1471.html

著名的linux英雄站点的文档打包

                              border=0>
                                <TBODY>
                                <TR>
                                      <TD vAlign=top> 
<p><FONT class=normalfont><B><font color=blue>Proftpd1.2.8+mysql3.23.56用户认证+quota磁盘限额v1.0</font></B></FONT><BR><FONT class=smallfont color=#ff9900>2004-04-23 15:18 pm</FONT><BR><FONT class=normalfont>作者：光辉<br>来自：Linux知识宝库<br>联系方式：无名<br><br>    摘要<br>
    本文介绍一个非常好的ftp服务安装，实现了数据库管理和吃盘限额。只要稍微修改一下，就可以作为个人主业页服务器的服务平台!(文章参考了一些网上的文档，因为写的时间久了，记不起，希望不要见怪！)(2003-08-15 10:39:43)<br>
<br>
安装环境：redhat8，安装选择的是自定义，没选数据库和ftp部分（因为我们要自己编译，如果安装了也没问题，你可以rpm -qa|grep mysql ,然后rpm -e mysql*.rpm卸载掉<br>
网上关于proftpd的安装文章实在是不少，我只是稍微整理了一下，并且使用了新的 quota磁盘限额模块,mysql选择3.23.56版。<br>
首先下载源码<br>
proftpd1.2.8:<br>
ftp://ftp.proftpd.org/上下载吧<br>
ftp://ftp.proftpd.org/distrib/source/proftpd-1.2.8.tar.gz<br>
<br>
mod_quotatab-1.2.7<br>
http://www.castaglia.org/proftpd/modules/proftpd-mod-quotatab-1.2.7.tar.gz（对应proftpd1.2.8版本的）<br>
mysql3.23.56:<br>
http://www.mysql.com/downloads/mysql-3.23.html#Source<br>
注意是下载源代码包（我一般喜欢自己编译）<br>
全部下载到/root目录。<br>
<br>
1，安装mysql3.23.56<br>
#groupadd mysql<br>
#useradd -g mysql mysql<br>
#cd /root<br>
#tar -zxvf mysql-3.23.56.tar.gz<br>
#cd mysql-3.23.56<br>
#./configure --prefix=/usr/local/mysql<br>
#make<br>
#make install<br>
#scripts/mysql_install_db<br>
#chown -R root /usr/local/mysql<br>
#chown -R mysql /usr/local/mysql/var<br>
#chgrp -R mysql /usr/local/mysql<br>
#cp support-files/my-medium.cnf /etc/my.cnf<br>
#/usr/local/mysql/bin/safe_mysqld --user=mysql &<br>
<br>
2，安装proftpd<br>
将proftpd的源码包解压缩到某临时目录下：<br>
localhost# tar -zxvf proftpd-1.2.8.tar.gz<br>
解压缩 mod_quotatab-1.2.7<br>
localhost# tar -zxvf proftpd-mod-quotatab-1.2.7.tar.gz<br>
进入 mod_quotatab 目录<br>
localhost proftpd# cd mod_quotatab<br>
把mod_quotatab中的文件拷贝到 proftpd 中的modules 目录中<br>
localhost mod_quotatab# cp * ../proftpd-1.2.8/modules<br>
在开始运行configure之前，我们要先改动一个文件<br>
进入 proftpd-1.2.8/contrib 目录<br>
localhost mod_quotatab # cd ../proftpd-1.2.8/contrib<br>
修改 mod_sql_mysql.c<br>
localhost contrib# vi mod_sql_mysql.c<br>
找到#include 把他该为你实际路径<br>
如果你的mysql 安装在/usr/local/mysql 下，就像我前面一样，就把它修改为#include<br>
然后<br>
localhost contrib# cd ..<br>
localhostproftpd-1.2.7#./configure --prefix=DIR --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql --with-includes=DIR --with-libraries=DIR<br>
需要修改的三个地方<br>
--prefix=DIR 你要安装到哪里<br>
--with-includes=DIR mysql 的includes 目录<br>
--with-libraries=DIR mysql 的lib 目录<br>
然后<br>
make<br>
make install 完成安装<br>
<br>
3.配置proftpd.conf<br>
接下来，进入你安装好的proftpd目录 ，修改etc/proftpd.conf 文件开始配置<br>
基本配置讲解：<br>
示例：proftpd.conf<br>
ServerName "HRBEU's ftp server" #服务名<br>
ServerType standalone #f服务器启动方式<br>
DefaultServer on<br>
# Port 21 is the standard FTP port.<br>
Port 21 ＃使用端口<br>
# Umask 022 is a good standard umask to prevent new dirs and files<br>
# from being group and world writable.<br>
Umask 022<br>
#limit the user in his owner directory<br>
DefaultRoot ~ ＃限制用户只能在自己的目录里，不能上去进入其他目录<br>
#put the proftpd log files in /var/log/ftp.syslog<br>
SystemLog /data/logs/ftp.syslog ＃proftpd的系统日志存放地<br>
#TransferLog log files<br>
TransferLog /data/logs/ftp.transferlog ＃传输日志存放地<br>
#set The maxtimes user Attempts times<br>
