http://blog.sina.com.cn/s/blog_61e904fd0100rgu4.html
这两天安装LDAP服务器,烦到死啊!开始是BerkeleyDB下载不了,下好了吧,又出现“configure: error: BDB/HDB: BerkeleyDB not available”问题,网上查了半天没有解决掉!今天看到一篇帖子,然后换了一个BerkeleyDB,开始是用的5.1版本,换成4.8.30!
好吧,上面那个痛经班的问题算是没了,但是,又出现了版本号不兼容!header和library的版本不一致,我勒个去啊!没办法,只能把header中的宏改成4.8.24了,悲催!
现在,算是弄了,烦啊!
(下面是那篇神帖,拜啊!)
背景:
配置WAS的standalone LDAP加密时,选择安装了openldap。
下载的openldap版本:openldap-2.4.23
问题:
在./configure时,报checking if Berkeley DB version supported by BDB/HDB backends… no
configure: error: BerkeleyDB version incompatible with BDB/HDB backends
需要先安装BerkeleyDB,下载地址:
http://www.oracle.com/technetwork/datab ... 82944.html
我最先下载的是提供的最新的版本:db-5.1.25.NC.zip
安装步骤:
unzip db-5.1.25.NC.zip 解压,然后cd build_unix/ ,再运行../dist/configure , 最后,运行make, make install安装。默认的安装在/usr/local, 可以通过 ../dist/configure –prefix=你的路径,来改变安装路径。
安装好db-5.1.25.NC.zip后,发现对openldap进行configure时,还是报错:
configure: error: BDB/HDB: BerkeleyDB not available
解决办法:
尝试了网上很多办法,还是不行。决定换一个BerkeleyDB的版本试试。
于是重新下载了:db-4.8.30.NC.zip
重新安装好BerkeleyDB后,需要添加一些环境变量,见以下粗体部分:
[root@mylinux openldap-2.4.23]# export CPPFLAGS=”-I/usr/local/BerkeleyDB.4.8/include”
[root@mylinux openldap-2.4.23]#export LDFLAGS=”-L/usr/local/lib -L/usr/local/BerkeleyDB.4.8/lib -R/usr/local/BerkeleyDB.4.8/lib”
[root@mylinux openldap-2.4.23]# export LD_LIBRARY_PATH=”/usr/local/BerkeleyDB.4.8/lib”
[root@mylinux openldap-2.4.23]# env
LDFLAGS=-L/usr/local/lib -L/usr/local/BerkeleyDB.4.8/lib -R/usr/local/BerkeleyDB.4.8/lib
HOSTNAME=mylinux
TERM=vt100
SHELL=/bin/bash
HISTSIZE=1000
CPPFLAGS=-I/usr/local/BerkeleyDB.4.8/include
SSH_CLIENT=::ffff:192.168.0.10 3336 22
OLDPWD=/apps/openldap
SSH_TTY=/dev/pts/2
USER=root
LD_LIBRARY_PATH=/usr/local/BerkeleyDB.4.8/lib
======================================================
最后,进行openldap的安装
1、[root@mylinux openldap-2.4.23]# ./configure
….
Making servers/slapd/overlays/statover.c
Add syncprov …
Please run “make depend” to build dependencies
[root@mylinux openldap-2.4.23]#
看到“Please run “make depend” to build dependencies”说明configure完毕。
2、[root@mylinux openldap-2.4.23]# make depend
Making depend in /apps/openldap/openldap-2.4.23
Entering subdirectory include
make[1]: Entering directory `/apps/openldap/openldap-2.4.23/include’
Making ldap_config.h
make[1]: Leaving directory `/apps/openldap/openldap-2.4.23/include’
….
