Gentoo安装配置pure-ftpd结合Mysql权限验证全过程

一、安装pure-ftpd服务端

# echo 'net-ftp/pure-ftpd mysql'>>/etc/portage/package.use

Gentoo会自动把本机的mysql装上。

# emerge pure-ftpd

配置mysql数据库root的密码，以及安装初始化目录。 我配置的root密码为root，如果设置为其它的则下面的密码也需要跟着改

# ebuild /var/db/pkg/dev-db/mysql-5.5.28/mysql-5.5.28.ebuild config

把client这个段的内容修改成如下 ，这是为了方便我们进入mysql数据库

# vim /etc/mysql/my.cnf

[client]

user            = root

password        = root

host            = 127.0.0.1

port            = 3306

socket          = /var/run/mysqld/mysqld.sock

 

[mysqld]

server-id                                       = 220

skip-name-resolve

# /etc/init.d/mysql start

 

二、在Mysql中创建相应的库和表来存储用户权限

 

# mysql –A (之前配置my.cnf里的用户和密码就是为了这儿)

mysql> CREATE DATABASE IF NOT EXISTS pureftpd;

mysql> USE pureftpd;

mysql>

CREATE TABLE IF NOT EXISTS `ftpd` (

  `User` varchar(16) NOT NULL DEFAULT '' COMMENT '用户名',

  `status` enum('0','1') NOT NULL DEFAULT '0' COMMENT '可用状态：0 - 不可用；1 - 正在使用',

  `Password` varchar(64) NOT NULL DEFAULT '' COMMENT '密码',

  `Uid` varchar(11) NOT NULL DEFAULT '-1' COMMENT '用户ID',

  `Gid` varchar(11) NOT NULL DEFAULT '-1' COMMENT '组ID',

  `Dir` varchar(128) NOT NULL DEFAULT '' COMMENT '拥有的权限路径',

  `ULBandwidth` smallint(5) NOT NULL DEFAULT '0' COMMENT '上传带宽',

  `DLBandwidth` smallint(5) NOT NULL DEFAULT '0' COMMENT '下载带宽',

  `comment` tinytext NOT NULL COMMENT '备注',

  `ipaccess` varchar(15) NOT NULL DEFAULT '*' COMMENT 'IP地址',

  `QuotaSize` smallint(5) NOT NULL DEFAULT '0' COMMENT '大小配额',

  `QuotaFiles` int(11) NOT NULL DEFAULT '0' COMMENT '文件类型配额',

  PRIMARY KEY (`User`)

) ENGINE=MyISAM DEFAULT CHARSET=gbk COMMENT='ftp用户名密码表';

mysql > 添加用户ftpduser让它对pureftpd下面的库有select权限

grant select on pureftpd.* to ftpduser@'%' identified by 'ftpdpassword';

mysql > 添加一条测试数据，等会儿用来登录

INSERT INTO `ftpd` (`User`, `status`, `Password`, `Uid`, `Gid`, `Dir`, `ULBandwidth`, `DLBandwidth`, `comment`, `ipaccess`, `QuotaSize`, `QuotaFiles`) VALUES ('testuser', '1', md5('testpassword'), '1002', '81', '/var/www', 0, 0, '备注', '*', 0, 0);

 

三、修改配置文件，使用MYSQL进行权限验证

 

# vim /etc/conf.d/pure-ftpd

IS_CONFIGURED="yes"

SERVER="-S 10.36.32.220,21"

MAX_CONN="-c 50"

MAX_CONN_IP="-C 20"

AUTH="-l mysql:/etc/pureftpd-mysql.conf"

MISC_OTHER="-A -H -x -j -R -Z -E -p 50001:59999 -O clf:/var/log/pureftpd/pureftpd.log"

# mkdir –p /var/log/pureftpd/

 

 

这里的MYSQL配置与我们PHP连接MYSQL雷同，需要注意的是MYSQLCrypt 这是指的咱们对用户密码的加密方式。

# vim /etc/pureftpd-mysql.conf

MYSQLServer 127.0.0.1

MYSQLPort 3306

MYSQLUser ftpduser

MYSQLPassword ftpdpassword

MYSQLDatabase pureftpd

MYSQLCrypt md5

MYSQLGetPW SELECT Password FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetUID SELECT Uid FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetGID SELECT Gid FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MYSQLGetDir SELECT Dir FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetBandwidthUL SELECT ULBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetBandwidthDL SELECT DLBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetQTASZ SELECT QuotaSize FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

MySQLGetQTAFS SELECT QuotaFiles FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

 

四、添加nfsuser用户，并修改web目录的权限，如果没有就先创建吧

# groupadd apache; useradd nfsuser -u 1002 -g apache -d /dev/null -s /sbin/nologin

# mkdir -p /var/www

# chown -R nfsuser:apache /var/www

 

五、启动pureftpd并用客户端连接测试

# /etc/init.d/pure-ftpd start