OVH Community, votre nouvel espace communautaire.

Install proftpd + mysql sur SD

19/12/2004, 18h11
La suite

quelques explications :

================================================== ================================================== ====================================


* The group table lists the members of each group. This does not need any records for a simple setup.
* The user table lists each of your ftp users and records their stats and is used for authentication and pointing proftpd to the correct home directory. Using the directive 'asdfasf' we make proftpd create the home directory if one does not already exist.
* The quotalimits table is used to se the current quota for the user matching its entry.
* The quotatallies table is used by proftpd to keep track of the user's quotas and will be filled if there is a matching userfield 'name' when a user logs in.
* We have added a user test account just called "testaccount" to check things are working ok.

Field Explanations:

name - username
quota_type - user, group, class, all (we use user)
per_session - true or false (we use true)
limit_type - quota limit type - hard or soft (we use hard)
bytes_in_avail - upload limit in bytes - allowed bytes on disk (eg diskquota)
bytes_out_avail - download limit in bytes - allowed bytes a user can download
bytes_xfer_avail - allowed bytes a user can transfer in/out
files_in_avail - upload limit in files - allowed number of uploaded files
files_out_avail - allowed number of downloaded files
files_xfer_avail - allowed number of files a user can transfer in/out

bytes_in_used - upload tally in bytes
bytes_out_used - download tally in bytes
bytes_xfer_used - transfer tally in bytes
files_in_used - upload tally in files
files_out_used - download tally in files
files_xfer_used - transfer tally in files

If a value of any limit field is set to '0' it is unlimited.

You can read the documentation that comes with mod_quotatab for mysql here.
Author's Note:

You can test a 15MB quota limit on 'testaccount' by inserting this record into 'quotalimits':
INSERT INTO quotalimits VALUES('testaccount','user','true','hard','1572864 0','0','0','0','0','0');

I think you have to log in with this record in place before it works. It also will allow you to upload, but then deletes the file if you are over the limit. This is a bit irritating because on normal user disk quotas, you get a message as you try to upload, not after. So you might get some unhappy users who don't know why they can't upload. Also the message that you have exceeded the limit appears in the ftp client transcript and your users will miss this if they don't show transcripts.

On a related note, I can seem to get any joy out of the quotatallies stuff. When I get more time, I may investigate this. In the meantime, if any of you find out what is going on there, it would be cool if you leave a note in the forum here - then everyone can benefit.

================================================== ================================================== ====================================

Aller dans /etc/init.d/
# cd /etc/init.d/
Créer le fichier proftpd
# vi proftpd
copier coller ça :

================================================== ================================================== ====================================

# Startup script for ProFTPd
# chkconfig: 345 85 15
# description: ProFTPD is an enhanced FTP server with \
# a focus toward simplicity, security, and ease of configuration. \
# It features a very Apache-like configuration syntax, \
# and a highly customizable server infrastructure, \
# including support for multiple 'virtual' FTP servers, \
# anonymous FTP, and permission-based directory visibility.
# processname: proftpd
# config: /etc/proftpd.conf
# By: Osman Elliyasa
# $Id: proftpd.init.d,v 1.2 2001/01/26 23:10:55 flood Exp $
# modified by

# Source function library.
. /etc/rc.d/init.d/functions

# Get config.
. /etc/sysconfig/network

# Check that networking is up.
if [ ${NETWORKING} = "no" ]
exit 0

[ -x /usr/sbin/proftpd ] || exit 0


# See how we were called.
case "$1" in
printf "Starting proftpd: "
daemon proftpd
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd
printf "Shutting down proftpd: "
killproc proftpd
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd
status proftpd
$0 stop
$0 start
printf "Re-reading proftpd config: "
killproc proftpd -HUP
if [ -f $FTPSHUT ]; then
if [ $# -gt 1 ]; then
printf "Suspending proftpd with '$*' "
printf "Suspending proftpd NOW "
$FTPSHUT now "Maintanance in progress"
printf "No way to suspend, shutting down instead "
killproc proftpd
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd
if [ -f /etc/shutmsg ]; then
printf "Allowing proftpd sessions again "
rm -f /etc/shutmsg
printf "Starting proftpd; was not suspended "
daemon proftpd
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd
printf "Usage: %s {start|stop|status|restart|reload|resume" "$0"
if [ "$FTPSHUT" = "" ]; then
printf "}\n"
printf "|suspend}\n"
printf "suspend accepts additional arguments which are passed to ftpshut(8)\n"
exit 1

if [ $# -gt 1 ]; then
$0 $*

exit $RETVAL

================================================== ================================================== ====================================

ensuite rendre proftpd exécutable :
# chmod +x proftpd

Ajouter un user dans PHPMyadmin :

INSERT INTO `ftpuser` VALUES (1, 'login', 'passwd', 517, 100, '/chemin vers le rep', '/sbin/nologin',0,'','');
(avec 517 pour l'uid et 100 pour le gid par exemple)

Aller dans phpmyadmin dans la base ftpdb

Puis dans ftpuser

J’ai rajouté un user dans sql :

INSERT INTO `ftpuser` VALUES (1, 'tutu', 'tralala', 517, 100, '/chemin vers le rep', '/sbin/nologin',0,'','');

Par contre j’incrémente à la main le premier chiffre (ici 1), ça doit pouvoir se faire en auto je suppose ?