Entering subdirectory man5
make[3]: Entering directory `/apps/openldap/openldap-2.4.23/doc/man/man5′
make[3]: Nothing to be done for `depend’.
make[3]: Leaving directory `/apps/openldap/openldap-2.4.23/doc/man/man5′
Entering subdirectory man8
make[3]: Entering directory `/apps/openldap/openldap-2.4.23/doc/man/man8′
make[3]: Nothing to be done for `depend’.
make[3]: Leaving directory `/apps/openldap/openldap-2.4.23/doc/man/man8′
make[2]: Leaving directory `/apps/openldap/openldap-2.4.23/doc/man’
make[1]: Leaving directory `/apps/openldap/openldap-2.4.23/doc’
3、[root@mylinux openldap-2.4.23]# make
……………………….
done
make[3]: Leaving directory `/apps/openldap/openldap-2.4.23/doc/man/man8′
make[2]: Leaving directory `/apps/openldap/openldap-2.4.23/doc/man’
make[1]: Leaving directory `/apps/openldap/openldap-2.4.23/doc’
4、[root@mylinux openldap-2.4.23]# make test
5、[root@mylinux openldap-2.4.23]# make install
安装完成。配置文件的路径在:/usr/local/etc/openldap
最后启动服务:
到路径/usr/local/libexec下
[root@mylinux libexec]# ./slapd
[root@mylinux libexec]# ps -ef|grep slapd |grep -v grep
root 5771 1 0 18:41 ? 00:00:00 ./slapd
如果这个问题都没法解决,这个论坛所谓的大神都是假的,我不相信,论坛能有人把这个问题解决了,我悬赏90QB打赌,详见38楼
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: quotaon: 设备或资源忙怎么办 26楼求回答
BDB安装完毕之后开始安装openLDAP,但是configure时又出错:
configure: error: BDB/HDB: BerkeleyDB not available
解决方法如下:
export CPPFLAGS="-I/usr/local/BerkeleyDB.6.0/include"
export LDFLAGS="-L/usr/local/BerkeleyDB.6.0/lib"
之后,继续configurate,还是有错,这次错误:
configure: error: Berkeley DB version mismatch
这个错误见得最多.一开始狂换版本,BDB从4.7.25,4.6.21一路换到4.2.52;LDAP则从2.4.13,2.4.11一路换到2.2.28,只有2.2.28搭配BDB-4.2.52也2.3.32搭配BDB-4.5.20安装成功,前提是执行以下语句先:
export LD_LIBRARY_PATH="usr/local/BerkeleyDB.6.0/lib"
而把语句中的/usr/local/BerkeleyDB改成BDB解压缩路径时,安装成功机率大了很多.即以下写法:
export LD_LIBRARY_PATH="/home/cc/下载/下载/db-6.0.20/build_unix/.libs"
sudo cp /usr/local/BerkeleyDB.6.0/lib/* /usr/lib
sudo cp /usr/local/BerkeleyDB.6.0/include/* /usr/include
configure: error: BDB/HDB: BerkeleyDB not available
解决方法如下:
export CPPFLAGS="-I/usr/local/BerkeleyDB.6.0/include"
export LDFLAGS="-L/usr/local/BerkeleyDB.6.0/lib"
之后,继续configurate,还是有错,这次错误:
configure: error: Berkeley DB version mismatch
这个错误见得最多.一开始狂换版本,BDB从4.7.25,4.6.21一路换到4.2.52;LDAP则从2.4.13,2.4.11一路换到2.2.28,只有2.2.28搭配BDB-4.2.52也2.3.32搭配BDB-4.5.20安装成功,前提是执行以下语句先:
export LD_LIBRARY_PATH="usr/local/BerkeleyDB.6.0/lib"
而把语句中的/usr/local/BerkeleyDB改成BDB解压缩路径时,安装成功机率大了很多.即以下写法:
export LD_LIBRARY_PATH="/home/cc/下载/下载/db-6.0.20/build_unix/.libs"
sudo cp /usr/local/BerkeleyDB.6.0/lib/* /usr/lib
sudo cp /usr/local/BerkeleyDB.6.0/include/* /usr/include
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: quotaon: 设备或资源忙怎么办 26楼求回答
http://java-my-life.iteye.com/blog/1407397
安装OpenLdap需要BerkeleyDB的支持,否则configure时会报 如下错误:
configure: error: BDB/HDB: BerkeleyDB not available
1.安装BerkeleyDB
Linux代码 收藏代码
tar xvfz db-4.6.21.tar.gz
cd db-4.6.21/build_unix/
../dist/configure -prefix=/usr/local/BerkeleyDB
make
make install
2.配置环境变量
Linux代码 收藏代码
