[CentOS] VSFTP/MySQL

Will McDonald wmcdonald at gmail.com
Tue Aug 2 10:28:48 UTC 2005 

On 02/08/05, Franki <franki at htmlfixit.com> wrote:
> Just a quick question, I've been slowly moving all my user services to
> mysql backend, I realise it's probably not as good a choice as LDAP, but
> you tend to stick with what you know.
> 
> To that end I want to setup both Apache and VSFTP to use mysql db for
> virtual users. Basically I want to create virtual users that are locked
> into their own home dir and have apache use mysql to work out it's
> virtual hosts.
> 
> I can probably work out apache by myself as I've done similiar things
> before, but VSFTP seems to be fairly lax in the online documentation
> aspects so I'd appreciate any tips from the gurus.

For Apache you might want to look into something like mod_auth_mysql
if you want user authentication.

For vsftpd, after some Googling I turned up...

<----------------------------------------------------------------------------------------------------------------->
http://rsm.demon.co.uk/node/194

Submitted by kang (not verified) on Wed, 08/06/2005 - 09:22.
I also use it with virtualhosting.
It's a bit uncommon but it works ok.
You have to use something like pam-mysql (if your users are stored in
sql) and use eg, the site name as login
then you store every site like:
/var/ftp/mysite.com
/var/ftp/myothersite.com
and so on

as /etc/vsftpd/vsftpd.conf use something including this stuff:

chroot_local_user=YES
guest_enable=YES
guest_username=ftp
user_sub_token=$USER
local_root=/var/ftp/$USER
user_config_dir=/etc/vsftpd/users_conf (if u want one)
virtual_use_local_privs=YES

as /etc/pam.d/mysql:

auth optional pam_mysql.so user=sqluser \
passwd=sqlpassword host=localhost db=sqldb usercolumn=user \
passwdcolumn=passwd crypt=2

account required pam_mysql.so user=sqluser \
passwd=sqlpassword host=localhost db=sqldb usercolumn=user \
passwdcolumn=passwd crypt=2

I have been unable to use something else than crypt=2 as hashing

Anyway, good luck !
<----------------------------------------------------------------------------------------------------------------->

It should be fairly straightforward to integrate it all.

Will.

More information about the CentOS mailing list