Sharing

Предоставление авторизированного доступа к ресурсам. Учёт использования ресурсов.

Возможности

Настройка Abills

Создать таблицы в базе.

# mysql -D abills < db/Sharing.sql

abills/libexec/config.pl

@MODULES = (
          'Sharing'
          );

config.pl

$conf{SHARING_APACHE_ERROR_LOG}='/val/log/httpd/error_log'; Место положение лога ошибок
$conf{SHARING_USER_CHG_TP}=1; Разрешить пользователю менять тарифный план из пользовательского веб акаунта

Apache

Сборка с исходных кодов. Apache Apache version 2.0.xx

# tar zxvf httpd-2.0.59.tar.gz
# cd httpd-2.0.59
# ./configure --prefix=/usr/local/apache2 --enable-mods-shared=all  
# make
# make install

mod_auth_mysql модуль авторизации

# tar zxvf mod_auth_mysql-3.0.0.tar.gz
# cd mod_auth_mysql
# /usr/local/apache2/bin/apxs -iac -lmysqlclient mod_auth_mysql.c

mod_log_mysql модуль учёта потребляемых ресурсов

# tar yxvf mod_log_sources.tar.bz2
# cd mod_log_mysql
# /usr/local/apache2/bin/apxs -aic mod_logio.c
# /usr/local/apache2/bin/apxs -aic mod_log_config.c
# /usr/local/apache2/bin/apxs -aic -lmysqlclient mod_log_mysql.c 

/usr/local/apache2/conf/httpd.conf

Закоментировать подгрузку родного Apache модуля

#LoadModule log_config_module modules/mod_log_config.so

Включить свой конфиг

Include conf/abills_sharing.conf

/usr/local/apache2/conf/abills_sharing.conf

#Mysql auth module
<Ifmodule mod_auth_mysql.c>
 <Directory /usr/music>
  AuthName "ABillS Sharing"
  AuthType Basic
  require valid-user

  AuthMySQLEnable On
  AuthMySQLHost %dbhost%
  #AuthMySQLPort %dbport%
  #AuthMySQLSocket %dbsocket%
  AuthMySQLUser %dbuser%
  AuthMySQLPassword %dbpasswd%
  AuthMySQLDB %dbname%
  AuthMySQLUserTable "(users u, sharing_main sharing)"
  AuthMySQLUserCondition "u.uid=sharing.uid  \
                    AND (u.disable=0 AND sharing.disable=0) \
                    AND (sharing.cid='' OR sharing.cid='%a')"
  AuthMySQLNameField id
  AuthMySQLPasswordField "DECODE(password, 'test12345678901234567890')"
  #AuthMySQLUserCondition <no default>
  AuthMySQLNoPasswd Off
  AuthMySQLPwEncryption none
  #AuthMySQLSaltField <>
  #AuthMySQLGroupTable <defaults to value of AuthMySQLUserTable>
  #AuthMySQLGroupCondition <no default>
  #AuthMySQLGroupField <no default>
  #AuthMySQLKeepAlive Off
  AuthMySQLAuthoritative On
  #AuthMySQLCharacterSet <no default>
</Directory>
</Ifmodule>

#Mysql Log module
<Ifmodule mod_log_mysql.c>
  LogFormat "INSERT INTO sharing_log SET virtualhost=%v,\
     remoteip=INET_ATON(%a),\
     serverid=%{SERVERID}e,connectionstatus=%X,\
     username=%u,identuser=%l,start=%t,requestmethod=%m,\
     url=%U,protocol=%H,statusbeforeredir=%s,statusafterredir=%>s,\
     processid=%{pid}P,threadid=%{tid}P, duration=%T,microseconds=%D,\
     recv=%I,sent=%O,bytescontent=%B,useragent=%{User-Agent}i,\
     referer=%{Referer}i,uniqueid=%{UNIQUE_ID}e" sharing_log
 
  CustomLog mysql:%dbuser%!%dbpasswd%@%dbhost%/%dbname% sharing_log
  LogMySQLFallback /var/log/httpd/failed_mysql_log  
</Ifmodule>