vi /etc/profile
export CPPFLAGS="-I/usr/local/BerkeleyDB/include"
export LDFLAGS="-L/usr/local/BerkeleyDB/lib"
wq保存后退出,使环境变量生效
Java代码 收藏代码
source /etc/profile
3.复制文件
Linux代码 收藏代码
cp /usr/local/BerkeleyDB/lib/* /usr/lib
cp /usr/local/BerkeleyDB/include/* /usr/include
注意:如不按照以上步骤可能会报如下错误:
configure: error: Berkeley DB version mismatch
4.安装OpenLdap
Java代码 收藏代码
tar zvxf openldap2.4.29.tgz
cd /openldap2.4.29
./configure --prefix=/usr/local/openldap
make depend
make
make test
make install
注意: 在执行./configure的时候可能会报如下错误
configure: error: MozNSS not found – please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)
原因是openldap需要依赖openssl的一些库文件,安装openldap,然后配置SSL的环境变量
export CPPFLAGS="-I/usr/local/BerkeleyDB/include -I/usr/local/ssl/include "
export LDFLAGS="-L/usr/local/BerkeleyDB/lib -L/usr/local/ssl/lib "
安装OpenLdap需要BerkeleyDB的支持,否则configure时会报 如下错误:
configure: error: BDB/HDB: BerkeleyDB not available
1.安装BerkeleyDB
Linux代码 收藏代码
tar xvfz db-4.6.21.tar.gz
cd db-4.6.21/build_unix/
../dist/configure -prefix=/usr/local/BerkeleyDB
make
make install
2.配置环境变量
Linux代码 收藏代码
vi /etc/profile
export CPPFLAGS="-I/usr/local/BerkeleyDB/include"
export LDFLAGS="-L/usr/local/BerkeleyDB/lib"
wq保存后退出,使环境变量生效
Java代码 收藏代码
source /etc/profile
3.复制文件
Linux代码 收藏代码
cp /usr/local/BerkeleyDB/lib/* /usr/lib
cp /usr/local/BerkeleyDB/include/* /usr/include
注意:如不按照以上步骤可能会报如下错误:
configure: error: Berkeley DB version mismatch
4.安装OpenLdap
Java代码 收藏代码
tar zvxf openldap2.4.29.tgz
cd /openldap2.4.29
./configure --prefix=/usr/local/openldap
make depend
make
make test
make install
注意: 在执行./configure的时候可能会报如下错误
configure: error: MozNSS not found – please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)
原因是openldap需要依赖openssl的一些库文件,安装openldap,然后配置SSL的环境变量
export CPPFLAGS="-I/usr/local/BerkeleyDB/include -I/usr/local/ssl/include "
export LDFLAGS="-L/usr/local/BerkeleyDB/lib -L/usr/local/ssl/lib "
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: quotaon: 设备或资源忙怎么办 26楼求回答
安装
需要先安装db-6.0.20.tar.gz openldap-release.tgz libpam0g-dev
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: quotaon: 设备或资源忙怎么办 26楼求回答
ubuntu9.04下vsftp+mysql配置虚拟用户
OS: Ubuntu 9.04
Kernel: 2.6.28-11-generic
vsftpd: 2.0.7-0ubuntu1
mysql-server: 5.1.30really5.0.75-0ubuntu10
ftp根目录: /home/ftp
用户信息:
帐号 密码 权限 根目录
anonymous anonymous 下载 /home/ftp/anonymous
normal normal 上传 /home/ftp/uploads
admin admin 所有权限 /home/ftp
1、安装vsftpd、mysql-server、libpam-mysql
sudo apt-get install vsftpd
sudo apt-get install mysql-server,mysql-client
sudo apt-get install libpam-mysql
2、编辑/etc/vsftpd.conf
sudo vi /etc/vsftpd.conf
取消以下选项前的注释(#),注意=后面的值,如无此选项,请手动添加:
listen=YES
listen_port=21
anonymous_enable=YES
local_enable=YES
write_enable=NO
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=virtual
user_config_dir=/etc/vsftpd_user_config
pasv_min_port=10000
pasv_max_port=10100
use_localtime=YES
max_clients=10
max_per_ip=5
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
ftpd_banner=Welcome to blah FTP service.