MaxLoginAttempts 30 ＃当登陆失败后，可以尝试登陆的次数<br>
#setup the Restart<br>
AllowRetrieveRestart on<br>
#setup the download and upload speed<br>
#TransferRate [kilobytes-per-sec[:100]] ＃1.2.8版本的速率限制<br>
#setup the disk quota<br>
QuotaDirectoryTally on<br>
#quota b"|"Kb"|"Mb"|"Gb"<br>
#setup the disk quota<br>
#QuotaDirectoryTally on<br>
#quota b"|"Kb"|"Mb"|"Gb"<br>
QuotaDisplayUnits Kb<br>
QuotaEngine on<br>
QuotaLog /data/logs/Quota.log<br>
QuotaShowQuotas on<br>
# We put our mod_sql directives in a block so they'll be<br>
# inherited by the block below, and any other<br>
# blocks we may want to add. For a simple server these don't need to<br>
# be in a block but it won't hurt anything.<br>
<br>
# Specify our connection information. Both mod_sql_mysql and<br>
# mod_sql_postgres use the same format, other backends may specify a<br>
# different format for the first argument to SQLConnectInfo. By not<br>
# specifying a fourth argument, we're defaulting to 'PERSESSION'<br>
# connections -- a connection is made to the database at the start of<br>
# the session and closed at the end. This should be fine for most<br>
# situations.<br>
# SQLConnectInfo dbname@host:port username password<br>
SQLConnectInfo ftp@localhost:3306 wgh 58648217<br>
# Specify our authentication schemes. Assuming we're using<br>
# mod_sql_mysql, here we're saying 'first try to authenticate using<br>
# mysql's password scheme, then try to authenticate the user's<br>
# password as plaintext'. Note that 'Plaintext' isn't a smart way to<br>
# store passwords unless you've got your database well secured.<br>
SQLAuthTypes Backend Plaintext<br>
# Specify the table and fields for user information. If you've<br>
# created the database as it specifies in 'README.mod_sql', you don't<br>
# need to have this directive at all UNLESS you've elected not to<br>
# create some fields. In this case we're telling mod_sql to look in<br>
# table 'users' for the fields 'username','password','uid', and<br>
# 'gid'. The 'homedir' and 'shell' fields are specified as 'NULL' --<br>
# this will be explained below.<br>
# SQLUserInfo users username password uid gid NULL NULL<br>
SQLUserInfo FTPUSERS userid passwd uid gid home shell<br>
SQLGroupInfo FTPGRPS groupname gid members<br>
# Here we tell mod_sql that every user it authenticates should have<br>
# the same home directory. A much more common option would be to<br>
# specify a homedir in the database and leave this directive out. Note<br>
# that this directive is necessary in this case because we specified<br>
# the homedir field as 'NULL', above. mod_sql needs to get homedir<br>
# information from *somewhere*, otherwise it will not allow access.<br>
# SQLDefaultHomedir "/tmp"<br>
# This is not a mod_sql specific directive, but it's here because of<br>
# the way we specified 'SQLUserInfo', above. By setting this to<br>
# 'off', we're telling ProFTPD to allow users to connect even if we<br>
# have no (or bad) shell information for them. Since we specified the<br>
# shell field as 'NULL', above, we need to tell ProFTPD to allow the<br>
# users in even though their shell doesn't exist.<br>
RequireValidShell off<br>
