HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=29)
-   -   Proftpd for ISPConfig 3 Tutorial (Debian) (http://www.howtoforge.com/forums/showthread.php?t=52760)

holtmichael09 20th May 2011 01:59

Proftpd for ISPConfig 3 Tutorial (Debian)
 
I'm a new user of ISPConfig and i've been playing with linux for a few years now. My server is currently a VPS with OpenVZ and it won't allow me to run the default pureftpd that comes with ISPConfig, so I started looking into ProFTPd, and found that it wasn't very difficult to switch over to using it.

Please Note: This does not include Quota support because my VPS does not support it. If you have any suggestions or ideas on how to improve this integration without having to modify ftp_user_edit.php in ISPConfig3 please let me know. These instructions were made running Debian 5.0 Lenny but should work the same for 6.0. For other Distributions these instructions may have to be modified slightly

Also Note: This process worked fine for me on a fresh server and ISPConfig 3 install. Using this on an existing server will require going in and editting/saving every ftp user that has been created, and may cause other issues. I may create a simple php script to do this automatically in the future. I am not responsible for any problems that may arise, so please use this AT YOUR OWN RISK.

Tutorial (do everything as root user or be sure to add sudo to every comamnd):

Run these Commands:
Code:

apt-get remove pure-ftpd-common pure-ftpd-mysql
apt-get install proftpd proftpd-mod-mysql

Install as standalone

Create ftpgroup & ftpuser
Code:

groupadd -g 2001 ftpgroup
useradd -u 2001 -s /bin/false -d /bin/null -c "proftpd user" -g ftpgroup ftpuser

Modify MySQL Database
Code:

mysql -u root -p
Use dbispconfig

Run Query
Code:

ALTER TABLE `ftp_user` ADD `shell` VARCHAR( 18 ) NOT NULL DEFAULT '/sbin/nologin',
ADD `count` INT( 11 ) NOT NULL DEFAULT '0',
ADD `accessed` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
ADD `modified` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00';
CREATE TABLE ftp_group (
groupname varchar(16) NOT NULL default '',
gid smallint(6) NOT NULL default '5500',
members varchar(16) NOT NULL default '',
KEY groupname (groupname)
) TYPE=MyISAM COMMENT='ProFTP group table';
INSERT INTO `ftp_group` (`groupname`, `gid`, `members`) VALUES ('ftpgroup', 2001, 'ftpuser');

Exit MySQL
Code:

Quit
Edit /usr/local/ispconfig/interface/lib/config.inc.php
Code:

nano /usr/local/ispconfig/interface/lib/config.inc.php
Search for db_password and make note of the password for later.

Edit /etc/proftpd/proftpd.conf
Code:

nano /etc/proftpd/proftpd.conf
Find:
Code:

#Include /etc/proftpd/sql.conf
Change To:
Code:

Include /etc/proftpd/sql.conf
Edit: Edit /etc/proftpd/sql.conf
Code:

nano /etc/proftpd/sql.conf
Erase all contents of the file

Insert the following code:
Code:

#
# Proftpd sample configuration for SQL-based authentication.
#
# (This is not to be used if you prefer a PAM-based SQL authentication)
#

<IfModule mod_sql.c>
#
# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#SQLBackend        mysql
#
#SQLEngine on
#SQLAuthenticate on
#
# Use both a crypted or plaintext password
#SQLAuthTypes Crypt Plaintext
#
# Use a backend-crypted or a crypted password
#SQLAuthTypes Backend Crypt
#
# Connection
#SQLConnectInfo proftpd@sql.example.com proftpd_user proftpd_password
#
# Describes both users/groups tables
#
#SQLUserInfo users userid passwd uid gid homedir shell
#SQLGroupInfo groups groupname gid members
#
DefaultRoot ~

SQLBackend              mysql
# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes            Plaintext Crypt
SQLAuthenticate        users groups


# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo  dbispconfig@localhost ispconfig _insertpasswordhere_


# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo    ftp_user username password uid gid dir shell

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo    ftp_group groupname gid members

# set min UID and GID - otherwise these are 999 each
SQLMinID        500

# create a user's home directory on demand if it doesn't exist
CreateHome off

# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser

# Update modified everytime user uploads or deletes a file
SQLLog  STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser


RootLogin off
RequireValidShell off

</IfModule>

Be sure to change _insertpasswordhere_ to the password we retrieved earlier.
If your mysql database is stored on a server other than localhost be sure to modify appropriately.

Edit: /etc/proftpd/modules.conf

Code:

nano /etc/proftpd/modules.conf
Find:
Code:

#LoadModule mod_sql.c
Change To:
Code:

LoadModule mod_sql.c
Find:
Code:

#LoadModule mod_sql_mysql.c
Change To:
Code:

LoadModule mod_sql_mysql.c
Run
Code:

/etc/init.d/proftpd restart
-----
Now we have to change one of the ispconfig files. This isn't ideal, since an update will reverse the changes, but it is the only way to make proftpd work that i could find.

Edit /usr/local/ispconfig/interface/web/sites/ftp_user_edit.php
Code:

nano /usr/local/ispconfig/interface/web/sites/ftp_user_edit.php
Find:
Code:

                $uid = $web["system_user"];
                $gid = $web["system_group"];

Replace With:
Code:

                $userinfo = posix_getpwnam($web["system_user"]);
                $uid = $userinfo['uid'];
                $gid = $userinfo['gid'];

Find (2nd time):
Code:

                $uid = $web["system_user"];
                $gid = $web["system_group"];

Replace With:
Code:

                $userinfo = posix_getpwnam($web["system_user"]);
                $uid = $userinfo['uid'];
                $gid = $userinfo['gid'];

And now your all Done. If you were logged in while modifying this file, you'll need to log out then log back in because of the way ISPConfig works.

Special thanks goes out to Falko and his Tutorial Virtual Hosting With Proftpd And MySQL (Incl. Quota) On Debian Lenny. His tutorial laid the base for creating this.

till 20th May 2011 13:05

Thanks for the tutorial! But why havent you just compiled pure-ftpd from the debian src package, so that you can install it with apt? We explained that in the FAQ and I use this on all of my servers.

http://www.faqforge.com/linux/contro...ities-enabled/

In my opinion you replaced a small problem (compiling pure-ftpd once) with a bigger one, because now you cant install any ispconfig updates in future in your setup.

So I can only recommend to not try the above when you want to be able to install ispconfig updates in future. Not installing ISPConfig updates can be a security risk.

holtmichael09 20th May 2011 14:29

Yes, I am aware of the compiling from sources in the FAQ. However, I attempted it several times, hence my reason for creating this. It also doesn't seriously hinder future upgrades of ispconfig in my opinion, you just have to redo the final step of Editing 4 lines of code, which is not a big deal.

till 20th May 2011 14:56

You might get conflicts with the database layout changes too. Additionally your code is not compatible with multiserver setups, the line "posix_getpwnam($web["system_user"]);" will fail on multiserver systems as the linux users dont exist on the master.

Which problems did you had with compiling pure-ftpd? I did it on many servers (my own and servers of my customers) and it always worked.

holtmichael09 20th May 2011 22:24

It's just the company that I use for my VPS, their service is great for the price, and support has always been quick and helpful, but i've ran into a few issues os image files over the last year. I actually finally got debian squeeze working properly and pureftpd worked fine there except whenever the system rebooted i had to go in and fix the missing header on vzquota


All times are GMT +2. The time now is 15:00.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.