chroot_local_user=YES
ls_recurse_enable=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
编辑完成之后可以使用命令grep -v "^#" /etc/vsftpd.conf确认一下。
选项说明请参考vsftpd.conf手册,终端执行man vsftpd.conf 即可。
3、添加虚拟用户帐号:virtual(此处密码为“virtual”)
sudo useradd -d /home/ftp -s /bin/false virtual
(-s /bin/false是让其不能登陆系统,-d /home/ftp是指定用户目录)
设置virtual密码
sudo passwd virtual
修改virtual对/home/ftp的权限
chown -R virtual:virtual /home/ftp
chmod -R 700 /home/ftp
4、修改自动创建的用户ftp的权限
添加ftp到virtual组
useradd -g virtual ftp
如果系统提示ftp用户已存在,执行下面语句:
usermod -G virtual ftp
把ftp的根目录改成/home/ftp/anonymous
usermod -d /home/ftp/anonymous ftp
增加/home/ftp/anonymous的执行权限。这是由于更改了根目录,为了避免在使用匿名用户打开 ftp 服务器时提示不能打开该文件夹。
chmod710/home/ftp/anonymous
5、操作mysql数据库
登录mysql(我的密码是123456)
mysql -u root -p123456
创建数据库vsftpd
create database vsftpd;
使用刚创建的vsftpd数据库
use vsftpd;
创建users表
create table users(name char(20),passwd char(20));
插入数据 (用户名,密码)
insert into users values('normal','normal');
insert into users values('admin','admin');
添加virtual用户,其对vsftpd数据库users表有查询和插入的权限
grant select,insert on vsftpd.users to virtual@localhost identified by 'virtual';
6、修改vsftpd的pam认证
sudo vi /etc/pam.d/vsftpd
把里面原有的内容全部删除(如果有内容),添加如下name和account两行内容,其中host是数据库主机,db是用户数据库,table是表,usercolumn对应用户列名,passwdcolumn对应密码列名。有users表,有name和passwd两列,passwd的加密方式为0
--------------------------------------------------------------------------------
auth required /lib/security/pam_mysql.so user=virtual passwd=virtual host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=virtual passwd=virtual host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
--------------------------------------------------------------------------------
添加后可用wc -l /etc/pam.d/vsftpd查询行数,请注意这里只有两行内容。分隔用Tab键。
crypt 的值说明:
0: 在数据库中明文存储;
1: 使用crypt()函数加密存储;
2: 使用MySQL PASSWORD()函数加密存储;
3: 表示使用md5的散列方式
4: 代表sha加密
注意:与mysql-server-5.0对应的libpam-mysql由于使用的PASSWORD() 函数与服务器端使用的PASSWORD()不匹配, 故无法实现密码加密,仅可实现在数据库中明文存储ftp用户密码。 mysql-server-4.1 与 libpam-mysql( 0.5.0-6)可以实现在数据库中使用加密存储ftp用户密码
7、在 /etc/vsftpd_user_config 中建立用户个人配置文件,文件名为用户名
anonymous :
local_root=/home/ftp/anonymous
anon_world_readable_only=YES
normal :
local_root=/home/ftp/uploads
write_enable=YES
download_enable=NO
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_umask=022
admin :
local_root=/home/ftp
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_umask=022
8.重启并测试
sudo /etc/init.d/vsftpd restart
OS: Ubuntu 9.04
Kernel: 2.6.28-11-generic
vsftpd: 2.0.7-0ubuntu1
mysql-server: 5.1.30really5.0.75-0ubuntu10
ftp根目录: /home/ftp
用户信息:
帐号 密码 权限 根目录
anonymous anonymous 下载 /home/ftp/anonymous
normal normal 上传 /home/ftp/uploads
admin admin 所有权限 /home/ftp
1、安装vsftpd、mysql-server、libpam-mysql
sudo apt-get install vsftpd
sudo apt-get install mysql-server,mysql-client
