配置vsftpd时,用Mysql数据库存储用户名及密码所遇到的问题!
操作系统:虚拟机5.5.1下Redhat linux AS4
软件:vsftpd-2.0.4,mysql-4.1.20,pam_mysql-0.5
具体操作如下:
1、安装mysql-4.1.20数据库:
1.1创建mysql组和mysql用户
#groupadd mysql
#useradd -g mysql mysql
修改/root下的.bash_profile的这一行:
#vi /root/.bash_profile
PATH=$PATH: $HOME/bin
为
PATH=$PATH: $HOME/bin:/usr/local/mysql/bin
1.2安装mysql
#tar -zxvf mysql-4.1.20.tar.gz
#cd mysql-4.120
#./configure --prefix=/usr/local/mysql (--with-charset=gbk --with-charset=gb2312 --with-charset=utf8 --with-extra-charsets=complex --without-uca)
——括号内为我在apache-2.0+mysql-4.1.20+php-4.4.2+phpMyAdmin-2.6.2+Zend-3.0.0时添加字符时用的,在此省略了!
#make
#make install
#cd scripts
#./mysql_install_db
#chown -R root /usr/local/mysql
#chown -R mysql /usr/local/mysql/var
#chgrp -R mysql /usr/local/mysql
#cp ../support-files/my-medium.cnf /etc/my.cnf
向/etc/ld.so.conf中加入两行:
#vi /etc/ld.so.conf
/usr/local/mysql/lib/mysql
/usr/local/lib
载入库,执行ldconfig -v
#ldconfig -v
1.3测试mysql是否工作
#/usr/local/mysql/bin/mysqld_safe &
#ps -ef |grep mysql
查看mysql_safe是否工作在进程里
1.4设置mysql为自启动将mysql-4.1.20安装目录下的support-files目录中的mysql.server文件拷到/etc/init.d目录下
#cp /mysql-4.1.20/support-files/mysql.server /etc/init.d/mysql
#chmod 755 /etc/init.d/mysql
创建硬链接
#cd /etc/rc3.d(文本方式启动)
#ln -s /etc/init.d/mysql S85mysql
#ln -s /etc/init.d/mysql K85mysql
设置mysql密码(远程登陆加–h IP地址)
#/usr/local/mysql/bin/mysqladmin –uroot password'123456'
进入mysql数据库(远程登陆加–h IP地址)
#/usr/local/mysql/bin/mysql –uroot –p123456
配置mysql数据库:
mysql>create database ftpd;
mysql>use ftpd;
mysql>create table user(name char(20) binary,passwd char(20) binary);
mysql>insert into user (name,passwd) values ('test1','123');
mysql>insert into user (name,passwd) values ('test2','321');
mysql>grant select on ftpd.user to ftpd@localhost identified by '12345';
mysql>flush privileges; 刷新权限设置
mysql>quit;
2、下载libpam-mysql-5.0进行安装编译
下载地址如下:
http://nchc.dl.sourceforge.net/s ... am_mysql-0.5.tar.gz
2.1假设我们把它放在了/soft目录下
#cd /soft
#tar zxvf pam_mysql-0.5.tar.gz
#cd pam_mysql-5.0
#make
#cp pam_mysql.so /lib/security
我的问题就在于此处,make编译不出来pam_mysql.so文件,提示一个错误!内容如下:
mkdir -p ./dynamic
gcc -O2 -Dlinux -DLINUX_PAM -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -fPIC -DPAM_DYNAMIC -c pam_mysql.c -o dynamic/pam_mysql.o
pam_mysql.c:35:25: mysql/mysql.h: No such file or directory
pam_mysql.c:81: error: syntax error before '*' token
pam_mysql.c:81: warning: type defaults to `int' in declaration of `mysql_auth'
pam_mysql.c:81: error: ISO C forbids data definition with no type or storage class
pam_mysql.c:141: error: syntax error before '*' token
pam_mysql.c:141: warning: function declaration isn't a prototype
pam_mysql.c:143: error: syntax error before '*' token
pam_mysql.c:144: warning: function declaration isn't a prototype
pam_mysql.c:151: error: syntax error before '*' token
pam_mysql.c:151: warning: function declaration isn't a prototype
pam_mysql.c: In function `breakArgs':
pam_mysql.c:157: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: In function `parseArgs':
pam_mysql.c:233: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: At top level:
pam_mysql.c:391: error: syntax error before '*' token
pam_mysql.c:391: warning: function declaration isn't a prototype
pam_mysql.c: In function `db_connect':
pam_mysql.c:401: warning: implicit declaration of function `mysql_init'
pam_mysql.c:401: warning: nested extern declaration of `mysql_init'
pam_mysql.c:401: error: `auth_sql_server' undeclared (first use in this function)
pam_mysql.c:401: error: (Each undeclared identifier is reported only once
pam_mysql.c:401: error: for each function it appears in.)
