参考站点:HowtoForge 上面有很多server的配置,各种平台下,从debian到redhat,以及suse,mandriva都有,非常详细。强烈推荐。
安装mysql和phpmyadmin,其中phpmyadmin不是必需的
apt-get install mysql-server mysql-client libmysqlclient15-dev phpmyadmin apache2
为mysql设置root密码
mysqladmin -u root password yourrootsqlpassword
如果需要其他人访问本机的mysql,同样需要设置密码
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
安装带mysql支持的proftpd,注意选择proftpd工作在standalone模式
apt-get install proftpd-mysql
建立虚拟用户组,这个是为了把proftpd用户虚拟到本机的一个用户上。注意下面的2001修改为自定义的。
groupadd -g 2001 ftpgroup
useradd -u 2001 -s /bin/false -d /bin/null -c "proftpd user" -g
ftpgroup ftpuser
建立proftpd使用的mysql数据库,并创建数据表。
bt:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ;
or \g.
Your MySQL connection id is 18
Server version: 5.0.32-Debian_7etch1-log Debian etch
distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> create database
ftp;
Query OK, 1 row affected (0.00 sec)
mysql> GRANT SELECT, INSERT, UPDATE,
DELETE ON ftp.* TO 'proftpd'@'localhost' IDENTIFIED BY
'password';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT SELECT, INSERT, UPDATE,
DELETE ON ftp.* TO 'proftpd'@'localhost.localdomain' IDENTIFIED BY
'password';
Query OK, 0 rows affected (0.00 sec)
mysql> USE ftp;
Database changed
mysql> CREATE TABLE
ftpgroup (groupname varchar(16) NOT NULL default '',gid smallint(6)
NOT NULL default '5500',members varchar(16) NOT NULL default '',KEY
groupname (groupname)) TYPE=MyISAM COMMENT='ProFTP group
table';
Query OK, 0 rows affected, 1 warning (0.06 sec)
mysql> CREATE TABLE ftpquotalimits (name varchar(30) default NULL,quota_type enum('user','group','class','all') NOT NULL default 'user',per_session enum('false','true') NOT NULL default 'false',limit_type enum('soft','hard') NOT NULL default 'soft',bytes_in_avail int(10) unsigned NOT NULL default '0',bytes_out_avail int(10) unsigned NOT NULL default '0',bytes_xfer_avail int(10) unsigned NOT NULL default '0',files_in_avail int(10) unsigned NOT NULL default '0',files_out_avail int(10) unsigned NOT NULL default '0',files_xfer_avail int(10) unsigned NOT NULL default '0')TYPE=MyISAM;
Query OK, 0 rows affected, 1 warning (0.03 sec)
mysql> CREATE TABLE ftpquotatallies (name varchar(30) NOT NULL default '',quota_type enum('user','group','class','all') NOT NULL default 'user',bytes_in_used int(10) unsigned NOT NULL default '0',bytes_out_used int(10) unsigned NOT NULL default '0',bytes_xfer_used int(10) unsigned NOT NULL default '0',files_in_used int(10) unsigned NOT NULL default '0',files_out_used int(10) unsigned NOT NULL default '0',files_xfer_used int(10) unsigned NOT NULL default '0') TYPE=MyISAM;
Query OK, 0 rows affected, 1 warning (0.03 sec)
mysql> CREATE TABLE ftpuser (id int(10) unsigned NOT NULL auto_increment,userid varchar(32) NOT NULL default '',passwd varchar(32) NOT NULL default '',uid smallint(6) NOT NULL default '5500',gid smallint(6) NOT NULL default '5500',homedir varchar(255) NOT NULL default '',shell varchar(16) NOT NULL default '/sbin/nologin',count int(11) NOT NULL default'0',accessed datetime NOT NULL default '0000-00-00 00:00:00',modified datetime NOT NULL default '0000-00-00 00:00:00',PRIMARY KEY (id),UNIQUE KEY userid (userid)) TYPE=MyISAM COMMENT='ProFTP user table';
Query OK, 0 rows affected, 1 warning (0.03 sec)
mysql> quit;
Bye
然后就是修改proftpd的配置文件了,vi /etc/proftpd/proftpc.conf
首先关闭对ipv6支持
UseIPv6 off
然后增加对mysql的验证支持
DefaultRoot ~
#-------- load sql.mod for mysql authoritative
--------#
# Backend表示用户认证方式为MySQL数据库的认证方式
# Plaintext表示明文认证方式,排在最前面的为最先使用的方式
SQLAuthTypes Backend Plaintext
SQLAuthenticate users* groups*
# ftpdb是数据库名,localhost是主机名
# proftpd是连接数据库的用户名,password是密码
SQLConnectInfo ftp@localhost proftpd passwd
SQLUserInfo ftpuser userid passwd uid gid homedir shell
SQLGroupInfo ftpgroup groupname gid members
#
如果用户主目录不存在,则系统会根据此用户在用户数据表中的homedir字段的值新建一个目录