sudo apt-get install libpam-mysql
2、编辑/etc/vsftpd.conf
sudo vi /etc/vsftpd.conf
取消以下选项前的注释(#),注意=后面的值,如无此选项,请手动添加:
listen=YES
listen_port=21
anonymous_enable=YES
local_enable=YES
write_enable=NO
local_umask=022
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=YES
tcp_wrappers=YES
guest_enable=YES
guest_username=virtual
user_config_dir=/etc/vsftpd_user_config
pasv_min_port=10000
pasv_max_port=10100
use_localtime=YES
max_clients=10
max_per_ip=5
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
ftpd_banner=Welcome to blah FTP service.
chroot_local_user=YES
ls_recurse_enable=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
编辑完成之后可以使用命令grep -v "^#" /etc/vsftpd.conf确认一下。
选项说明请参考vsftpd.conf手册,终端执行man vsftpd.conf 即可。
3、添加虚拟用户帐号:virtual(此处密码为“virtual”)
sudo useradd -d /home/ftp -s /bin/false virtual
(-s /bin/false是让其不能登陆系统,-d /home/ftp是指定用户目录)
设置virtual密码
sudo passwd virtual
修改virtual对/home/ftp的权限
chown -R virtual:virtual /home/ftp
chmod -R 700 /home/ftp
4、修改自动创建的用户ftp的权限
添加ftp到virtual组
useradd -g virtual ftp
如果系统提示ftp用户已存在,执行下面语句:
usermod -G virtual ftp
把ftp的根目录改成/home/ftp/anonymous
usermod -d /home/ftp/anonymous ftp
增加/home/ftp/anonymous的执行权限。这是由于更改了根目录,为了避免在使用匿名用户打开 ftp 服务器时提示不能打开该文件夹。
chmod710/home/ftp/anonymous
5、操作mysql数据库
登录mysql(我的密码是123456)
mysql -u root -p123456
创建数据库vsftpd
create database vsftpd;
使用刚创建的vsftpd数据库
use vsftpd;
创建users表
create table users(name char(20),passwd char(20));
插入数据 (用户名,密码)
insert into users values('normal','normal');
insert into users values('admin','admin');
添加virtual用户,其对vsftpd数据库users表有查询和插入的权限
grant select,insert on vsftpd.users to virtual@localhost identified by 'virtual';
6、修改vsftpd的pam认证
sudo vi /etc/pam.d/vsftpd
把里面原有的内容全部删除(如果有内容),添加如下name和account两行内容,其中host是数据库主机,db是用户数据库,table是表,usercolumn对应用户列名,passwdcolumn对应密码列名。有users表,有name和passwd两列,passwd的加密方式为0
--------------------------------------------------------------------------------
auth required /lib/security/pam_mysql.so user=virtual passwd=virtual host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
account required /lib/security/pam_mysql.so user=virtual passwd=virtual host=localhost db=vsftpd table=users usercolumn=name passwdcolumn=passwd crypt=0
--------------------------------------------------------------------------------
添加后可用wc -l /etc/pam.d/vsftpd查询行数,请注意这里只有两行内容。分隔用Tab键。
crypt 的值说明:
0: 在数据库中明文存储;
1: 使用crypt()函数加密存储;
2: 使用MySQL PASSWORD()函数加密存储;
3: 表示使用md5的散列方式
4: 代表sha加密
注意:与mysql-server-5.0对应的libpam-mysql由于使用的PASSWORD() 函数与服务器端使用的PASSWORD()不匹配, 故无法实现密码加密,仅可实现在数据库中明文存储ftp用户密码。 mysql-server-4.1 与 libpam-mysql( 0.5.0-6)可以实现在数据库中使用加密存储ftp用户密码
7、在 /etc/vsftpd_user_config 中建立用户个人配置文件,文件名为用户名
anonymous :
local_root=/home/ftp/anonymous
anon_world_readable_only=YES
normal :
local_root=/home/ftp/uploads
