Ways to create and configure virtual users under the CentOS system

First, download the current vsftp latest version

The code is as follows:

wget ftp://vsftpd.beasts.org/users/cevans/vsftpd-2.3.4.tar.gz

　　Ii. Pre-Installation Preparation

1, create the virtual user mapping local user wwwftp

The code is as follows:

Useradd wwwftp-d/data/www-s/sbin/nologin

2. Create a custom configuration directory

The code is as follows:

Mkdir-p/data/soft/vsftpd/conf

Mkdir-p/data/soft/vsftpd/bin

Mkdir-p/data/soft/vsftpd/lib

Mkdir-p/data/soft/vsftpd/user_conf

Mkdir-p/data/soft/vsftpd/empty

Mkdir-p/data/soft/vsftpd/logs

Mkdir-p/data/www

Mkdir-p/data/www/user1

Mkdir-p/data/www/user2

3. Set permissions on custom directories

The code is as follows:

Chown-r wwwftp:www/data/www

Chmod-r 700/data/soft/vsftpd/empty/

Chown-r wwwftp:wwwftp/data/soft/vsftpd/empty/

4. Copy library files to verify user login to custom directory for easy management

The code is as follows:

cp/lib/security/pam_userdb.so/data/soft/vsftpd/lib/

5, install the required software

The code is as follows:

Yum-y Install gcc db4* pam*

　Iii. Decompression and Installation vsftpd

The code is as follows:

Tar zxvf vsftpd-2.3.4.tar.gz

CD vsftpd-2.3.4

Source installation does not support Tcp_wrappers and SSL by default

Need to modify Builddefs.h

The code is as follows:

/* The default value is as follows: * *

#undef vsf_build_tcpwrappers/* Supports TCP wrappers*/

#define VSF_BUILD_PAM/* To support custom virtual user login */

#undef VSF_BUILD_SSL/* To support SSL transfer * *

/* Support to set the corresponding item to define, otherwise set to undef*/

Compiling VSFTPD

The code is as follows:

Make

View whether the compiled VSFTPD binaries have been loaded with Pam

The code is as follows:

LDD vsftpd

As follows:

The code is as follows:

[Root@centos5 vsftpd-2.3.4]# LDD vsftpd

Linux-gate.so.1 => (0x00628000)

libwrap.so.0 =>/lib/libwrap.so.0 (0x00cee000)

Libnsl.so.1 =>/lib/libnsl.so.1 (0x0015f000)

libpam.so.0 =>/lib/libpam.so.0 (0x00fc4000)

Libdl.so.2 =>/lib/libdl.so.2 (0x007dc000)

Libresolv.so.2 =>/lib/libresolv.so.2 (0x008d8000)

Libutil.so.1 =>/lib/libutil.so.1 (0x00110000)

Libcap.so.1 =>/lib/libcap.so.1 (0x00d99000)

Libc.so.6 =>/lib/libc.so.6 (0x0029a000)

libaudit.so.0 =>/lib/libaudit.so.0 (0x00114000)

/lib/ld-linux.so.2 (0x004a2000)

See libpam.so.0 =>/lib/libpam.so.0 (0x00fc4000) indicates that the PAM authentication module has been successfully loaded

The code is as follows:

CP Vsftpd/data/soft/vsftpd/bin

　　Iv. Configuration of VSFTPD

1, create the main configuration file

The code is as follows:

Vi/data/soft/vsftpd/conf/vsftpd.conf

As follows:

The code is as follows:

Local_enable=yes

Anonymous_enable=no

Anon_upload_enable=no

Anon_other_write_enable=no

Anon_mkdir_write_enable=no

Ftpd_banner=welcome to FTP service.

Listen=yes

Listen_port=21

Connect_from_port_20=yes

Nopriv_user=nobody

Tcp_wrappers=yes

Chroot_local_user=no

Chroot_list_enable=yes

Chroot_list_file=/data/soft/vsftpd/chroot_list

Userlist_enable=yes

Userlist_deny=no

Userlist_file=/data/soft/vsftpd/allow

Dual_log_enable=yes

Vsftpd_log_file=/data/soft/vsftpd/logs/vsftpd.log

Xferlog_enable=yes

Xferlog_file=/data/soft/vsftpd/logs/xferlog

Pasv_enable=yes

pasv_min_port=50000

pasv_max_port=60000

Guest_enable=yes

Guest_username=wwwftp

Pam_service_name=vsftpd

Virtual_use_local_privs=yes

Use_localtime=yes

User_config_dir=/data/soft/vsftpd/user_conf

Secure_chroot_dir=/data/soft/vsftpd/empty

2. Create user files that allow you to log on to FTP

The code is as follows:

Vi/data/soft/vsftpd/allow

As follows:

The code is as follows:

User1

User2

3. Create user list file to lock user directory

The code is as follows:

Vi/data/soft/vsftpd/chroot_list

As follows

The code is as follows:

User1

User2

4, configure the VSFTPD Pam Authentication module (for the virtual user authentication)

The code is as follows:

Vi/etc/pam.d/vsftpd

As follows

The code is as follows:

Auth required/data/soft/vsftpd/lib/pam_userdb.so Db=/data/soft/vsftpd/login

Account Required/data/soft/vsftpd/lib/pam_userdb.so Db=/data/soft/vsftpd/login

Save exit

5. Create user name password text file

The code is as follows:

Vi/data/soft/vsftpd/login.txt

As follows: One line user name one line password

The code is as follows:

User1

123456

User2

654321

Save exit

6. Generate user Database with Db_load

The code is as follows:

Db_load-t-T Hash-f/data/soft/vsftpd/login.txt/data/soft/vsftpd/login.db

chmod 600/data/soft/vsftpd/login.db

Rm-rf/data/soft/vsftpd/login.txt

7. Configure the virtual user custom configuration file

The code is as follows:

Vi/data/soft/vsftpd/user_conf/user1

User1 all permissions

The code is as follows:

Local_root=/data/www/user1

Write_enable=yes

local_umask=022

Save exit

The code is as follows:

Vi/data/soft/vsftpd/user_conf/user2

User2 only Allow downloads

The code is as follows:

Local_root=/data/www/user2

Write_enable=no

Download_enable=yes

local_umask=022

Save exit

8. Start VSFTPD Service

The code is as follows:

/data/soft/vsftpd/bin/vsftpd/data/soft/vsftpd/conf/vsftpd.conf &

　Five, test

User1 login readable, write, delete, create, modify all permissions

User2 login has only download permission