Ubuntu Linux
 
 
 
 
Home      proftp server configuration and GUI Administration



ubuntu linux
 Home
Linux
Why Ubuntu
Links
Ubuntu Technical Documentation
Installation of Ubuntu 7.10 Desktop
Amanda Backup Using Virtual Tape
NMS Zabbix Installation
Version Control System - Bazaar
Ubuntu 7.10 to 9.04 Documentation
 
In this tutorial I am going to explain how you can set up a ProFTPd server with the user database in a MySQL database. I will provide an example on how to set up the php administration tool on one machine (the machine where you have got the database)and how you can configure two ftpservers to use this database.
 
Package's Installation
 
 # sudo apt-get install mysql-server mysql-client apache2 
   php5
 
 # sudo apt-get install proftpd
 
Install the PHP-files

Download andUnpack the php-files:

#tar xvzf ppmy-0.3.tar.gz

Then you should copy this folder to a directory where it can be found by your web server.
#cd ppmy-0.3
#mkdir /var/www/proftp-admin
#cp *.php /var/www/proftpd-admin

Change /var/www/ to the path where you have put your website. You may also change "proftpd-admin" to something else if you want.
Configure PPMy

Edit /var/www/proftpd-admin/ftpcfg.php in your favourite editor. Change the variables to appropriate values. You probably want to check:

$cfg->db_host="localhost";
$cfg->db_name="proftpd";
$cfg->db_user="proftpd";
$cfg->db_pass="proftpd";
$cfg->homedir_prefix="/home/ftp/user";

If you can create your own database you can leave these fields as they are. If you can't create your own database but only tables, change db_name to the name of your database. If you want to use home directories for your users you should change the homedir prefix to something that exists on your system. You should also make sure that this directory is writable by the user running the proftpd process. This is specified by the proftpd.conf configuration file.
Setup MySQL Database
 
You need one database and at least two tables in that database.

#sudo mysql

Create database

mysql> CREATE DATABASE proftpd;

If you do not want to create a database just do:

mysql> use [DATABASE];

where database is the database you want to use or

mysql> use proftpd;

if you created the database above.

Create tables for users and groups

mysql> CREATE TABLE users (
  userid varchar(10) NOT NULL default '',
  uid int(10) unsigned NOT NULL auto_increment,
  gid int(10) unsigned NOT NULL default '0',
  passwd varchar(255) NOT NULL default '',
  homedir varchar(255) NOT NULL default '',
  description varchar(255) NOT NULL default '',
  disabled int(10) unsigned NOT NULL default '0',
  shell varchar(20) NOT NULL default '',
  expires datetime NOT NULL default '0000-00-00 00:00:00',
  email varchar(255) NOT NULL default '',
  name varchar(255) NOT NULL default '',
  ul_bytes bigint(20) NOT NULL default '0',
  dl_bytes bigint(20) NOT NULL default '0',
  login_count bigint(20) NOT NULL default '0',
  dl_count bigint(20) NOT NULL default '0',
  ul_count bigint(20) NOT NULL default '0',
  last_login datetime default NULL,
  PRIMARY KEY  (uid)
) TYPE=MyISAM;

mysql> CREATE TABLE groups (
  groupid varchar(10) NOT NULL default '',
  gid int(10) unsigned NOT NULL auto_increment,
  members varchar(255) NOT NULL default '',
  PRIMARY KEY  (gid)
) TYPE=MyISAM;


mysql> INSERT INTO users (uid) VALUES (9999);
mysql> INSERT INTO groups (gid) VALUES (9999);
mysql> DELETE FROM users WHERE uid=9999;
mysql> DELETE FROM groups WHERE gid=9999;

The last four lines is there to make the default uid and gid 10000. This might be a good idea since you do not want your ftp users to conflict with your system users.

