vsftpd 配置虚拟用户
2015-05-18 17:24
483 查看
<pre name="code" class="sql"><pre name="code" class="sql"><pre name="code" class="sql">配置虚拟用户(使用db实现) ------------------------------------------------------------------ (1)查看系统是否有相应软件包 haproxy:/etc/haproxy# rpm -qa | grep vsftp haproxy:/etc/haproxy# yum install vsftpd-2.2.2-13.el6_6.1.x86_64 # rpm –qa | grep db4 db4-devel-4.2.52-7.1 db4-4.2.52-7.1 db4-utils-4.2.52-7.1 (2)建立一个logins.txt的文件,单行为用户名,双行为密码,例如 # vim /etc/vsftpd/virtual_user ftpzjcap 1234567 haproxy:/etc/vsftpd# ls -ltr total 24 -rwxr--r-- 1 root root 338 Oct 18 2014 vsftpd_conf_migrate.sh -rw------- 1 root root 4599 Oct 18 2014 vsftpd.conf -rw------- 1 root root 361 Oct 18 2014 user_list -rw------- 1 root root 125 Oct 18 2014 ftpusers -rw-r--r-- 1 root root 17 May 19 10:45 virtual_user (3)建立数据库文件并设置文件属性 # db_load -T -t hash -f /etc/vsftpd/virtual_user /etc/vsftpd/virtual_user.db # chmod 600 /etc/vsftpd/virtual_user.db haproxy:/etc/vsftpd# ls -ltr total 36 -rwxr--r-- 1 root root 338 Oct 18 2014 vsftpd_conf_migrate.sh -rw------- 1 root root 4599 Oct 18 2014 vsftpd.conf -rw------- 1 root root 361 Oct 18 2014 user_list -rw------- 1 root root 125 Oct 18 2014 ftpusers -rw-r--r-- 1 root root 17 May 19 10:45 virtual_user -rw-r--r-- 1 root root 12288 May 19 10:45 virtual_user.db (4)建立认证文件 # vim /etc/pam.d/vsftpd 插入如下两行 ##%PAM-1.0 #session optional pam_keyinit.so force revoke #auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed #auth required pam_shells.so #auth include password-auth #account include password-auth #session required pam_loginuid.so #session include password-auth auth required pam_userdb.so db=/etc/vsftpd/virtual_user ###没有db结尾 account required pam_userdb.so db=/etc/vsftpd/virtual_user ###没有db结尾 (5)编写配置文件 # vim /etc/vsftpd/vsftpd.conf haproxy:/etc/vsftpd# grep -v "^#" vsftpd.conf anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES ascii_upload_enable=YES ascii_download_enable=YES chroot_list_enable=YES listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES guest_enable=YES user_config_dir=/etc/vsftpd/vuser_conf 6) v-lhb-nfs01:/root# mkdir -p /etc/vsftpd/vuser_conf v-dev-redis01:/etc/vsftpd/vuser_conf# cat ftpzjcap local_root=/t/deploy/zjdev/nfs/images write_enable=YES anon_umask=022 anon_world_readable_only=NO anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES 7)报错: 500 OOPS: could not read chroot() list file:/etc/vsftpd/chroot_list v-lhb-nfs01:/root# touch /etc/vsftpd/chroot_list v-lhb-nfs01:/root# chmod 644 /etc/vsftpd/chroot_list haproxy:/etc/vsftpd/vuser_conf# ftp 192.168.32.173 Connected to 192.168.32.173 (192.168.32.173). 220 (vsFTPd 2.2.2) Name (192.168.32.173:root): ftpzjcap 331 Please specify the password. Password: 530 Login incorrect. Login failed. 报错信息如下: haproxy:/etc/vsftpd/vuser_conf# tail -100 /var/log/secure May 19 11:06:28 haproxy vsftpd[27543]: pam_succeed_if(vsftpd:auth): error retrieving information about user ftpzjcap May 19 11:09:05 haproxy vsftpd[27574]: PAM unable to dlopen(/lib/security/pam_userdb.so): /lib/security/pam_userdb.so: cannot open shared object file: No such file or directory May 19 11:09:05 haproxy vsftpd[27574]: PAM adding faulty module: /lib/security/pam_userdb.so May 19 11:09:05 haproxy vsftpd[27574]: pam_unix(vsftpd:auth): check pass; user unknown May 19 11:09:05 haproxy vsftpd[27574]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=ftpzjcap rhost=192.168.33.29 May 19 11:09:05 haproxy vsftpd[27574]: pam_succeed_if(vsftpd:auth): error retrieving information about user ftpzjcap 没有/lib/security/pam_userdb.so文件,修改为 auth required pam_userdb.so db=/etc/vsftpd/vuser_passwd account required pam_userdb.so db=/etc/vsftpd/vuser_passwd pam_userdb(vsftpd:auth): user_lookup: could not open database May 19 11:15:38 haproxy vsftpd[27631]: pam_unix(vsftpd:auth): check pass; user unknown May 19 11:15:38 haproxy vsftpd[27631]: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=ftpzjcap rhost=192.168.32.173 May 19 11:15:38 haproxy vsftpd[27631]: pam_succeed_if(vsftpd:auth): error retrieving information about user ftpzjcap May 19 11:15:38 haproxy vsftpd[27631]: pam_succeed_if(vsftpd:auth): error retrieving information about user ftpzjcap May 19 11:18:49 haproxy vsftpd[27660]: pam_userdb(vsftpd:auth): user_lookup: could not open database `/etc/vsftpd/vuser_passwd': No such file or directory haproxy:/etc/vsftpd# cat /etc/pam.d/vsftpd ##%PAM-1.0 #session optional pam_keyinit.so force revoke #auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed #auth required pam_shells.so #auth include password-auth #account include password-auth #session required pam_loginuid.so #session include password-auth auth required pam_userdb.so db=/etc/vsftpd/virtual_user account required pam_userdb.so db=/etc/vsftpd/virtual_user haproxy:/etc/vsftpd# ls -ltr *db -rw-r--r-- 1 root root 12288 May 19 10:45 virtual_user.db
相关文章推荐
- ubuntu LAMP配置实例+VSFTPD虚拟用户管理网站
- vsftpd配置虚拟用户
- Vsftpd虚拟用户的配置
- Centos6.7安装配置vsftpd虚拟用户
- vsftpd_虚拟用户配置
- vsftpd虚拟用户配置
- SUSE11下配置vsftpd虚拟用户
- vsftpd基于pam_mysql的认证和hash编码的方式配置虚拟用户
- vsftpd虚拟用户的配置
- Vsftpd虚拟用户配置
- vsftpd虚拟用户配置【虚拟用户映射到系统账号vuser{禁止该账户登录}登录ftp】
- VSFTPD虚拟用户配置
- vsftpd安装配置虚拟用户
- 无错版Vsftpd+Mysql+Pam配置虚拟用户方法
- Linux下vsftpd安装以及配置FTP虚拟用户实践
- vsftpd-mysql配置虚拟用户
- Vsftpd的虚拟用户配置:PAM + PgSQL + FreeBSD-4
- ubuntu下vsftpd虚拟用户配置
- vsftpd virtual_users setup转--(vsftpd虚拟用户配置)
- vsftpd配置虚拟用户