Complete mess setting up pureftpd

Let me start off by saying that I'm a complete noob with only a basic understanding of Linux.

Here is a basic description of what I've done so far

1. I followed a howtoforge tutorial setting up my entire server - this included pureftpd
2. I found a different tutorial using a different version of pureftpd, so i deleted pure-ftpd-mysql and installed pure-ftpd
3. I then found a DIFFERENT tutorial where pure-ftpd was extracted, compiled and installed manually, so I deleted pure-ftpd and installed this one
4. I found a great tutorial explaining how to set up pure-ftpd-mysql, so now I'm trying to purge the server of everything FTP before I proceed to make a bigger mess

I have run #apt-get remove pure-ftpd pure-ftpd-mysql and apt-get clear, autoremove, autoclean and every variety of that command.

But I can still connect to FTP, so the manually installed version must still be running. I have no idea how to remove it, so I'll open with that and move on to other issues later.

So to sum up: How do I remove the manually installed pure-ftpd-1.0.29 from my system?

Thanks for any help

 

well, it depends on where did you install it.
If you downloaded the source and saved it in for example /usr/opt/pureftp than all binaries and stuff should be running from it.

When you locate the binaries, kill the pureftpd process which is running ->
ps -ef | grep pureftpd
kill -9 process_id

And then remove the directories.
If there are some config files in /etc/pureftpd, back them up. You may use it someday.

 

Thanks, I got FTP removed. I also tried to remove all configuration as I wanted to start from scratch, but it seems that I'm missing something. When I installed pure-ftpd-mysql for the first time, it asked me a couple of questions, namely if I wanted to run as standalone or server and such. When I install this package now (apt-get install pure-ftpd-mysql) it skips those questions and installs without any prompts.

That's not good, because apparently I chose the wrong options the first time I installed it, because pure-ftpd now ignores my pureftpd table in mysql and instead allows ftp login for unix user accounts instead.

How can I get pure-ftpd-mysql to use MySQL instead of unix users?

 

Ok here is what I've done so far

• I gave up on pure-ftpd-mysql and instead downloaded pure-ftpd 1.0.29, unarchived and installed it with --with-mysql
• I ran pure-ftpd using this command "/usr/local/sbin/pure-ftpd -l mysql:/etc/pure-ftpd/pureftpd-mysql.conf &"
• The content of /etc/pure-ftpd/pureftpd-mysql.conf is in a quote below

FTP server is now online and running, no longer accepting "administrator" as loggin (which is good). However, I have added an user "codemonkey" in mysql, but it still wont allow me to logg in using it.

pureftpd-mysql.conf

Code:

#MYSQLServer     localhost
#MYSQLPort       3306
MYSQLSocket     /tmp/mysql.sock
MYSQLUser       root
MYSQLPassword   ******
MYSQLDatabase   pureftpd
MYSQLCrypt      cleartext
MYSQLGetPW      SELECT Password FROM ftpd WHERE User="\L"
MYSQLGetUID     SELECT Uid FROM ftpd WHERE User="\L"
MYSQLGetGID     SELECT Gid FROM ftpd WHERE User="\L"
MYSQLGetDir     SELECT Dir FROM ftpd WHERE User="\L"

I have confirmed pureftpd is the database and ftpd is the table. root and password is correct, but I dont understand why server and port is commented out. I'm guessing it'd because those are the default settings.

This is the codemonkey row in mysql

Code:

User	status	Password	Uid	Gid	Dir	ULBandwidth	DLBandwidth	comment	ipaccess	QuotaSize	QuotaFiles
codemonkey	1	******	5008	1000	/var/www	0	0	 	*	0	0

I am restarting the server by killing the process and starting the server again with the command "/usr/local/sbin/pure-ftpd -l mysql:/etc/pure-ftpd/pureftpd-mysql.conf &". pure-ftpd and pure-ftpd-mysql in /etc/init.d did nothing when i called stop on them. I'm guessing they are just remains from my previous installations of pure-ftp.

I would love to see some logg files, but I dont know if they are being made, or where they are stored.

All help from you experts would be greatly appreciated!

Thanks

PS: Please request more information if needed - and directions how to get the information

EDIT (additional question): Must username, password, uid, gid and dir match an actual unix user, or are these all virtual ftp users?

 

Update

I uncommented the port line in the config file and changed it to 21. I am now able to logg in using the information in my table. However there are still problems.

I tried deleting index.php in my webroot from ftp, and got access denied. I then logged in to my server using ssh on the user account I added to the ftp mysql table (with correct username, password, gid and uid values) and tried to delete index.php using that - I still got access denied.

The user, codemonkey, is in group "administrator" so i figured it would have permission to delete this file.

My question is actually quite irrelevant to the topic of this thread, but here it is.

How do I permanently set permissions of folder /var/www including all subfolders and files to allow EVERYTHING (read and write) from users in the group "administrator"?

Or just to a single user, both would work

 

Update

After reading up on permissions, I changed the group owner of /var/www and all sub folders and files to administrator, while leaving the owner as root. I set permissions on /var/www and all sub folders and files to 776, so root and all users in group "administrator" would have FULL and unrestricted access to /var/www and everybody else would only have read and execute access.

The website still works, so index.php can be accessed.

The problem is: When I connect to ftp using an administrator account, /var/www is displayed as an empty folder. Another odd thing is that even though I set the Dir value to /var/www I am able to browse ALL sub folders of /var using FileZilla.

EDIT: Oddly enough, this problem fixed itself after about two minutes. I am now able to browse, remove and upload files to my webroot using ftp. I am still allowed to browse /var using this account, but I'm guessing that that's because all those folders allows everybody to read them.

Sorry for spamming this forum with questions that google answers shortly after, but hopefully somebody with the same problem will find this thread and find it useful at a later time.

As a last question: I'm thinking that denying "other" ALL access to all files in the entire filesystem of the server (o-rwx) would be a good idea. Is this considered bad practice? I would of course leave the content of the webroot as o+rx

Also, is it possible to set several users or groups as owners of a file? And are there any implications of setting the owner of a file to a user that is not in the group that owns the that file?

Thanks, codemonkey

 

It's not a good idea to mix up several tutorials...

It depends. If the files should be readable by a daemon (e.g. Apache if this is your web site), then the files should at least be readable by other users.

No, you can have just one owner and one group (but the group can have as many members as you like).