User privileges

You should also give access for the proftpd mysql database user to read and write these tables:

mysql> GRANT ALL ON users TO proftpd@localhost IDENTIFIED BY 'proftpd';

mysql> GRANT ALL ON groups TO proftpd@localhost IDENTIFIED BY 'proftpd';

This creates a database user named proftpd which can connect from localhost with password "proftpd". Since we want to use this database from another system too we want to add another host to this user:

mysql> GRANT ALL ON users TO proftpd@server1.ubuntulinux.co.in IDENTIFIED BY 'proftpd';

mysql> GRANT ALL ON groups TO proftpd@server1.ubuntulinux.co.in IDENTIFIED BY 'proftpd';
 
Create users and groups

Now it is time to create at least one group using the webb based admin
utility. Point your webb browser to

http://localhost/proftpd-admin/index.php

or whatever host you just installed the php files on.
 
Configure ProFTPd

Configure ProFTPd on the local machine.Of course you need some things in your proftpd.conf. The most important line in the

configuration is probably "SQLConnectInfo".

SQLConnectInfo        proftpd@localhost proftpd proftpd

"proftpd@localhost" tells proftpd that it should connect to the MySQL-server on the host "localhost" with username and password "proftpd". "proftpd" is the username you created for the database. Change "localhost" to the appropriate hostname.

The second and third argument is the password and database. See proftpd reference documentation for more information. Since you have the database password in clear text it might be a good idea to limit readaccess for the configuration file on a multiuser system.

I have the following MySQL-related stuff in my proftpd.conf:

<Limit LOGIN>
  Order deny,allow
  AllowGroup ftpserver1
  AllowGroup ftpall
</Limit>

SQLConnectInfo        proftpd@localhost proftpd proftpd
SQLAuthenticate       users groups
SQLAuthTypes          Crypt Backend
SQLDefaultHomedir     ~
SQLUserInfo           users userid passwd uid gid homedir shell
SQLGroupInfo          groups groupid gid members

SQLHomedirOnDemand    on
SQLLogFile        /var/log/proftpd.sql_log

# Count number of logins for each user
SQLLog                PASS logincount
SQLNamedQuery         logincount UPDATE "login_count=login_count+1 WHERE userid='%u'" users
# Save last login
SQLLog                PASS lastlogin
SQLNamedQuery         lastlogin UPDATE "last_login=now() WHERE userid='%u'" users
# Count number of bytes/files downloaded and uploaded
SQLLog RETR           dlbytescount
SQLNamedQuery         dlbytescount UPDATE "dl_bytes=dl_bytes+%b WHERE userid='%u'" users
SQLLog RETR           dlcount
SQLNamedQuery         dlcount UPDATE "dl_count=dl_count+1 WHERE userid='%u'" users
SQLLog STOR           ulbytescount
SQLNamedQuery         ulbytescount UPDATE "ul_bytes=ul_bytes+%b WHERE userid='%u'" users  
SQLLog STOR           ulcount
SQLNamedQuery         ulcount UPDATE "ul_count=ul_count+1 WHERE userid='%u'" users

# Do not let disabled or expired users to login
SQLUserWhereClause    "disabled!=1 and (NOW()<=expires or expires=-1)"

# Do not require a valid shell, this might be a good thing to turn on for SQL-users
# This might simplify the configuration a little bit
RequireValidShell     off

Configure proftpd on an additional system using the same user database.

On the second system you might want to replace a few rows:

<Limit LOGIN>
  Order deny,allow
  AllowGroup ftpserver2
  AllowGroup ftpall
</Limit>

SQLConnectInfo        proftpd@server1 proftpd proftpd

User homedir support

I you are setting up a web server with user accounts you might want a home directory for each user. When you create a user you can specify a home directory prefix for the user. If the user you create are named "ubuntu" and the home directory prefix is "/home/ftp/users" the resulting home directory will be "/home/ftp/users/ubuntu".

To automatically let proftpd create this directory you could use the following directive in the proftpd configuration file:

SQLHomedirOnDemand    on

It is important to remember that for that to work "/home/ftp/user" must be writable by the user that owns the proftpd process. If you do not want to use custom home directories for your user, simply use "SQLHomedirOnDemand off" in your proftpd.conf.
 
Finally uncomment the following entry in 
 
/etc/proftpd/modules.conf

LoadModule mod_sql.c

LoadModule mod_sql_mysql.c
 
Restart the proftp server

#sudo /etc/init.d/proftpd restart