[zt]proftpd+mysql用户认证+quota磁盘限额

由 shihao 在 09-10-2003 22:18 发表:

[zt]proftpd+mysql用户认证+quota磁盘限额

将proftpd的源码包解压缩到某临时目录下:

bunzip2 proftpd-1.2.7.tar.bz2

tar -xvf proftpd-1.2.7.tar

gunzip proftpd-mod-quotatab-1.2.4.tar.gz

tar -xvf proftpd-mod-quotatab-1.2.4.tar

cd mod_quotatab

cp * ../proftpd-1.2.7/modules //把这个目录中的文件拷proftpd中的modules 目录中

cd ../proftpd-1.2.7/contrib

#vi mod_sql_mysql.c

修改#include

  1<mysql mysql.h="">根据你的mysql 安装在哪里来决定:   
  2  
  3#include    
  4  
  5# cd ~/porftpd-1.2.7]   
  6  
  7#./configure --prefix=/usr/local/proftpd \   
  8  
  9\--with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quotatab_sql \   
 10  
 11\--with-includes=/usr/local/mysql/include/mysql \ // mysql 的includes 目录   
 12  
 13\--with-libraries=/usr/local/mysql/lib/mysql // mysql 的lib 目录   
 14  
 15# make   
 16  
 17# make install   
 18  
 19将/etc/passwd 和group 拷贝到/usr/local/proftpd/etc下   
 20  
 21并修成如下样子:   
 22  
 23proftpd/etc/passwd   
 24  
 25root❌0:1:Super-User:/:/sbin/sh   
 26  
 27daemon❌1:1::/:   
 28  
 29uucp❌5:5:uucp Admin:/usr/lib/uucp:   
 30  
 31FTPUSR❌1000:1000::/ftp:/bin/sh   
 32  
 33  
 34  
 35proftpd/etc/group   
 36  
 37root::0:root   
 38  
 39other::1:   
 40  
 41uucp::5:root,uucp   
 42  
 43FTPGRP::1000:   
 44  
 45  
 46  
 47修改proftpd/etc/proftpd.conf 文件配置 (我的配置文件,这是基本的功能)   
 48  
 49# This is a basic ProFTPD configuration file (rename it to   
 50  
 51# 'proftpd.conf' for actual use. It establishes a single server   
 52  
 53# and a single anonymous login. It assumes that you have a user/group   
 54  
 55# "nobody" and "ftp" for normal operation and anon.   
 56  
 57  
 58  
 59ServerName "WELCOME TO JLNU.EDU.CN "   
 60  
 61ServerType standalone   
 62  
 63DefaultServer on   
 64  
 65  
 66  
 67# Port 21 is the standard FTP port.   
 68  
 69Port 21   
 70  
 71  
 72  
 73# Umask 022 is a good standard umask to prevent new dirs and files   
 74  
 75# from being group and world writable.   
 76  
 77Umask 022   
 78  
 79  
 80  
 81# To prevent DoS attacks, set the maximum number of child processes   
 82  
 83# to 30. If you need to allow more than 30 concurrent connections   
 84  
 85# at once, simply increase this value. Note that this ONLY works   
 86  
 87# in standalone mode, in inetd mode you should use an inetd server   
 88  
 89# that allows you to limit maximum number of processes per service   
 90  
 91# (such as xinetd).   
 92  
 93MaxInstances 30   
 94  
 95  
 96  
 97DefaultRoot ~   
 98  
 99  
100  
101SystemLog /var/log/ftp.syslog   
102  
103  
104  
105TransferLog /var/log/ftp.transferlog   
106  
107  
108  
109MaxLoginAttempts 3   
110  
111  
112  
113RateReadBPS 8000   
114  
115  
116  
117RateWriteBPS 8000   
118  
119  
120  
121QuotaDirectoryTally on   
122  
123  
124  
125QuotaDisplayUnits Kb   
126  
127  
128  
129QuotaEngine on   
130  
131  
132  
133QuotaLog /var/ftp/Quota.log   
134  
135  
136  
137QuotaShowQuotas on   
138  
139  
140  
141<global>   
142  
143  
144  
145SQLConnectInfo ftp@localhost:3306 root mysql   
146  
147  
148  
149SQLAuthTypes Backend Plaintext   
150  
151  
152  
153SQLUserInfo ftpusers userid passwd uid gid home shell   
154  
155  
156  
157SQLGroupInfo ftpgrps groupname gid members   
158  
159  
160  
161RequireValidShell off   
162  
163  
164  
165SQLAuthenticate users   
166  
167  
168  
169SQLHomedirOnDemand on   
170  
171  
172  
173SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"   
174  
175  
176  
177SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"   
178  
179  
180  
181SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies   
182  
183  
184  
185SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies   
186  
187  
188  
189QuotaLimitTable sql:/get-quota-limit   
190  
191QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally   
192  
193  
194  
195</global>   
196  
197  
198  
199  
200  
201# Set the user and group under which the server will run.   
202  
203User FTPUSR   
204  
205Group FTPGRP   
206  
207  
208  
209# Normally, we want files to be overwriteable.   
210  
211<directory></directory>   
212  
213AllowOverwrite on   
214  
215   
216  
217  
218  
219# A basic anonymous configuration, no upload directories.   
220  
