注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

NET START HERE

研究C/C++、网络/通信/协议编程、网络安全、软件安全

 
 
 

日志

 
 

proftpd+mysql(或postgresql)配置通过数据库创建ftp账号认证登录  

2013-04-19 21:28:25|  分类: linux入门 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
一、安装proftpd + postgresql数据库方式认证
./configure \
--prefix=/usr/local/proftpd \
--with-modules=mod_sql:mod_sql_postgres \
--with-includes=/usr/include \
--with-libraries=/usr/lib/postgresql/8.4/lib
make
make install
注:安装postgresql时编译时可能会出现错误,主要可能缺少libpq-fe.h/postgres_ext.h头文件和libpq.so.5.2库文件,我已将其重新打包到proftpd-1.3.5rc2安装包中的postgres目录中,可供下载参考

二、安装proftpd + mysql数据库方式认证
./configure \
--prefix=/usr/local/proftpd  \
--with-modules=mod_sql:mod_sql_mysql  \
--with-includes=/usr/include/mysql  \
--with-libraries=/usr/lib/mysql
make
make install
注:--with-includes和--with-libraries需要正确填写机器中所安装的mysql头文件和库文件路径,如不知道可使用locate mysql查找,Ubuntu中使用apt-get install方式安装mysql的默认路径如上
 
三、proftpd数据库配置文件(/usr/local/proftpd/etc/proftpd.conf)
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName   "ProFTPD Server LZG"
ServerType   standalone
DefaultServer   on
# Port 21 is the standard FTP port.
Port    21
# Don't use IPv6 support by default.
UseIPv6    off
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask    022
MaxLoginAttempts  3
TimeoutLogin   120
TimeoutIdle   600
TimeoutNoTransfer  900
MaxClients   100
MaxClientsPerHost  5
RequireValidShell  off

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances   30
# Set the user and group under which the server will run.
User    nobody
Group    nogroup
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
# Normally, we want files to be overwriteable.
AllowOverwrite  on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>
DefaultRoot ~
SQLAuthTypes Plaintext Crypt
SQLAuthenticate users* groups*
SQLConnectInfo proftpd@10.253.102.12 postgres 123
SQLUserInfo users userid passwd uid gid homedir shell
SQLGroupInfo groups groupname gid members
SQLMinID 500
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1 where userid='%u'" users
SQLLog STOR,DELE modified

四、这里就不介绍数据库表的详细创建步骤了,网上一大堆,我创建了一个users和groups表,下面为postgres的proftpd表创建语句,mysql更简单不再介绍

-- Table: users
-- DROP TABLE users;
CREATE TABLE users
(
  userid character varying(256) NOT NULL,
  passwd character varying(256),
  uid integer DEFAULT (1000)::numeric,
  gid integer DEFAULT (1000)::numeric,
  homedir character varying(256),
  shell character varying(256),
  count integer DEFAULT (0)::numeric,
  used double precision DEFAULT 0.0,
  quote double precision DEFAULT 0.0,
  CONSTRAINT ftpusers_pkey PRIMARY KEY (userid)
)
WITH (
  OIDS=FALSE
);
ALTER TABLE users
  OWNER TO postgres;
 
-- Table: groups
-- DROP TABLE groups;
CREATE TABLE groups
(
  groupname character varying(256) NOT NULL,
  gid integer DEFAULT (1000)::numeric,
  members character varying(256),
  CONSTRAINT ftpgroups_pkey PRIMARY KEY (groupname)
)
WITH (
  OIDS=FALSE
);
ALTER TABLE groups
  OWNER TO postgres;
 
数据表创建完成后,配置文件修改后,重启proftpd进程,在数据库中创建一个用户然后登录就可以了。
 
五、可能遇到的问题
root@liuzhigong-Vostro-230:~# ftp 127.0.0.1
Connected to 127.0.0.1.
220 ProFTPD 1.3.5rc2 Server (ProFTPD Server LZG) [127.0.0.1]
Name (127.0.0.1:root): lzgtest
331 Password required for lzgtest
Password:
421 Service not available, remote server has closed connection
Login failed.
No control connection for command: No such file or directory
 
可能会遇到下面这个问题,我google和baidu了好久,查了好多方法不行,最后才发现是配置文件后面sql语句写错导致,可供大家参考,如果大家创建的表名不是users,是ftpusers,则配置文件中的对应sql语句的地方要做相应修改才行

SQLUserInfo users(根据实际情况修改表名) userid passwd uid gid homedir shell
SQLGroupInfo groups(根据实际情况修改表名) groupname gid members
SQLMinID 500
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1 where userid='%u'" users(根据实际情况修改表名)
SQLLog STOR,DELE modified
 
 
还有一个问题是可能直接使用IP连接proftpd服务器时感觉连接速度非常慢,要等很久服务器才会返回信息,经常导致ftp连接超时,这时可在配置文件中关闭proftpd的域名反向解析以加快服务器响应时间:
 
# 不显示服务器相关信息, 如proftpd版本
ServerIdent off
# 禁用反向域名解析
UseReverseDNS off

proftpd+mysql安装方式较简单,proftpd+postgres方式比较少见,且编译时需要单独把postgres头文件和库文件拷贝到系统中,我把proftpd最新版和postgres需要用的头文件和库文件打包在一起,有需要可下载:http://www.liuzhigong.com/download/proftpd1.3.5rc2_mysql_postgres.tar.gz
  评论这张
 
阅读(779)| 评论(0)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017