pam_mysql认证ftp虚拟用户账号，且拥有不同的权限

关防火墙：#systemctl stop firewalld

               #setenforce 0

#yum install mariadb.server

#yum install mariadb-devel  pam-devel

#lftp 172.16.0.1/pub

>cd Sources/sources/pam/

>mget  pam_mysql_0.7Rcl.tar.gz

#tar xf pam_mysql_0.7Rcl.tar.gz

#cd pam_mysql_0.7Rcl/

# ./configure –with-pam=/usr –with-mysql=/usr –with-pam-mods-dir=/usr/lib64/security
# make && make install
#vim /etc/my.cnf.d/server.cnf

[mysqld]
skip_name_resolve=ON
innodb_file_per_table=ON
log_bin=mysql-bin
#systemctl restart vsftpd.service

# mysql -uroot -p1234567890 -h127.0.0.1

> grant all on vsftpd.* to vsftpd@’127.0.0.1′ identified by ‘vsftpd’;

> flush privileges;

# mysql -uvsftpd -h127.0.0.1 -pvsftpd
> create database vsftpd;

> use vsftpd;

> create table users(id INT unsigned not null auto_increment primary key,name varchar(100) not null,password cha not null,unique key(name));

> desc users;
+———-+—————————-+——+—–+———+—————-+
| Field    | Type             —   | Null | Key | Default   | Extra          |
+———-+———————–+——–+——-+———-+——————+
| id       | int(10) unsigned -| NO   | PRI | NULL    | auto_increment |
| name     | varchar(100)   –  | NO   | UNI | NULL    |                |
| password | char(48)         | NO   |     | NULL     |                |
+———-+——————+——+—–+———+—————-+

> insert into users(name,password) values(‘tom’,password(‘mageedu’)),(‘jerry’,password(‘jerry’));

> select * from users;
+—-+———+—————————————————————————–+
| id | name  |                                 password                                  |
+—-+——–+——————————————————————————+
|  1 | tom   |      *9A94EE7D14C10908118B62D2DA88E6932E11E438 |
|  2 | jerry   |      *09FB9E6E2AA0750E9D8A8D22B6AA8D86C85BF3D0 |
+—-+——-+——————————————————————————-+

#mkdir /ftproot/

#useradd -d /ftproot/vuser vuser

#mkdir /ftproot/vuser/pub

#vim /etc/pam.d/vsftpd.vusers

auth required /usr/lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
account required /usr/lib64/security/pam_mysql.so user=vsftpd passwd=vsftpd host=127.0.0.1 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2 

#vim /etc/vsftpd/vsftpd.conf

pam_service_name=vsftpd.vusers
guest_enable=YES
guest_username=vuser
# systemctl restart vsftpd

#chmod a-w /ftproot/vuser/

# systemctl restart vsftpd

# cd /ftproot/vuser/

# mkdir upload

#chown vuser.vuser upload/

# cd /etc/vsftpd/

]# vim vsftpd.conf

加上user_config_dir=/etc/vsftpd/vusers_config/

# mkdir /etc/vsftpd/vusers_config/

# vim /etc/vsftpd/vusers_config/tom

anon_upload_enable=YES

# vim /etc/vsftpd/vusers_config/jerry

anon_upload_enable=YES
anon_mkdir_write_enable=YES

#systemctl restart vsftpd.service

测试机：

    # ftp 172.16.254.142

            tom:只可以上传、下载。

            jerry:可上传可添加或删除文件及目录