Pure-FTPd не авторизуется через mysql
У меня есть сервер на Ubuntu 12.04.3 LTS. Мне нужно установить Pure-FTPd с аутентификацией MySQL. Я установил pure-FTPd, набрав "apt-get install pure-ftpd-mysql". Было установлено. Итак, мой файл "/etc/pure-ftpd/pure-ftp.conf":
############################################################
# #
# Configuration file for pure-ftpd wrappers #
# #
############################################################
# If you want to run Pure-FTPd with this configuration
# instead of command-line options, please run the
# following command :
#
# /usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf
#
# Please don't forget to have a look at documentation at
# http://www.pureftpd.org/documentation.shtml for a complete list of
# options.
# Cage in every user in his home directory
ChrootEveryone yes
# Turn on compatibility hacks for broken clients
BrokenClientsCompatibility no
# Maximum number of simultaneous users
MaxClientsNumber 50
# Fork in background
Daemonize yes
# Maximum number of sim clients with the same IP address
MaxClientsPerIP 8
# If you want to log all client commands, set this to "yes".
# This directive can be duplicated to also log server responses.
VerboseLog yes
# List dot-files even when the client doesn't send "-a".
DisplayDotFiles no
# Don't allow authenticated users - have a public anonymous FTP only.
AnonymousOnly no
# Disallow anonymous connections. Only allow authenticated users.
NoAnonymous yes
# Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
# The default facility is "ftp". "none" disables logging.
SyslogFacility daemon
# Display fortune cookies
# FortunesFile /usr/share/fortune/zippy
# Don't resolve host names in log files. Logs are less verbose, but
# it uses less bandwidth. Set this to "yes" on very busy servers or
# if you don't have a working DNS.
DontResolve yes
# Maximum idle time in minutes (default = 15 minutes)
MaxIdleTime 15
# MySQL configuration file (see README.MySQL)
MySQLConfigFile /etc/pure-ftpd/db/mysql.conf
# 'ls' recursion limits. The first argument is the maximum number of
# files to be displayed. The second one is the max subdirectories depth
LimitRecursion 2000 8
# Are anonymous users allowed to create new directories ?
AnonymousCanCreateDirs no
# If the system is more loaded than the following value,
# anonymous users aren't allowed to download.
MaxLoad 4
# Port range for passive connections replies. - for firewalling.
PassivePortRange 50000:50100
# Disallow downloading of files owned by "ftp", ie.
# files that were uploaded but not validated by a local admin.
AntiWarez no
# File creation mask. <umask for files>:<umask for dirs> .
# 177:077 if you feel paranoid.
Umask 133:022
# Minimum UID for an authenticated user to log in.
MinUID 48
# Do not use the /etc/ftpusers file to disable accounts. We're already
# using MinUID to block users with uid < 500
UseFtpUsers no
# Allow FXP transfers for authenticated users.
AllowUserFXP yes
# Allow anonymous FXP for anonymous and non-anonymous users.
AllowAnonymousFXP no
# Users can't delete/write files beginning with a dot ('.')
# even if they own them. If TrustedGID is enabled, this group
# will have access to dot-files, though.
ProhibitDotFilesWrite no
# Prohibit *reading* of files beginning with a dot (.history, .ssh...)
ProhibitDotFilesRead no
# Never overwrite files. When a file whose name already exist is uploaded,
# it get automatically renamed to file.1, file.2, file.3, ...
AutoRename no
# Disallow anonymous users to upload new files (no = upload is allowed)
AnonymousCantUpload yes
# Create an additional log file with transfers logged in a Apache-like format :
# fw.c9x.org - jedi [13/Dec/1975:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
# This log file can then be processed by www traffic analyzers.
AltLog clf:/var/log/pureftpd.log
# Automatically create home directories if they are missing
CreateHomeDir yes
# This option is useful with servers where anonymous upload is
# allowed. As /var/ftp is in /var, it save some space and protect
# the log files. When the partition is more that X percent full,
# new uploads are disallowed.
MaxDiskUsage 90
# Be 'customer proof' : workaround against common customer mistakes like
# 'chmod 0 public_html', that are valid, but that could cause ignorant
# customers to lock their files, and then keep your technical support busy
# with silly issues. If you're sure all your users have some basic Unix
# knowledge, this feature is useless. If you're a hosting service, enable it.
CustomerProof yes