pam_mysql.c:402: warning: implicit declaration of function `mysql_real_connect'
pam_mysql.c:402: warning: nested extern declaration of `mysql_real_connect'
pam_mysql.c:404: warning: assignment makes pointer from integer without a cast
pam_mysql.c:407: warning: implicit declaration of function `mysql_select_db'
pam_mysql.c:407: warning: nested extern declaration of `mysql_select_db'
pam_mysql.c:411: warning: implicit declaration of function `mysql_error'
pam_mysql.c:411: warning: nested extern declaration of `mysql_error'
pam_mysql.c:411: warning: format argument is not a pointer (arg 3)
pam_mysql.c: In function `db_close':
pam_mysql.c:420: warning: traditional C rejects ISO C style function definitions
pam_mysql.c:424: warning: implicit declaration of function `mysql_close'
pam_mysql.c:424: warning: nested extern declaration of `mysql_close'
pam_mysql.c: At top level:
pam_mysql.c:428: error: syntax error before '*' token
pam_mysql.c:429: warning: function declaration isn't a prototype
pam_mysql.c: In function `db_checkpasswd':
pam_mysql.c:438: error: `MYSQL_RES' undeclared (first use in this function)
pam_mysql.c:438: error: `result' undeclared (first use in this function)
pam_mysql.c:439: error: `MYSQL_ROW' undeclared (first use in this function)
pam_mysql.c:439: error: syntax error before "row"
pam_mysql.c:452: error: `user' undeclared (first use in this function)
pam_mysql.c:462: warning: implicit declaration of function `mysql_escape_string'
pam_mysql.c:462: warning: nested extern declaration of `mysql_escape_string'
pam_mysql.c:509: warning: implicit declaration of function `mysql_query'
pam_mysql.c:509: warning: nested extern declaration of `mysql_query'
pam_mysql.c:509: error: `auth_sql_server' undeclared (first use in this function)
pam_mysql.c:513: warning: implicit declaration of function `mysql_store_result'
pam_mysql.c:513: warning: nested extern declaration of `mysql_store_result'
pam_mysql.c:516: warning: nested extern declaration of `mysql_error'
pam_mysql.c:516: warning: format argument is not a pointer (arg 3)
pam_mysql.c:517: warning: implicit declaration of function `mysql_free_result'
pam_mysql.c:517: warning: nested extern declaration of `mysql_free_result'
pam_mysql.c:521: warning: implicit declaration of function `mysql_num_rows'
pam_mysql.c:521: warning: nested extern declaration of `mysql_num_rows'
pam_mysql.c:523: warning: nested extern declaration of `mysql_free_result'
pam_mysql.c:528: error: `row' undeclared (first use in this function)
pam_mysql.c:528: warning: implicit declaration of function `mysql_fetch_row'
pam_mysql.c:528: warning: nested extern declaration of `mysql_fetch_row'
pam_mysql.c:531: warning: nested extern declaration of `mysql_error'
pam_mysql.c:531: warning: format argument is not a pointer (arg 3)
pam_mysql.c:536: error: `passwd' undeclared (first use in this function)
pam_mysql.c:576: warning: implicit declaration of function `make_scrambled_password'
pam_mysql.c:576: warning: nested extern declaration of `make_scrambled_password'
pam_mysql.c:603: warning: nested extern declaration of `mysql_free_result'
pam_mysql.c: In function `converse':
pam_mysql.c:613: warning: traditional C rejects ISO C style function definitions