# Here we tell mod_sql how to get out group information. By leaving<br>
# this commented out, we're telling mod_sql to go ahead and use the<br>
# defaults for the tablename and all the field names.<br>
# SQLGroupInfo groups groupname gid members<br>
# For small sites, the following directive will speed up queries at<br>
# the cost of some memory. Larger sites should read the complete<br>
# description of the 'SQLAuthenticate' directive; there are options<br>
# here that control the use of potentially expensive database<br>
# queries. NOTE: these arguments to 'SQLAuthoritative' limit the way<br>
# you can structure your group table. Check the README for more<br>
# information.<br>
SQLAuthenticate users<br>
# Finally, some example logging directives. If you have an integer<br>
# field named 'count' in your users table, these directives will<br>
# automatically update the field each time a user logs in and display<br>
# their current login count to them.<br>
# SQLNamedQuery getcount SELECT "count, userid from users where userid='%u'"<br>
# SQLNamedQuery updatecount UPDATE "count=count+1 WHERE userid='%u'" users<br>
# SQLShowInfo PASS "230" "You've logged on %{getcount} times, %u"<br>
# SQLLog PASS updatecount<br>
SQLHomedirOnDemand on<br>
#...SQL...............<br>
SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"<br>
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"<br>
<br>
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies<br>
<br>
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies<br>
<br>
QuotaLimitTable sql:/get-quota-limit<br>
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally<br>
# close our block.<br>
<br>
＃全局设置完成<br>
# To prevent DoS attacks, set the maximum number of child processes<br>
# to 30. If you need to allow more than 30 concurrent connections<br>
# at once, simply increase this value. Note that this ONLY works<br>
# in standalone mode, in inetd mode you should use an inetd server<br>
# that allows you to limit maximum number of processes per service<br>
# (such as xinetd)<br>
MaxInstances 30<br>
# Set the normal user and group permissions for the server.<br>
User FTPUSR<br>
Group FTPGRP<br>
# Normally, we want files to be overwriteable.<br>
<br>
AllowOverwrite on<br>
<br>
# A basic anonymous configuration, no upload directories. If you<br>
# don't want to support anonymous access, simply remove this<br>
# ... block.<br>
<br>
User ftp<br>
Group ftp<br>
# We want clients to be able to login with "anonymous" as well as "ftp"<br>
UserAlias anonymous ftp<br>
# Limit the maximum number of anonymous logins<br>
MaxClients 100<br>
# We want 'welcome.msg' displayed at login, and '.message' displayed<br>
# in each newly chdired directory.<br>
DisplayLogin welcome.msg<br>
DisplayFirstChdir .message<br>
# Limit WRITE everywhere in the anonymous chroot<br>
<br>
DenyAll<br>
<br>
<br>
4,mysql 用户认证部分<br>
<br>
在proftpd.conf中加入以下内容<br>
#设置MySQL认证：<br>
#数据库联接的信息，DatabaseName是数据库名， HostName是主机名，<br>
#Port是端口号，UserName是连接数据库的用户名，Password是密码。<br>
SQLConnectInfo ftp@localhost:3306 ftpuser ftppasswd<br>
#数据库认证的类型：<br>
SQLAuthTypes Backend Plaintext<br>
#指定用来做用户认证的表的有关信息。("FTPUSERS"和"FTPGRPS"是数据表名字，等一会而在下面建立)<br>
SQLUserInfo FTPUSERS userid passwd uid gid homedir shell<br>
SQLGroupInfo FTPGRPS groupname gid members<br>
#设置如果shell为空时允许用户登录：<br>
RequireValidShell off<br>