Ubuntu 12.10에서 vsftpd 및 MySQL을 사용한 가상 호스팅

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

1 서문

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su 

2 vsftpd, MySQL 및 phpMyAdmin 설치

Vsftpd has no built-in MySQL support, therefore we must use PAM to authenticate against the MySQL database. So we install libpam-mysql in addition to vsftpd, MySQL, and phpMyAdmin:

apt-get install vsftpd libpam-mysql mysql-server mysql-client phpmyadmin libpam-ldap

You will be asked the following questions:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword
Web server to reconfigure automatically: <-- apache2
Configure database for phpmyadmin with dbconfig-common? <-- No
LDAP server Uniform Resource Identifier: <--  ENTER
Distinguished name of the search base: <-- ENTER
LDAP version to use: <-- 3
Make local root Database admin: <-- Yes
Does the LDAP database require login?  <-- No
LDAP account for root: <-- ENTER
LDAP root account password: <-- ldaprootpw

3 vsftpd용 MySQL 데이터베이스 생성

Now we create a database called vsftpd and a MySQL user named vsftpd which the vsftpd daemon will use later on to connect to the vsftpd database:

mysql -u root -p

CREATE DATABASE vsftpd;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
FLUSH PRIVILEGES;

Replace the string ftpdpass with whatever password you want to use for the MySQL user vsftpd. Still on the MySQL shell, we create the database table we need (yes, there is only one table!):

USE vsftpd;

CREATE TABLE `accounts` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` VARCHAR( 30 ) NOT NULL ,
`pass` VARCHAR( 50 ) NOT NULL ,
UNIQUE (
`username`
)
) ENGINE = MYISAM ;

quit;

As you may have noticed, with the quit; command we have left the MySQL shell and are back on the Linux shell.

BTW, (I'm assuming that the hostname of your ftp server system is server1.example.com) you can access phpMyAdmin under http://server1.example.com/phpmyadmin/ (you can also use the IP address instead of server1.example.com) in a browser and log in as the user vsftpd. Then you can have a look at the database. Later on you can use phpMyAdmin to administrate your vsftpd server.

4 vsftpd 구성

First we create a non-privileged user called vsftpd (with the homedir /home/vsftpd) belonging to the group nogroup. We will run vsftpd under this user, and the FTP directories of our virtual users will be in the /home/vsftpd directory (e.g. /home/vsftpd/user1, /home/vsftpd/user2, etc.).

useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

Then we make a backup of the original /etc/vsftpd.conf file and create our own:

cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
cat /dev/null > /etc/vsftpd.conf
vi /etc/vsftpd.conf

The file should have the following contents:

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
nopriv_user=vsftpd
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
guest_enable=YES
guest_username=vsftpd
local_root=/home/vsftpd/$USER
user_sub_token=$USER
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd_user_conf