pam_mysql.c:617: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c: In function `saltify':
pam_mysql.c:636: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: At top level:
pam_mysql.c:673: error: syntax error before '*' token
pam_mysql.c:675: warning: function declaration isn't a prototype
pam_mysql.c: In function `updatePasswd':
pam_mysql.c:690: error: `user' undeclared (first use in this function)
pam_mysql.c:690: error: `newpass' undeclared (first use in this function)
pam_mysql.c:692: error: `oldpass' undeclared (first use in this function)
pam_mysql.c:692: error: `isRoot' undeclared (first use in this function)
pam_mysql.c:732: warning: nested extern declaration of `make_scrambled_password'
pam_mysql.c:768: warning: nested extern declaration of `mysql_escape_string'
pam_mysql.c:786: warning: nested extern declaration of `mysql_query'
pam_mysql.c:786: error: `my' undeclared (first use in this function)
pam_mysql.c:789: warning: nested extern declaration of `mysql_error'
pam_mysql.c:789: warning: format argument is not a pointer (arg 3)
pam_mysql.c: In function `askForPassword':
pam_mysql.c:800: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: At top level:
pam_mysql.c:839: error: syntax error before '*' token
pam_mysql.c:839: warning: function declaration isn't a prototype
pam_mysql.c: In function `sqlLog':
pam_mysql.c:886: error: `user' undeclared (first use in this function)
pam_mysql.c:893: error: `msg' undeclared (first use in this function)
pam_mysql.c:906: warning: nested extern declaration of `mysql_escape_string'
pam_mysql.c:952: warning: implicit declaration of function `mysql_real_query'
pam_mysql.c:952: warning: nested extern declaration of `mysql_real_query'
pam_mysql.c:952: error: `auth_sql_server' undeclared (first use in this function)
pam_mysql.c:963: warning: nested extern declaration of `mysql_error'
pam_mysql.c:963: warning: format argument is not a pointer (arg 3)
pam_mysql.c: In function `pam_sm_authenticate':
pam_mysql.c:982: warning: traditional C rejects ISO C style function definitions
pam_mysql.c:989: error: `MYSQL' undeclared (first use in this function)
pam_mysql.c:989: error: syntax error before "auth_sql_server"
pam_mysql.c:1009: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1014: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1019: error: `auth_sql_server' undeclared (first use in this function)
pam_mysql.c: In function `pam_sm_acct_mgmt':
pam_mysql.c:1047: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: In function `pam_sm_setcred':
pam_mysql.c:1057: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: In function `pam_sm_chauthtok':
pam_mysql.c:1069: warning: traditional C rejects ISO C style function definitions
pam_mysql.c:1077: error: `MYSQL' undeclared (first use in this function)
pam_mysql.c:1077: error: syntax error before "auth_sql_server"
pam_mysql.c:1100: error: `auth_sql_server' undeclared (first use in this function)
pam_mysql.c:1113: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1120: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1147: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1158: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1173: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c:1180: warning: dereferencing type-punned pointer will break strict-aliasing rules
