CentOS - Aug 2005 - VSFTP/MySQL

Hi guys,

Just a quick question, I've been slowly moving all my user services to 
mysql backend, I realise it's probably not as good a choice as LDAP, but 
you tend to stick with what you know.

To that end I want to setup both Apache and VSFTP to use mysql db for 
virtual users. Basically I want to create virtual users that are locked 
into their own home dir and have apache use mysql to work out it's 
virtual hosts.

I can probably work out apache by myself as I've done similiar things 
before, but VSFTP seems to be fairly lax in the online documentation 
aspects so I'd appreciate any tips from the gurus.

regards

Franki

On 02/08/05, Franki <franki at htmlfixit.com>
wrote:
> Just a quick question, I've been slowly moving all my user services to
> mysql backend, I realise it's probably not as good a choice as LDAP,
but
> you tend to stick with what you know.
> 
> To that end I want to setup both Apache and VSFTP to use mysql db for
> virtual users. Basically I want to create virtual users that are locked
> into their own home dir and have apache use mysql to work out it's
> virtual hosts.
> 
> I can probably work out apache by myself as I've done similiar things
> before, but VSFTP seems to be fairly lax in the online documentation
> aspects so I'd appreciate any tips from the gurus.
For Apache you might want to look into something like mod_auth_mysql
if you want user authentication.

For vsftpd, after some Googling I turned up...

<----------------------------------------------------------------------------------------------------------------->
http://rsm.demon.co.uk/node/194

Submitted by kang (not verified) on Wed, 08/06/2005 - 09:22.
I also use it with virtualhosting.
It's a bit uncommon but it works ok.
You have to use something like pam-mysql (if your users are stored in
sql) and use eg, the site name as login
then you store every site like:
/var/ftp/mysite.com
/var/ftp/myothersite.com
and so on

as /etc/vsftpd/vsftpd.conf use something including this stuff:

chroot_local_user=YES
guest_enable=YES
guest_username=ftp
user_sub_token=$USER
local_root=/var/ftp/$USER
user_config_dir=/etc/vsftpd/users_conf (if u want one)
virtual_use_local_privs=YES

as /etc/pam.d/mysql:

auth optional pam_mysql.so user=sqluser \
passwd=sqlpassword host=localhost db=sqldb usercolumn=user \
passwdcolumn=passwd crypt=2

account required pam_mysql.so user=sqluser \
passwd=sqlpassword host=localhost db=sqldb usercolumn=user \
passwdcolumn=passwd crypt=2

I have been unable to use something else than crypt=2 as hashing

Anyway, good luck !
<----------------------------------------------------------------------------------------------------------------->

It should be fairly straightforward to integrate it all.

Will.

Just to throw out another option, consider looking at ProFTPd instead of
VSFTPd; it supports native (as long as you compile it in) MySQL
authentication and is completely configurable as to which tables and
fields you can query for the login data. I can provide some quickie
examples if you need.

I have for years ditched whatever FTP daemon RedHat has offered and gone
right to ProFTPd on every server that needs FTP, and have never been
dissappointed.

hth,
-te

Franki wrote:
> Hi guys,
> 
> Just a quick question, I've been slowly moving all my user services to
> mysql backend, I realise it's probably not as good a choice as LDAP,
but
> you tend to stick with what you know.
> 
> To that end I want to setup both Apache and VSFTP to use mysql db for
> virtual users. Basically I want to create virtual users that are locked
> into their own home dir and have apache use mysql to work out it's
> virtual hosts.
> 
> I can probably work out apache by myself as I've done similiar things
> before, but VSFTP seems to be fairly lax in the online documentation
> aspects so I'd appreciate any tips from the gurus.
> 
> regards
> 
> Franki
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
-- 
Troy Engel | Systems Engineer
Fluid, Inc | http://www.fluid.com