Ways to create and configure virtual users under the CentOS system

Source: Internet
Author: User
Tags chmod ftp mkdir centos

First, download the current vsftp latest version

The code is as follows:

wget ftp://vsftpd.beasts.org/users/cevans/vsftpd-2.3.4.tar.gz

  Ii. Pre-Installation Preparation

1, create the virtual user mapping local user wwwftp

The code is as follows:

Useradd wwwftp-d/data/www-s/sbin/nologin

2. Create a custom configuration directory

The code is as follows:

Mkdir-p/data/soft/vsftpd/conf

Mkdir-p/data/soft/vsftpd/bin

Mkdir-p/data/soft/vsftpd/lib

Mkdir-p/data/soft/vsftpd/user_conf

Mkdir-p/data/soft/vsftpd/empty

Mkdir-p/data/soft/vsftpd/logs

Mkdir-p/data/www

Mkdir-p/data/www/user1

Mkdir-p/data/www/user2

3. Set permissions on custom directories

The code is as follows:

Chown-r wwwftp:www/data/www

Chmod-r 700/data/soft/vsftpd/empty/

Chown-r wwwftp:wwwftp/data/soft/vsftpd/empty/

4. Copy library files to verify user login to custom directory for easy management

The code is as follows:

cp/lib/security/pam_userdb.so/data/soft/vsftpd/lib/

5, install the required software

The code is as follows:

Yum-y Install gcc db4* pam*

 Iii. Decompression and Installation vsftpd

The code is as follows:

Tar zxvf vsftpd-2.3.4.tar.gz

CD vsftpd-2.3.4

Source installation does not support Tcp_wrappers and SSL by default

Need to modify Builddefs.h

The code is as follows:

/* The default value is as follows: * *

#undef vsf_build_tcpwrappers/* Supports TCP wrappers*/

#define VSF_BUILD_PAM/* To support custom virtual user login */

#undef VSF_BUILD_SSL/* To support SSL transfer * *

/* Support to set the corresponding item to define, otherwise set to undef*/

Compiling VSFTPD

The code is as follows:

Make

View whether the compiled VSFTPD binaries have been loaded with Pam

The code is as follows:

LDD vsftpd

As follows:

The code is as follows:

[Root@centos5 vsftpd-2.3.4]# LDD vsftpd

Linux-gate.so.1 => (0x00628000)

libwrap.so.0 =>/lib/libwrap.so.0 (0x00cee000)

Libnsl.so.1 =>/lib/libnsl.so.1 (0x0015f000)

libpam.so.0 =>/lib/libpam.so.0 (0x00fc4000)

Libdl.so.2 =>/lib/libdl.so.2 (0x007dc000)

Libresolv.so.2 =>/lib/libresolv.so.2 (0x008d8000)

Libutil.so.1 =>/lib/libutil.so.1 (0x00110000)

Libcap.so.1 =>/lib/libcap.so.1 (0x00d99000)

Libc.so.6 =>/lib/libc.so.6 (0x0029a000)

libaudit.so.0 =>/lib/libaudit.so.0 (0x00114000)

/lib/ld-linux.so.2 (0x004a2000)

See libpam.so.0 =>/lib/libpam.so.0 (0x00fc4000) indicates that the PAM authentication module has been successfully loaded

The code is as follows:

CP Vsftpd/data/soft/vsftpd/bin

  Iv. Configuration of VSFTPD

1, create the main configuration file

The code is as follows:

Vi/data/soft/vsftpd/conf/vsftpd.conf

As follows:

The code is as follows:

Local_enable=yes

Anonymous_enable=no

Anon_upload_enable=no

Anon_other_write_enable=no

Anon_mkdir_write_enable=no

Ftpd_banner=welcome to FTP service.

Listen=yes

Listen_port=21

Connect_from_port_20=yes

Nopriv_user=nobody

Tcp_wrappers=yes

Chroot_local_user=no

Chroot_list_enable=yes

Chroot_list_file=/data/soft/vsftpd/chroot_list

Userlist_enable=yes

Userlist_deny=no

Userlist_file=/data/soft/vsftpd/allow

Dual_log_enable=yes

Vsftpd_log_file=/data/soft/vsftpd/logs/vsftpd.log

Xferlog_enable=yes

Xferlog_file=/data/soft/vsftpd/logs/xferlog

Pasv_enable=yes

pasv_min_port=50000

pasv_max_port=60000

Guest_enable=yes

Guest_username=wwwftp

Pam_service_name=vsftpd

Virtual_use_local_privs=yes

Use_localtime=yes

User_config_dir=/data/soft/vsftpd/user_conf

Secure_chroot_dir=/data/soft/vsftpd/empty

2. Create user files that allow you to log on to FTP

The code is as follows:

Vi/data/soft/vsftpd/allow

As follows:

The code is as follows:

User1

User2

3. Create user list file to lock user directory

The code is as follows:

Vi/data/soft/vsftpd/chroot_list

As follows

The code is as follows:

User1

User2

4, configure the VSFTPD Pam Authentication module (for the virtual user authentication)

The code is as follows:

Vi/etc/pam.d/vsftpd

As follows

The code is as follows:

Auth required/data/soft/vsftpd/lib/pam_userdb.so Db=/data/soft/vsftpd/login

Account Required/data/soft/vsftpd/lib/pam_userdb.so Db=/data/soft/vsftpd/login

Save exit

5. Create user name password text file

The code is as follows:

Vi/data/soft/vsftpd/login.txt

As follows: One line user name one line password

The code is as follows:

User1

123456

User2

654321

Save exit

6. Generate user Database with Db_load

The code is as follows:

Db_load-t-T Hash-f/data/soft/vsftpd/login.txt/data/soft/vsftpd/login.db

chmod 600/data/soft/vsftpd/login.db

Rm-rf/data/soft/vsftpd/login.txt

7. Configure the virtual user custom configuration file

The code is as follows:

Vi/data/soft/vsftpd/user_conf/user1

User1 all permissions

The code is as follows:

Local_root=/data/www/user1

Write_enable=yes

local_umask=022

Save exit

The code is as follows:

Vi/data/soft/vsftpd/user_conf/user2

User2 only Allow downloads

The code is as follows:

Local_root=/data/www/user2

Write_enable=no

Download_enable=yes

local_umask=022

Save exit

8. Start VSFTPD Service

The code is as follows:

/data/soft/vsftpd/bin/vsftpd/data/soft/vsftpd/conf/vsftpd.conf &

 Five, test

User1 login readable, write, delete, create, modify all permissions

User2 login has only download permission

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.