pam_mysql.c: In function `pam_sm_open_session':
pam_mysql.c:1201: warning: traditional C rejects ISO C style function definitions
pam_mysql.c: In function `pam_sm_close_session':
pam_mysql.c:1211: warning: traditional C rejects ISO C style function definitions
make: *** [dynamic/pam_mysql.o] Error 1
2.2建立PAM认证信息
#vi /etc/pam.d/ftp 添加的内容如下:
auth required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
注意:
crypt=n
crypt=0: 明文密码
crypt=1: 使用crpyt()函数(对应SQL数据里的encrypt(),encrypt()随机产生salt)
crypt=2: 使用MYSQL中的password()函数加密
crypt=3:表示使用md5的散列方式
2.3建立本地虚拟用户
# useradd -d /home/ftpd -s /sbin/nologin ftpd
3、安装配置vsftpd的过程:
3.1安装vsftpd过程
#cd /soft/vsftpd-2.0.3 //进入vsftpd-2.0.3的源代码目录
#make clean //清除编译环境
#vi builddefs.h //继续编辑builddefs.h 文件,文件内容如下:
#ifndef VSF_BUILDDEFS_H
#define VSF_BUILDDEFS_H
#define VSF_BUILD_TCPWRAPPERS
#undef VSF_BUILD_PAM
#define VSF_BUILD_SSL
#endif /* VSF_BUILDDEFS_H */
将以上define VSF_BUILD_PAM行的undef改为define,支持tcp_wrappers,支持PAM认证方式,支持SSL,和匿名用户形式是一样的。
#make //直接在vsftpd-2.0.3里用make编译
#ls -l vsftpd
-rwxr-xr-x 1 root root 86088 Jun 6 22:26 vsftpd //可执行程序已被编译成功
创建必要的帐号,目录:
#useradd nobody //可能你的系统已经存在此帐号,那就不用建立
#mkdir /usr/share/empty //可能你的系统已经存在此目录,那就不用建立
#mkdir /var/ftp //可能你的系统已经存在此目录,那就不用建立
#useradd -d /var/ftp ftp //可能你的系统已经存在此帐号,那就不用建立
#chown root:root /var/ftp
#chmod og-w /var/ftp
如果你不想让用户在本地登陆,那么你需要把他的登陆SHELL设置成/sbin/nologin,比如以上的nobody和ftp我就设置成/sbin/nologin
安装vsftp配置文件,可执行程序,man等:
#install -m 755 vsftpd /usr/local/sbin/vsftpd
#install -m 644 vsftpd.8 /usr/share/man/man8
#install -m 644 vsftpd.conf.5 /usr/share/man/man5
#install -m 644 vsftpd.conf /etc/vsftpd.conf
3.2安装完成了,那么我们开始进行简单的配置
#vi /etc/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
chroot_local_user=YES
guest_enable=YES
guest_username=ftpd
listen=YES
listen_port=21
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30999
anon_world_readable_only=NO
virtual_use_local_privs=YES
[ 本帖最后由 caichang 于 2006-8-28 10:26 编辑 ]
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
passwd()函数加密支持密码长度41位,md5加密支持密码长度32位吗???
你passwd字段用char(42)就行了.
由于在mysql中的passwd()函数加密支持密码长度41位,md5加密支持密码长度32位。
如果我使用
crypt=2: 使用MYSQL中的password()函数加密
或
crypt=3:表示使用md5的散列方式 建立PAM认证信息
#vi /etc/pam.d/ftp 添加的内容如下:
auth required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=2或crypt=3
account required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=2或crypt=3
create table user(name char(20) binary,passwd char(20) binary);
而在数据库建立用户列表时所用的passwd{char(20)}的字符长度超出了mysql规定的passwd字符长度!是这个意思吧?还有请问int占多少位?char占多少位?之间能换算吗?
例如:int(20)占用20bit,char(20)占用160bit,对吗?
你这里是存储不下的
md5是128位的校验和!
mysql中password()加密后多少位就不不太清楚!请指点!
[ 本帖最后由 caichang 于 2006-8-27 17:14 编辑 ]
你知道MySQL中的password()加密码后的密码是多少位吗?还有md5
谢谢楼上的!我重做一遍再试试其他版本!是因为在pam建立认证信息那crypt=0的缘故吗?如果不是还请指点一下!
#vi /etc/pam.d/ftp 添加的内容如下:
auth required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=ftpd passwd=123456 host=localhost db=ftpd table=user usercolumn=name passwdcolumn=passwd crypt=0
注意:
crypt=n
crypt=0: 明文密码
crypt=1: 使用crpyt()函数(对应SQL数据里的encrypt(),encrypt()随机产生salt)
crypt=2: 使用MYSQL中的password()函数加密
crypt=3:表示使用md5的散列方式
用其它版本试试
这里有: http://prdownloads.sourceforge.net/pam-mysql/
还有,就算你成功安装了,按你这样的配置,除了明文密码外,其它不可能通过验证,知道为什么吗?