Ça crée donc l’user tutu pour proftpd avec le mot de passe tralala, j’ai mis 517 et 100 qui sont l’uid / gid de l’user du répertoire,
étant donné que le chemin est "/chemin vers le rep" et qu’il appartient à l’user, ça permets d’avoir les bons droits pour modif, créer, etc

Pour savoir quel est l’uid/gid d’un user (ex tutu), suffit de faire un

# less /etc/passwd

De chercher l’user tutu :


l’uid est donc 514 et son gid est 100

(merci à Géraud \o/)

19/12/2004, 18h10

Allez je participe un peu aussi aux "howtos" pour installer proftpd avec mysql (pour ma part, à la place de ncftpd, sinon changez le port)

Amusez-vous bien


Adresse du tutorial sur lequel je me suis basé :

# cd /home/install
# wget
# tar xzf proftpd-1.2.10.tar.gz
# cd proftpd-1.2.10
# ./configure --with-modules=mod_sql:mod_sql_mysql:mod_quotatab:mod_quo tatab_sql --with-includes=/usr/include/mysql/ --with-libraries=/usr/lib/mysql/

pour synthetiser :
--with-includes= la ou se trouvent les fichiers .h en particulier mysql.h
--with-libraries= la ou se trouvent les librairies de mysql en particulier libmysqlclient.a

# make
# make install

# ln -s /usr/local/sbin/proftpd /usr/sbin/proftpd
# groupadd -g 5500 ftpgroup
# adduser -u 5500 -s /bin/false -d /bin/null -c "proftpd user" -g ftpgroup ftpuser

Se logguer ensuite dans mysql (je l'ai fais en console) :

# mysql -u login -ppassword

puis copier coller tout le bazar ci-dessous, entre les signes =

================================================== ================================================== ====================================

create database ftpdb;
grant select, insert, update on ftpdb.* to proftpd@localhost identified by 'password';

use ftpdb;

# Table structure for table `ftpgroup`

CREATE TABLE `ftpgroup` (
`groupname` varchar(16) NOT NULL default '',
`gid` smallint(6) NOT NULL default '5500',
`members` varchar(16) NOT NULL default '',
KEY `groupname` (`groupname`)
) TYPE=MyISAM COMMENT='ProFTP group table';

INSERT INTO `ftpgroup` VALUES ('ftpgroup', 5500, 'ftpuser');

# --------------------------------------------------------

# Table structure for table `ftpquotalimits`

CREATE TABLE `ftpquotalimits` (
`name` varchar(30) default NULL,
`quota_type` enum('user','group','class','all') NOT NULL default 'user',
`per_session` enum('false','true') NOT NULL default 'false',
`limit_type` enum('soft','hard') NOT NULL default 'soft',
`bytes_in_avail` float NOT NULL default '0',
`bytes_out_avail` float NOT NULL default '0',
`bytes_xfer_avail` float NOT NULL default '0',
`files_in_avail` int(10) unsigned NOT NULL default '0',
`files_out_avail` int(10) unsigned NOT NULL default '0',
`files_xfer_avail` int(10) unsigned NOT NULL default '0'

# --------------------------------------------------------

# Table structure for table `ftpquotatallies`

CREATE TABLE `ftpquotatallies` (
`name` varchar(30) NOT NULL default '',
`quota_type` enum('user','group','class','all') NOT NULL default 'user',
`bytes_in_used` float NOT NULL default '0',
`bytes_out_used` float NOT NULL default '0',
`bytes_xfer_used` float NOT NULL default '0',
`files_in_used` int(10) unsigned NOT NULL default '0',
`files_out_used` int(10) unsigned NOT NULL default '0',
`files_xfer_used` int(10) unsigned NOT NULL default '0'

# --------------------------------------------------------

# Table structure for table `ftpuser`

CREATE TABLE `ftpuser` (
`id` int(10) unsigned NOT NULL auto_increment,
`userid` varchar(32) NOT NULL default '',
`passwd` varchar(32) NOT NULL default '',
`uid` smallint(6) NOT NULL default '5500',
`gid` smallint(6) NOT NULL default '5500',
`homedir` varchar(255) NOT NULL default '',
`shell` varchar(16) NOT NULL default '/sbin/nologin',
`count` int(11) NOT NULL default '0',
`accessed` datetime NOT NULL default '0000-00-00 00:00:00',
`modified` datetime NOT NULL default '0000-00-00 00:00:00',
) TYPE=MyISAM COMMENT='ProFTP user table' ;

INSERT INTO `ftpuser` VALUES (1, 'testaccount', 'ftppasswd', 5500, 5500, '/home/', '/sbin/nologin',0,'','');


================================================== ================================================== ====================================

le fichier proftpd.conf :
# vi /usr/local/etc/proftpd.conf

================================================== ================================================== ====================================
ServerName "Serveur FTP"
ServerType standalone
ServerAdmin mail

# Hide as much as possible to outside users
ServerIdent on "Bienvenue sur le serveur FTP, merci de vous logguer"
DeferWelcome on
DefaultServer on
AccessGrantMsg "Utilisateur %u connecté"

# Allow FTP resuming.
# Remember to set to off if you have an incoming ftp for upload.
AllowStoreRestart on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30

# Divers perso
AllowOverwrite on
AllowRetrieveRestart on
AllowForeignAddress on
RootLogin no
ListOptions "-a"
MaxClients 5
MaxClientsPerHost 3
MaxLoginAttempts 3
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
# TransferRate APPE,STOR 8000
# TransferRate RETR 8000
UseReverseDNS off
IdentLookups off

# Set the user and group under which the server will run.
User nobody
Group nobody

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes Plaintext Crypt
SQLAuthenticate users* groups*

# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo ftpdb@localhost proftpd password

# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo ftpuser userid passwd uid gid homedir shell

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo ftpgroup groupname gid members

# set min UID and GID - otherwise these are 999 each
SQLMinID 500

# create a user's home directory on demand if it doesn't exist
SQLHomedirOnDemand on

# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser

# Update modified everytime user uploads or deletes a file
SQLLog STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser

# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies

QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

RootLogin off
RequireValidShell off

================================================== ================================================== ====================================