' Gid ' varchar (one) NOT null default '-1 ', ' Dir ' varchar (128) NOT null default ', ' Quotasize ' smallint (5) NOT null default ' 0 ', ' quotafiles ' int (one) not null Defau Lt ' 0 ', ' ulbandwidth ' smallint (5) NOT null default ' 0 ', ' dlbandwidth ' smallint (5) NOT null default ' 0 ', ' ulratio ' smallint (6) Not null default ' 0 ', ' dlratio ' smallint (6) isn't null default ' 0 ', ' comment ' tinytext not null, ' ipaccess ' varchar (15) NOT NULL default ' * ', ' status ' enum (' 0 ', ' 1 ') isn't null default ' 0 ', ' create_date ' datetime NOT NULL default ' 0000-00-00 00: 00:00 ', ' modify_date ' datetime not NULL default ' 0000-00-00 00:00:00 ', PRIMARY key (' id ', ' user '), UNIQUE key ' user ' (' user ' `) )
Type=myisam auto_increment=5;
 

Third, the establishment for the PUREFTPD Authentication user's System Information
establish the root directory for PUREFTPD authenticated users and FTP servers

Create a user dedicated to uploading files

Groupadd download-g
 useradd download-u 2000-g download-s/sbin/nologin

Create a user dedicated to downloading

Groupadd upload-g 2001
 useradd upload-u 2001-g download-s/sbin/nologin mkdir/ftproot chown-r Upload/ftproo

T      ///Let upload user as the owner of the FTP root
 chgrp-r download/ftproot   //Let download user be the group of the FTP root
 chmod 750/ftproot           //Let upload users have all the permissions, so that download users only Read permissions

Iv. Modifying the PUREFTPD configuration file
Modifying the pureftp master configuration file

Vi/usr/local/pureftpd/etc/pure-ftpd.conf

Chrooteveryone         Yes
brokenclientscompatibility   no
maxclientsnumber
daemonize           Yes
Maxclientsperip        8
verboselog           Yes
displaydotfiles        Yes
anonymousonly         No
noanonymous          No
syslogfacility        
dontresolve          Yes
maxidletime          #  The maximum number of files to display when using the LS command, which has two parameters the first is the number of files, the second is the directory depth
limitrecursion        10000 8
anonymouscancreatedirs    No
maxload            4
passiveportrange       30000 50000 using passive mode, the passive port range is 30000 to 50000
Antiwarez           Yes
userbandwidth         1000
Umask             133:022
minuid         no
ALLOWANONYMOUSFXP       no
prohibitdotfileswrite no Prohibitdotfilesread no
autorename          No
Anonymouscantupload      Yes to prohibit anonymous users from uploading
createhomedir         No to prevent logged-in users from automatically creating home directories
pidfile            /var/run/ Pure-ftpd.pid
maxdiskusage
customerproof         Yes

Modify PUREFTP mysql Authentication file

Vi/usr/local/pureftpd/etc/pureftpd-mysql.conf

MySQLServer 127.0.0.1
mysqlport 3306
mysqluser pureftpd
mysqlpassword pureftpd
mysqldatabase PUREFTPD
mysqlcrypt cleartext password is stored in the datasheet, where you select clear text with cleartext, encrypted use crypt MYSQLGETPW
select Password from Users Where user= ' \l '
Mysqlgetuid select Uid from the users where user= ' \l '
mysqlgetgid SELECT Gid from users where user= ' \ L '
Mysqlgetdir select Dir from the users where user= ' \l '
Mysqlgetbandwidthul SELECT ulbandwidth from users where to use R= ' \l '
mysqlgetbandwidthdl SELECT dlbandwidth from users WHERE user= ' \l '

V. Operation of PUREFTPD
Add upload user, user name can be arbitrary, but to the system user's UID and GID, to obtain the file system related permissions

INSERT into ' users ' VALUES (1, ' Download ', ' Download ', ' C ', ' C ', '/ftproot ', 0, 0, 0, 0, 0, 0, ', ', ' * ', ' 1 ', ' 2013-06- 24 16:10:00 ', ' 2013-06-24 16:10:00 ');

Add Download User

INSERT into ' users ' VALUES (2, ' upload ', ' Upload ', ' 2001 ', ' 2001 ', '/ftproot ', 0, 0, 0, 0, 0, 0, ', ' * ', ' 1 ', ' 2013-06-24 1 6:10:00 ', ' 2013-06-24 16:10:00 ');

Running the PUREFTPD server

/usr/local/pureftpd/bin/pure-config.pl/usr/local/pureftpd/etc/pure-ftpd.conf

Now open the http://server using the browser on the client ip:21 use the user upload and download test login

Vi. using FACL to implement different access rights for different users of the same directory

Chown-r upload:upload/ftproot
chomod  /ftproot

Subdirectories and child files that have been created later inherit Facl

Setfacl-r U:download:rx  /frptoot  

Let the facl of the current directory take effect

Pureftp table Field Description

CREATE TABLE IF not EXISTS ' ftpd ' (

' user ' varchar ' NULL DEFAULT ' COMMENT ' username ', '

status ' enum (' 0′, ' 1′) NO T null default ' 0 ' COMMENT ' available state: 0– unavailable; "", '

Password ' varchar () not NULL default ' COMMENT ' password ',

' Uid ' varchar (one) NOT null default ' -1′comment ' User ID ',

' Gid ' varchar (one) NOT null default ' -1′comment ' group ID ',

' Dir ' var CHAR (128) NOT NULL default "COMMENT ' owned permission path ',

' ulbandwidth ' smallint (5) NOT null default ' 0 ' COMMENT ' upload bandwidth ',

' DL Bandwidth ' smallint (5) NOT null DEFAULT ' 0 ' COMMENT ' download bandwidth ',

' COMMENT ' tinytext not null COMMENT ' remarks ',

' ipaccess ' varchar () NOT NULL default ' * ' COMMENT ' IP address ',

' quotasize ' smallint (5) NOT null default ' 0 ' COMMENT ' size quota ',

' Q Uotafiles ' int (one) not NULL default ' 0 ' COMMENT ' file type quota ',

PRIMARY KEY (' User ')

Engine=myisam DEFAULT charset=g BK comment= ' FTP User name password table ';