... и мой файл "/etc/pure-ftpd/db/mysql.conf":
##############################################
# #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations. #
# #
##############################################
# Optional : MySQL server name or IP. Don't define this for unix sockets.
# MYSQLServer 127.0.0.1
# Optional : MySQL port. Don't define this if a local unix socket is used.
# MYSQLPort 3306
# Optional : define the location of mysql.sock if the server runs on this host.
MYSQLSocket /var/lib/mysql/mysql.sock
# Mandatory : user to bind the server as.
MYSQLUser mybard_joo
# Mandatory : user password. You must have a password.
MYSQLPassword bkmzyfevjd
# Mandatory : database to open.
MYSQLDatabase mybard_joo
# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "sha1", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "sha1", "md5" *and* "password"
MYSQLCrypt md5
# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.
# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.
# Query to execute in order to fetch the password
#MYSQLGetPW SELECT Password FROM users WHERE User='\L'
MYSQLGetPW SELECT `ftp`.`passwd` AS `Password` FROM `bard__user_list` `u` INNER JOIN `bard__user_ftp` `ftp` ON `ftp`.`id_user`=`u`.`id` WHERE `u`.`login`='\L' AND `ftp`.`enabled`
# Query to execute in order to fetch the system user name or uid
#MYSQLGetUID SELECT Uid FROM users WHERE User='\L'
# Optional : default UID - if set this overrides MYSQLGetUID
MYSQLDefaultUID 48
# Query to execute in order to fetch the system user group or gid
#MYSQLGetGID SELECT Gid FROM users WHERE User='\L'
# Optional : default GID - if set this overrides MYSQLGetGID
MYSQLDefaultGID 502
# Query to execute in order to fetch the home directory
#MYSQLGetDir SELECT Dir FROM users WHERE User='\L'
MYSQLGetDir SELECT CONCAT('/ftp/',`u`.`login`,'/') AS `Dir` FROM `bard__user_list` `u` INNER JOIN `bard__user_ftp` `ftp` ON `ftp`.`id_user`=`u`.`id` WHERE `login`='\L' AND `ftp`.`enabled`=1
# Optional : query to get the maximal number of files
# Pure-FTPd must have been compiled with virtual quotas support.
# MySQLGetQTAFS SELECT QuotaFiles FROM users WHERE User='\L'
# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.
# MySQLGetQTASZ SELECT QuotaSize FROM users WHERE User='\L'
# Optional : ratios. The server has to be compiled with ratio support.
# MySQLGetRatioUL SELECT ULRatio FROM users WHERE User='\L'
# MySQLGetRatioDL SELECT DLRatio FROM users WHERE User='\L'
# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .
# MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User='\L'
# MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User='\L'
# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.
# MySQLForceTildeExpansion 1
# If you're using a transactionnal storage engine, you can enable SQL
# transactions to avoid races. Leave this commented if you are using the
# traditionnal MyIsam engine.
# MySQLTransactions On
Кажется, все отлично, покупайте, когда я пытаюсь войти в систему, происходит выход с ошибкой: "Сервер сказал: аутентификация входа не удалась". Я перезагружал сервер несколько раз, но он не работает... Кажется, он не применяет конфигурационные файлы.
Я пробовал эту команду: "/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf", но она все еще не работает: "/usr/sbin/pure-config.pl: Данный файл или каталог отсутствует".
У меня есть только три файла в / etc / pure-ftpd / conf: ChrootEveryone, CreateHomeDir, MySQLConfigFile. Все кажется правильным.
2 ответа
Извините, ребята, теперь все в порядке. Не сейчас, как, но в файле mysql.conf MYSQLCrypt был задан в виде открытого текста... Теперь, когда я установил его на md5, обратно кажется, что everethin будет лучше!
Другой причиной может быть то, что pure-ftpd-mysql package
не установлен вообще. Хорошо, вы сказали, что установили его. Но я только что обнаружил, что он не был установлен, только его конфигурационные файлы, которые были созданы ISPConfig во время его установки.
Итак, установка пакета сразу исправила проблему для меня:
apt-get install pure-ftpd-mysql
Более подробные объяснения и другие возможные причины см. В моем блоге на эту тему: " Как исправить ошибку" 530 Проверка подлинности при входе в систему "для входа в систему ISPConfig FTP? ".