221<anonymous ~ftp="">   
222  
223User ftp   
224  
225Group ftp   
226  
227  
228  
229# We want clients to be able to login with "anonymous" as well as "ftp"   
230  
231UserAlias anonymous ftp   
232  
233  
234  
235# Limit the maximum number of anonymous logins   
236  
237MaxClients 10   
238  
239  
240  
241# We want 'welcome.msg' displayed at login, and '.message' displayed   
242  
243# in each newly chdired directory.   
244  
245DisplayLogin welcome.msg   
246  
247DisplayFirstChdir .message   
248  
249  
250  
251# Limit WRITE everywhere in the anonymous chroot   
252  
253<limit write="">   
254  
255DenyAll   
256  
257</limit>
258</anonymous>   
259  
260  
261  
262#具体设置MySQL认证的一些解释:   
263  
264#数据库联接的信息,DatabaseName是数据库名, HostName是主机名,   
265  
266#Port是端口号,UserName是连接数据库的用户名,Password是密码。   
267  
268SQLConnectInfo DatabaseName@localhost ![](http://linuxsir.zahui.net/html/11/images/smilies/tongue.gif) ort root Password   
269  
270  
271  
272#数据库认证的类型:   
273  
274SQLAuthTypes Backend Plaintext   
275  
276  
277  
278#指定用来做用户认证的表的有关信息。(需要在数据库中建立两张表用户和组"FTPUSERS""FTPGRPS"是数据表)   
279  
280SQLUserInfo FTPUSERS userid passwd uid gid homedir shell   
281  
282  
283  
284SQLGroupInfo FTPGRPS groupname gid members   
285  
286  
287  
288#设置如果shell为空时允许用户登录:   
289  
290RequireValidShell off   
291  
292  
293  
294#数据库的鉴别   
295  
296SQLAuthenticate users   
297  
298  
299  
300#如果home目录不存在,则系统会为根据它的home项新建一个目录:   
301  
302SQLHomedirOnDemand on   
303  
304  
305  
306然后在这个数据库中建立一个用户表FTPUSERS,FTPGRPS:   
307  
308#mysql –h localhost –u root –p 123   
309  
310mysql&gt;create database FTP;   
311  
312mysql&gt;use FTP;   
313  
314create table FTPUSERS (   
315  
316userid TEXT NOT NULL, // userid是用做FTP服务的用户名   
317  
318passwd TEXT NOT NULL, // passwd是指此用户的密码   
319  
320uid INT NOT NULL, // uid是系统用户的ID,(所映射的系统用户ID)   
321  
322gid INT NOT NULL, // gid是所属系统组的ID   
323  
324homedir TEXT, //用户的宿主目录   
325  
326shell TEXT //指定用户所用的shell ,(在具体应用时为安全做的)   
327  
328);   
329  
330  
331  
332create table FTPGRPS (   
333  
334grpname TEXT NOT NULL, //grpname是组的名称   
335  
336gid SMALLINT NOT NULL, // gid是系统组的ID   
337  
338members TEXT NOT NULL, // members是组的成员(多成员用逗号隔开)   
339  
340);   
341  
342插入记录:   
343  
344INSERT INTO FTPUSERS (userid, passwd, uid, gid, home, shell)   
345  
346values ('unixsr', '2219118', '1000', '1000', '/FTP/unixsr', '' );   
347  
348增加用户时按此格式你可以插入。   
349  
350INSERT INTO FTPGRPS VALUES ('FTPGRPS', 1000, 'FTPUSR');   
351  
352每当增加用户后,一定要在mysql更新FTPGRPS这个表的成员值   
353  
354做法:   
355  
356mysql&gt;update FTPGRPS set members=’unixsr’,unixsr1,unixsr2’;   
357  
358为FTP用户建立相应的系统用户。   
359  
360# groupadd -g 1000 FTPGRP   
361  
362# adduser -g 1000 FTPUSR   
363  
364修改一下/etc/passwd   
365  
366主要是把uid 和 gid 都改成1000 并把用户目录改为/FTP (我是手工改的,因为我的系统是三个硬盘做了一个RAID,挂到了/FTP 下,有命令的)   
367  
368为FTPUSR建立HOME,unixsr 在此目录下:   
369  
370mkdir /FTP/unixsr   
371  
372chown FTPUSR /FTP/unixsr   
373  
374chgrp FTPGRP /FTP/unixsr   
375  
376当然在这里我仅做了一个用户,多个用户也是一样的,要注意目录属于系统的映射用户和组,   
377  
378  
379  
380磁盘限额部分的一些解释:   
381  
382  
383  
384#磁盘限额部分   
385  
386QuotaDirectoryTally on   
387  
388  
389  
390#磁盘限额单位 b"|"Kb"|"Mb"|"Gb"   
391  
392QuotaDisplayUnits "Kb"   
393  
394  
395  
396QuotaEngine on   
397  
398  
399  
400#磁盘限额日志记录   
401  
402QuotaLog /var/log/Quota.log   
403  
404  
405  
406# 打开磁盘限额信息.   
407  
408QuotaShowQuotas on   
409  
410  
411  
412#以下是SQL调用语句,不用修改直接拷贝过去 (这一部分拷贝网友)   
413  
414  
415  
416SQLNamedQuery get-quota-limit SELECT "name, quota_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits \   
417  
418WHERE name = '%{0}' AND quota_type = '%{1}'"   
419  
420  
421  
422SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, \   
423  
424bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies \   
425  
426WHERE name = '%{0}' AND quota_type = '%{1}'"   
427  
428  
429  
430SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, \   
431  
432bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, \   
433  
434files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, \   
435  
436files_xfer_used = files_xfer_used + %{5} \   
437  
438WHERE name = '%{6}'</mysql>
Published At
Categories with 服务器类
Tagged with
comments powered by Disqus