write_enable=YES
download_enable=NO
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_umask=022
admin :
local_root=/home/ftp
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_umask=022
8.重启并测试
sudo /etc/init.d/vsftpd restart
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: quotaon: 设备或资源忙怎么办 26楼求回答
我很奇怪
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
auth required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
这样设置虚拟用户和本地用户都不能登录
如果
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
那么先认证哪个,哪个就能登录,而另一个则不能,此处是本地用户能登录
如果
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
那么则本地用户能登录虚拟用户登录不了
如果
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
# Standard behaviour for ftpd(8).
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth required pam_shells.so
那么本地用户不能登录但虚拟用户能登录
按这个理论
Required:堆栈中的所有 Required 模块必须看作一个成功的结果。如果一个或多个 Required 模块失败,则实现堆栈中的所有 Required 模块,但是将返回第一个错误。
Sufficient:如果标记为 sufficient 的模块成功并且先前没有 Required 或 sufficient 模块失败,则忽略堆栈中的所有其余模块并返回成功。
Optional:如果堆栈中没有一个模块是 required 并且没有任何一个 sufficient 模块成功,则服务/应用程序至少要有一个 optional 模块成功。
应该第一种和最后一种都是能虚拟用户本地用户都能登录但事实上却不是,我就纳了闷了
????????/
依旧是相同的错误
cc@thinkpad:~$ tail -f /var/log/auth.log
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
Jul 19 18:39:01 thinkpad CRON[14000]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 19 18:39:01 thinkpad CRON[14000]: pam_unix(cron:session): session closed for user root
Jul 19 18:53:45 thinkpad sudo: cc : TTY=pts/3 ; PWD=/home/cc ; USER=root ; COMMAND=/usr/bin/gedit /etc/pam.d/vsftpd
Jul 19 18:53:45 thinkpad sudo: pam_unix(sudo:session): session opened for user root by cc(uid=0)
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_ck_connector.so): /lib/security/pam_ck_connector.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_ck_connector.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
cp相关文件后
Jul 19 19:05:34 thinkpad sudo: pam_unix(sudo:session): session opened for user root by cc(uid=0)
Jul 19 19:05:34 thinkpad sudo: pam_unix(sudo:session): session closed for user root
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_ck_connector.so): libdbus-1.so.3: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_ck_connector.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
已经日日夜夜为他忙碌十几天了,搜遍各大英文网站都没有解决,甚至我专门跑外国的ubuntu论坛上发帖都没回复,希望只能寄托在此地了,拜托了,大神们,帮我一下吧
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
auth required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
这样设置虚拟用户和本地用户都不能登录
如果
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
那么先认证哪个,哪个就能登录,而另一个则不能,此处是本地用户能登录
如果
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
# Standard behaviour for ftpd(8).
auth sufficient pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth sufficient pam_shells.so