#Show active connetiosn
<Location /abills-status>
  SetHandler server-status
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
</Location>

# mkdir /var/log/httpd/failed_mysql_log
# chown www /var/log/httpd/failed_mysql_log

Samba

FTP

ProFtpd

Пример конфигурации в OC FreeBSD:

# cd /usr/ports/databases/proftpd-mod_sql_mysql && make && make install

/usr/local/etc/proftpd.conf

ServerName			"ProFTPD ABillS Installation"
ServerType			standalone
DefaultServer			on
ScoreboardFile		/var/run/proftpd.scoreboard
Port				21
Umask				022

MaxInstances			30
CommandBufferSize	512

# Set the user and group under which the server will run.
User				nobody
Group				nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

<Limit SITE_CHMOD>
  DenyAll
</Limit>

<Global>
  #Auth section
  #Default SQL users parameters
  SQLDefaultHomedir %DEFAULT_HOMEDIR%
  RequireValidShell off
  SQLLogFile  /var/log/proftpd.log

  SQLAuthenticate users
  SQLConnectInfo %dbname%@%dbhost%:3306 %dbuser% %dbpasswd%
  SQLAuthTypes PlainText
  SQLUserInfo "(users u, sharing_main sharing)"\
              u.id \
              "DECODE(u.password, '%secretkey%')" \
              u.uid u.gid '' '' 
  SQLUserWhereClause " u.uid=sharing.uid  \
                  AND (u.disable=0 AND sharing.disable=0) \
                  AND (sharing.cid='' OR sharing.cid='%a')""

#   SQLGroupInfo groups groupname gid members
#   SQLAuthenticate users groups

  #Banner for user 
  SQLNamedQuery User_Info SELECT "id FROM users u WHERE u.id='%u'"
  SQLShowInfo PASS "230" "Hello %{User_Info}."
  
  #Start Connection
  #Log transfert information
  
  SQLLog          RETR,STOR          log_story_transfer
  SQLNamedQuery   log_story_transfer INSERT "'%V', '%u', '%F', 'FTP', '%b',\
                                  '%b', '%m', INET_ATON('%a'), now(), '%T',\
                                  '%s', '%S'"\
                                  "sharing_log (virtualhost, username, url, protocol,\
                                   bytescontent, sent, requestmethod, remoteip, start, duration,\
                                   connectionstatus, statusafterredir)"
</Global>

Antivirus - Clamav

(Если Вам не неадо антивирус єтот пункт можно пропустить) Clamav
Пример конфигурации в OC FreeBSD:

Устанавливаем clamav и запускаем.

# cd /usr/ports/ftp/proftpd 
# make fetch 
# make extract 

Cкачиваем mod_clamav в директорию

# cd work/proftpd-1.3.1rc2/contrib 
# fetch http://www.uglyboxindustries.com/mod_clamav_new.c 
# mv mod_clamav_new.c mod_clamav.c 

Вносим в Makefile proftpd небольшие корректировки касательно нового модуля: /usr/ports/ftp/proftpd/Makefile

CONFIGURE_ARGS= --localstatedir=/var/run \ 
              --sysconfdir=${EXAMPLESDIR}/etc \ 
              --enable-builtin-getnameinfo \ 
              --disable-sendfile \ 
              --with-modules=mod_clamav 
.if !defined(WITHOUT_RATIO) 
MODULES:=${MODULES}:mod_ratio 
.endif 

MODULES:=${MODULES}:mod_clamav 

.if !defined(WITHOUT_README) 
MODULES:=${MODULES}:mod_readme 
.endif 

Собираем proftpd

# make config && make && make install

Правим proftpd.conf согласно http://www.uglyboxindustries.com/mod_clamav_new.html

 <IfModule mod_clamav.c>
    # Enable virus scanning and removal
    ClamAV on
    # Specify the UNIX Local Socket
    ClamLocalSocket /var/run/clamav/clamd
    ClamWarn on
 </IfModule>

Перезагружаем:

# /usr/local/etc/rc.d/proftpd.sh reload