CreateHome on
SQLNegativeCache on
# Update count every time user logs in
SQLLogFile /var/log/proftpd/proftpd.sql.log
SQLNamedQuery getcount SELECT "count from ftpuser where
userid='%u'"
SQLNamedQuery getlastlogin SELECT "lastlogin from ftpuser where
userid='%u'"
SQLNamedQuery updatelogininfo UPDATE
"count=count+1,host='%h',lastlogin=current_timestamp() WHERE
userid='%u'" ftpuser
SQLShowInfo PASS "230" "You've logged on %{getcount} times, last
login at %{getlastlogin}"
SQLLog PASS updatelogininfo
#-------- load sql.mod for mysql authoritative --------#
#-------- load qudes.mod for Quota limit
--------#
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
# 允许显示磁盘限额信息,ftp登录后可执行quote site
quota命令查看当前磁盘使用情况
QuotaShowQuotas on
QuotaLog "/var/log/proftpd/proftpd.quota.log"
SQLNamedQuery get-quota-limit SELECT "name, quota_type,
per_session, limit_type, bytes_in_avail, \
bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail,
files_xfer_avail FROM ftpquotalimits \
WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type,
bytes_in_used, bytes_out_used, \
bytes_xfer_used, files_in_used, files_out_used, files_xfer_used
FROM ftpquotatallies \
WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used =
bytes_in_used + %{0}, \
bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used =
bytes_xfer_used + %{2}, \
files_in_used = files_in_used + %{3}, files_out_used =
files_out_used + %{4}, \
files_xfer_used = files_xfer_used + %{5} \
WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3},
%{4}, %{5}, %{6}, %{7}" ftpquotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable
sql:/get-quota-tally/update-quota-tally/insert-quota-tally
#--------- load qudes.mod for Quota limit --------#
RootLogin off
RequireValidShell off
然后nano /etc/proftpd/modules.conf,注释掉没用的部分,然后重新启动proftpd
#LoadModule mod_sql_postgres.c
/etc/init.d/proftpd restart
建立数据库并测试,强烈推荐这些通过phpmyadmin来进行操作
mysql -u root -p
USE ftp;
INSERT INTO `ftpgroup` (`groupname`, `gid`, `members`) VALUES ('ftpgroup', 2001, 'ftpuser');
INSERT INTO `ftpquotalimits` (`name`, `quota_type`, `per_session`, `limit_type`, `bytes_in_avail`, `bytes_out_avail`, `bytes_xfer_avail`, `files_in_avail`, `files_out_avail`, `files_xfer_avail`) VALUES ('exampleuser', 'user', 'true', 'hard', 15728640, 0, 0, 0, 0, 0);
INSERT INTO `ftpuser` (`id`, `userid`, `passwd`, `uid`, `gid`, `homedir`, `shell`, `count`, `accessed`, `modified`) VALUES (1, 'exampleuser', 'secret', 2001, 2001, '/home/www.example.com', '/sbin/nologin', 0, '', '');
quit;
下面是配置匿名用户登录
依然是增加一个用户组
groupadd -g 2002 anonymous_ftp
useradd -u 2002 -s /bin/false -d /home/anonymous_ftp -m -c
"Anonymous FTP User" -g anonymous_ftp anonymous_ftp
建立登录文件夹,如果想匿名用户和虚拟用户登录到同一个地方,这一步可以略过,在proftpd的配置文件中指定就行了
mkdir /home/anonymous_ftp/incoming
chown anonymous_ftp:nogroup /home/anonymous_ftp/incoming
然后编辑proftpd的配置文件,增加下面部分,然后重新启动。配置文件具体含义不说了
<Anonymous ~anonymous_ftp>
User
anonymous_ftp
Group
nogroup
# We want clients to be able to login with
"anonymous" as well as "ftp"
UserAlias
anonymous anonymous_ftp
# Cosmetic changes, all files belongs to ftp
user
DirFakeUser
on anonymous_ftp
DirFakeGroup on anonymous_ftp
RequireValidShell off
# Limit the maximum number of anonymous
logins
MaxClients
10
# We want 'welcome.msg' displayed at login,
and '.message' displayed
# in each newly chdired directory.
DisplayLogin
welcome.msg
DisplayFirstChdir
.message
# Limit WRITE everywhere in the anonymous
chroot
<Directory *>
<Limit
WRITE>
DenyAll
</Limit>
</Directory>
# Uncomment this if you're brave.
<Directory incoming>
# Umask 022
is a good standard umask to prevent new files and dirs
# (second
parm) from being group and world writable.
Umask
022 022
<Limit READ WRITE>
DenyAll
</Limit>
<Limit STOR>
AllowAll
</Limit>
</Directory>
</Anonymous>
这样就ok了