那么则本地用户能登录虚拟用户登录不了
如果
auth sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
account sufficient pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
# Standard behaviour for ftpd(8).
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
# Note: vsftpd handles anonymous logins on its own. Do not enable pam_ftp.so.
# Standard pam includes
@include common-account
@include common-session
@include common-auth
auth required pam_shells.so
那么本地用户不能登录但虚拟用户能登录
按这个理论
Required:堆栈中的所有 Required 模块必须看作一个成功的结果。如果一个或多个 Required 模块失败,则实现堆栈中的所有 Required 模块,但是将返回第一个错误。
Sufficient:如果标记为 sufficient 的模块成功并且先前没有 Required 或 sufficient 模块失败,则忽略堆栈中的所有其余模块并返回成功。
Optional:如果堆栈中没有一个模块是 required 并且没有任何一个 sufficient 模块成功,则服务/应用程序至少要有一个 optional 模块成功。
应该第一种和最后一种都是能虚拟用户本地用户都能登录但事实上却不是,我就纳了闷了
????????/依旧是相同的错误
cc@thinkpad:~$ tail -f /var/log/auth.log
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 18:25:41 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory
Jul 19 18:25:41 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
Jul 19 18:39:01 thinkpad CRON[14000]: pam_unix(cron:session): session opened for user root by (uid=0)
Jul 19 18:39:01 thinkpad CRON[14000]: pam_unix(cron:session): session closed for user root
Jul 19 18:53:45 thinkpad sudo: cc : TTY=pts/3 ; PWD=/home/cc ; USER=root ; COMMAND=/usr/bin/gedit /etc/pam.d/vsftpd
Jul 19 18:53:45 thinkpad sudo: pam_unix(sudo:session): session opened for user root by cc(uid=0)
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_ck_connector.so): /lib/security/pam_ck_connector.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_ck_connector.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 19:01:16 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: cannot open shared object file: No such file or directory
Jul 19 19:01:16 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
cp相关文件后
Jul 19 19:05:34 thinkpad sudo: pam_unix(sudo:session): session opened for user root by cc(uid=0)
Jul 19 19:05:34 thinkpad sudo: pam_unix(sudo:session): session closed for user root
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_ck_connector.so): libdbus-1.so.3: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_ck_connector.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_shells.so): /lib/security/pam_shells.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_shells.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_mysql.so
Jul 19 19:05:39 thinkpad vsftpd: PAM unable to dlopen(pam_gnome_keyring.so): /lib/security/pam_gnome_keyring.so: failed to map segment from shared object: Cannot allocate memory
Jul 19 19:05:39 thinkpad vsftpd: PAM adding faulty module: pam_gnome_keyring.so
已经日日夜夜为他忙碌十几天了,搜遍各大英文网站都没有解决,甚至我专门跑外国的ubuntu论坛上发帖都没回复,希望只能寄托在此地了,拜托了,大神们,帮我一下吧
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: 如果这个问题都没法解决,这个论坛所谓的大神都是假的,我不相信,论坛能有人把这个问题解决了,我悬赏90QB打赌,详
是90Q币,如果能有人解答了,我甘愿给他充值90Q币
-
oneleaf
- 论坛管理员
- 帖子: 10455
- 注册时间: 2005-03-27 0:06
- 系统: Ubuntu 12.04
Re: 如果这个问题都没法解决,这个论坛所谓的大神都是假的,我不相信,论坛能有人把这个问题解决了,我悬赏90QB打赌,详
真有精力,直接配虚拟的吧,如果无法登陆,安装下 libpam-ldap 就可以了。
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40
Re: 如果这个问题都没法解决,这个论坛所谓的大神都是假的,我不相信,论坛能有人把这个问题解决了,我悬赏90QB打赌,详
大神啊,我不安装libpam-ldap会提示缺少文件oneleaf 写了:真有精力,直接配虚拟的吧,如果无法登陆,安装下 libpam-ldap 就可以了。
libgcc_s.so.1 must be installed for pthread_cancel to work
安装libpam-ldap后
就出现38楼错误,大神还有办法么,我可是搜遍了各大网站了。。。。
-
243750496
- 帖子: 1038
- 注册时间: 2012-06-09 15:40