ProFTPD + MySQL

Over FTP we can validate users stored in a database with MySQL, PostgreSQL, ODBC or SQLite. In this post we’ll configure proftpd a ftp server running in a Debian squeeze that permit authentication with virtual users stored in a MySQL database.





First we have to install the basic package proftpd, mysql server and o module of proftpd to allow the connection to the database:

# aptitude install proftpd mysql-server proftpd-mod-mysql


Now we have to connect to the database:


# mysql -u root -p

Create a new database named ftpusers:


mysql> create database ftpusers;

Grant all the permissions to the user proftpd:


mysql> grant all on ftpusers.* to proftpd@localhost identified by "PASSWORD"

Create the user table and group table and insert test users:














mysql> CREATE TABLE users (

userid varchar(12) NOT NULL,

passwd varchar(100) NOT NULL,

uid smallint(6) default NULL,

gid smallint(6) default NULL,

homedir varchar(50) default NULL,

shell varchar(20) default '/bin/false');



mysql> CREATE TABLE groups (

groupname varchar(30) NOT NULL,

gid int NOT NULL,

members varchar(255));


mysql> INSERT INTO users VALUES (

'usu1',

PASSWORD('usu123'),

500,

500,

'/var/www/web1',

'/bin/false');


mysql> INSERT INTO users VALUES (

'usu2',

PASSWORD('usu123'),

501,

500,

'/var/www/web1',

'/bin/false');



mysql> INSERT INTO users VALUES (

'usu1.2',

PASSWORD('usu123'),

502,

500,

'/var/www/web2',

'/bin/false');



mysql> INSERT INTO groups VALUES (

'ftpusers',

500,

'usu1,usu2,usu1.2');


To exit of the database run



mysql> quit

Edit the proftpd file configuration /etc/proftpd/proftpd.conf with your favourite text editor, uncomment the option DefaultRoot, RequireValidShell and PassivePorts. This options is not essential for the mysql configuration, but it’s recommended:

Image

Add a directive AuthOrder with the value mod_sql.c, it’s used for the authentication with sql database:

Image

Uncomment the entry Include for the file /etc/proftpd/sql.conf for the database configuration file:

Image

Image

Edit the file configuration /etc/proftpd/sql.conf, for the database configuration:

  • SQLBackend: the DBMS used.

  • SQLEngine: specify how mod_sql will operate, default on (allow user authentication).

  • SQLAuthenticate on: configure the behavior of the authentication with the database.

  • SQLLogFile: the log file of sql authentication.

  • SQLMinUserUID and SQLMinUserGID: the minimum number of the uid and gid users.

  • SQLAuthTypes: specify the encryption password of the database.

  • SQLConnectInfo: database@machine user password

  • SQLUserInfo and SQLGroupInfo: the rows of the tables that contains the users information.

Image

Edit /etc/proftpd/modules.conf:

uncomment the directive LoadModule mod_sql_mysql.c and LoadModule mod_sql.c:

Image

Create the group for the ftp users used in the database:


# groupadd -g 500 ftpusers

Create the tree directories of the ftp home directories with the correct permissions:


# mkdir -p /var/www/web1

# mkdir /var/www/web2

# echo web1 >/var/www/web1/fic1

# echo web2 > /var/www/web2/fic2

# chgrp -R ftpusers /var/www/

# chmod -R 775 /var/www/

Restart the proftpd service and test to connect with any user:



# service proftpd restart

Image

Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

CLEANING UP THE ZABBIX DATABASE

My Zabbix database size increased a lot in the last few months and since my disk was running out space, I decided to clean up the old events from the database. Looking at the database tables, the biggest one was  history_uint , which holds the items history data – over 400 millions of records and over 30 Gb of disk space before the clean up. Since deleting the old records from this table directly would be a very slow process, I decided to create a new table and insert the latest records from the  history_uint  table and then just replace the old table with a new one. Since this is not an offical procedure, use it at your own risk. Environment: Zabbix v2.2 MySql 5.1 – InnoDB with  innodb_file_per_table=ON Step 1 – Stop the Zabbix server Step 2 – Open your favourite MySQL client and create a new table CREATE TABLE  history_uint_new  LIKE  history_uint; Step 3 – Insert the latest records from the  history_uint  table to the...
Đọc thêm

Configuring DHCP Relay service on the FortiGate unit

Configuring DHCP Relay service on the FortiGate unit If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below: To configure DHCP relay on the FortiGate unit   1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.   2. Enable DHCP Server in the interface and choose Advanced   3. For Mode, select Relay.   4. In Type select Regular.   5. Select OK.   6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server. Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.       config system interface             edit <REQUIRED_INTERFACE_HERE>   ...
Đọc thêm

[Resolved] Amazon EC2 Redhat 7 using 6GB for the root space

Hình ảnh
I create new server with 10GB of HDD, but when i check on the command line, the root space only show 6GB. I'm using t2.micto and Redhat 7.0, disk type: XFS. - xvda1: boot partition - xvda2: root partition Fix Step: We have instance A with the volume VA. 1) Stop the current instace A 2) Snapshot the current volume VA of the instance A 3) Start the instance A 4) Create new volume with 25GB by using the snapshot of volume VA then we have new volume VB 5) Attach the new volume VB to the instance A as default (/dev/sdf) 6) From the ssh console, i use the lsblk command to list the disk. # lsblk 7) Using the xfs_repair to repair the /dev/xvdf2 ( yum install xfsprogs) # xfs_repair /dev/xvdf2 8) Continue as the image below 9) Remove the /dev/xvdf2, remember the start of this disk then we will create the new one with the same. 10) Using XFS command to repair the /dev/xvdf2 again. # xfs_repair /dev/xvdf2 11) Use the lsblk co...
Đọc thêm