Proftpd和MySQL 的全面配置:proftpd(Professional FTP daemon),是针对Wu-FTP的弱项而开发的。除了改进其安全性,还有具备许多Wu-FTP所没有的特点。比如,能以Stand-alone、xinetd模式运行。ProFTP不仅配置方便,而且有MySQL模块,本文主要讲述的是Proftpd和MySQL 的全面配置。
1.建立相应的用户和用户组
- groupadd -g 5500 ftpgroup
- adduser -u 5500 -s /bin/false -d /bin/null -c "proftpd user" -g ftpgroup ftpuser
2.操作数据库
- mysql mysql -uroot -ppassword
- create database ftpdb
- grant select, update on ftpdb.* to proftpd@localhost identified by 'password'use ftpdb
- CREATE TABLE `ftpgroup` (
- `groupname` varchar(16) NOT NULL default '',
- `gid` smallint(6) NOT NULL default '5500',
- `members` varchar(16) NOT NULL default '',
- KEY `groupname` (`groupname`)
- ) TYPE=MyISAM COMMENT='ProFTP group table';
- INSERT INTO `ftpgroup` VALUES ('ftpgroup', 5500, 'ftpuser');
- CREATE TABLE `ftpquotalimits` (
- `name` varchar(30) default NULL,
- `quota_type` enum('user','group','class','all') NOT NULL default 'user',
- `per_session` enum('false','true') NOT NULL default 'false',
- `limit_type` enum('soft','hard') NOT NULL default 'soft',
- `bytes_in_avail` float NOT NULL default '0',
- `bytes_out_avail` float NOT NULL default '0',
- `bytes_xfer_avail` float NOT NULL default '0',
- `files_in_avail` int(10) unsigned NOT NULL default '0',
- `files_out_avail` int(10) unsigned NOT NULL default '0',
- `files_xfer_avail` int(10) unsigned NOT NULL default '0'
- ) TYPE=MyISAM;
- CREATE TABLE `ftpquotatallies` (
- `name` varchar(30) NOT NULL default '',
- `quota_type` enum('user','group','class','all') NOT NULL default 'user',
- `bytes_in_used` float NOT NULL default '0',
- `bytes_out_used` float NOT NULL default '0',
- `bytes_xfer_used` float NOT NULL default '0',
- `files_in_used` int(10) unsigned NOT NULL default '0',
- `files_out_used` int(10) unsigned NOT NULL default '0',
- `files_xfer_used` int(10) unsigned NOT NULL default '0'
- ) TYPE=MyISAM;
- CREATE TABLE `ftpuser` (
- `id` int(10) unsigned NOT NULL auto_increment,
- `userid` varchar(32) NOT NULL default '',
- `passwd` varchar(32) NOT NULL default '',
- `uid` smallint(6) NOT NULL default '5500',
- `gid` smallint(6) NOT NULL default '5500',
- `homedir` varchar(255) NOT NULL default '',
- `shell` varchar(16) NOT NULL default '/sbin/nologin',
- `count` int(11) NOT NULL default '0',
- `accessed` datetime NOT NULL default '0000-00-00 00:00:00',
- `modified` datetime NOT NULL default '0000-00-00 00:00:00',
- PRIMARY KEY (`id`)
- ) TYPE=MyISAM COMMENT='ProFTP user table' ;
注意这里大家根据实际情况填写自己数据库的用户名和密码,如果大家对数据库操作不熟悉的话,不妨可以用phpmyadmin来操作。
#p#
3.配置proftp文件
- ServerName "Frank's FTP Server" ServerType standalone DefaultServer onPort 21
- Umask 022
- MaxInstances 30
- MaxLoginAttempts 3
- User nobody
- Group nobody
- MaxHostsPerUser 1 "Sorry, you may not connect more than one time."
- MaxClientsPerUser 2 "Only one such user at a time."
- MaxClientsPerHost 3 "Sorry, you may not connect more than one time."
- RootLogin off
- RequireValidShell off
- TimeoutStalled 10
- MaxClients 10
- AllowForeignAddress on
- AllowStoreRestart on
- ServerIdent off
- DefaultRoot ~ ftpgroup
- SQLAuthTypes Backend Plaintext
- #Backend表示用户认证方式为MySQL数据库的认证方式
- #Plaintext表示明文认证方式,排在最前面的为最先使用的方式
- SQLAuthenticate users* groups*
- # databasename@host database_user user_password
- SQLConnectInfo ftpdb@localhost proftpd password
- SQLUserInfo ftpuser userid passwd uid gid homedir shell
- SQLGroupInfo ftpgroup groupname gid members
- SQLHomedirOnDemand on
- #如果用户主目录不存在,则系统会根据此用户在用户数据表中的homedir字段的值新建一个目录
- # Update count every time user logs in
- SQLLog PASS updatecount
- SQLNamedQuery updatecount UPDATE "countcount=count+1,accessed=now() WHERE userid='%u'" ftpuser
- # Update modified everytime user uploads or deletes a file
- SQLLog STOR,DELE modified
- SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
- QuotaEngine on
- QuotaDirectoryTally on
- QuotaDisplayUnits Mb
- QuotaShowQuotas on
- QuotaLog "/var/log/quota"
- SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avai
- l, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}'
- AND quota_type = '%{1}'"
- SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_i
- n_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
- SQLNamedQuery update-quota-tally UPDATE "bytes_in_usedbytes_in_used = bytes_in_used + %{0}, bytes_out_usedbytes_out_used = bytes_out_used
- + %{1}, bytes_xfer_usedbytes_xfer_used = bytes_xfer_used + %{2}, files_in_usedfiles_in_used = files_in_used + %{3}, files_files_out_used = files_
- out_used + %{4}, files_xfer_usedfiles_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquota
- tallies
- SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies
- QuotaLimitTable sql:/get-quota-limit
- QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
ok,就这么简单,重启一下proftp服务就已经能使用proftp+mysql+quota的功能
我们可以在数据库ftpuser添加一个虚拟用户,
- INSERT INTO `ftpuser` VALUES (1, 'test', 'ftppasswd', 5500, 5500, '/home/test', '/sbin/nologin');
大家可以在phpmyadmin里直接操作添加一个用户,相信不用我教大家怎么添加吧:)
如果你想设置quota,只要在ftpquotalimits表里设置一下就行了,这个表里的各个参数分别代表:
quotalimits表name: - 用户帐号
quota type: - user, group, class, all (we use user)
per_session: - true or false (we use true)
limit_type: - 硬限制 or 软限制 (我们一般用硬限制)
bytes_in_avail: - 允许上传的字节数
bytes_out_avail: - 允许下载的字节数
bytes_xfer_avail: - 允许传输的字节数(包括上传/下载)
files_in_avail: - 允许上传的文件数
files_out_avail: - 允许下载的文件数
files_xfer_avail: - 允许传输的文件数(包括上传/下载)
老实说用mysql和quota模块来验证用户和设置磁盘限额,但我总觉得还是不够完善,因为在这个方法中,数据库表里还没有相应的权限的字段,所以说相应用户的权限还是得用实际得用户即mysql对应得uid和gid来控制权限,那天要是mysql数据库也能完全控制权限就好了。
【编辑推荐】
