Author: SXPCrazy
from: http: //SXPCrazy.com http://www.linuxsir.org
Summary: An Introduction vsftpd server basic configuration, and use the mysql database as a user login authentication through an FTP program pam_mysql authentication module.
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++
text
+++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++
a preparatory work;
I focuses on vsftpd and pam_mysql configuration, it will not cover how to install, install the specific needs of there are packages: vsftpd
PAM
pam_mysql
MySQL-server
MySQL vsftpd FTP server is a program that we want to use.
pam provide a user authentication password checking program, many of the following Linux user login authentication can use him to complete.
pam_mysql mysql authentication module is in the pam.
mysql-server MySQL server program
mysql client console connected to the package can be installed by the above yum or apt-get, or can also compile the source code installed rpm, using software, see:
"Fedora / Redhat Package Manager Guide" later installed can use the rpm installed in the end to take a look at where we are, what configuration file:
Important: Here we also need to know whether the machine SELinux is installed, if the installation, configuration, what kind of.
Use the following code:
If you do not return any results, the representative did not install SELinux, if it returns a result similar to the above, then the system is installed SELinux, then we need to know how he is configurable to run in what way.
Return the results above, the three values are SELINUX mean:
Disabled complete ban on SELinux functionality
permissive use SELinux policy file verification operation, warning when the operation is not permitted, but allowed to continue without stop operation get on. Suitable for use SELinux will not know what effect the system of people.
enforcing the use of SELinux policy file verification operation, when the operation is not permitted directly prohibited operation is performed. Meaning two values SELINUXTYPE is:
Targeted policy checks will only be restricted to a particular process started under the domain, and for the process to run under the domain unrestricted policy file is not checked.
will be strict policy checks for all processes, is designed to better control strategies for different levels of security domains, you can create multi-level hierarchical policy control. This article does not prepare detailed knowledge of SELinux other relevant documents can be found http://www.nsa.gov/selinux/ if SELINUX is set to disable or permissive way, then we can not control the following SELinux settings section, otherwise please note Tip SELinux see section below. Today to write to you, please do not complete the work polymerization!
from: http: //SXPCrazy.com http://www.linuxsir.org
Summary: An Introduction vsftpd server basic configuration, and use the mysql database as a user login authentication through an FTP program pam_mysql authentication module.
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++
text
+++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++
a preparatory work;
I focuses on vsftpd and pam_mysql configuration, it will not cover how to install, install the specific needs of there are packages: vsftpd
PAM
pam_mysql
MySQL-server
MySQL vsftpd FTP server is a program that we want to use.
pam provide a user authentication password checking program, many of the following Linux user login authentication can use him to complete.
pam_mysql mysql authentication module is in the pam.
mysql-server MySQL server program
mysql client console connected to the package can be installed by the above yum or apt-get, or can also compile the source code installed rpm, using software, see:
"Fedora / Redhat Package Manager Guide" later installed can use the rpm installed in the end to take a look at where we are, what configuration file:
[root@dreammaker ~]# rpm -qc vsftpd
/etc/logrotate.d/vsftpd.log
/etc/pam.d/vsftpd
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
/etc/vsftpd/vsftpd.conf
/etc/vsftpd/vsftpd_conf_migrate.sh
Use the following code:
[root@dreammaker ~]# rpm -qa | grep selinux
libselinux-1.23.10-2
selinux-policy-targeted-1.23.16-6
If you do not return any results, the representative did not install SELinux, if it returns a result similar to the above, then the system is installed SELinux, then we need to know how he is configurable to run in what way.
[root@dreammaker ~]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Return the results above, the three values are SELINUX mean:
Disabled complete ban on SELinux functionality
permissive use SELinux policy file verification operation, warning when the operation is not permitted, but allowed to continue without stop operation get on. Suitable for use SELinux will not know what effect the system of people.
enforcing the use of SELinux policy file verification operation, when the operation is not permitted directly prohibited operation is performed. Meaning two values SELINUXTYPE is:
Targeted policy checks will only be restricted to a particular process started under the domain, and for the process to run under the domain unrestricted policy file is not checked.
will be strict policy checks for all processes, is designed to better control strategies for different levels of security domains, you can create multi-level hierarchical policy control. This article does not prepare detailed knowledge of SELinux other relevant documents can be found http://www.nsa.gov/selinux/ if SELINUX is set to disable or permissive way, then we can not control the following SELinux settings section, otherwise please note Tip SELinux see section below. Today to write to you, please do not complete the work polymerization!
Reproduced in: https: //www.cnblogs.com/licheng/archive/2008/01/21/1047609.html