Home / server / Questions / 148906
Accepted
Nik
Asked: 2010-06-08 05:44:57 +0800 CST

ProFTPD Virtual User Directory

  • 772

Alright, I'm trying to replicate a web hosting company's basic setup here by authenticating virtual users via SQL and redirect/jail them to their directory. I've accomplished most of the goals here, with the exception of redirect/jailing them to their directory.

The directories are stored in /home/ftp and that's what DefaultRoot is set to. I want each individual user to have and be jailed into their own directory. It doesn't appear that setting homedir in SQL has any effect. Upon logging into FTP with any user, it logs into the DefaultRoot with no directory jailing or redirect.

How do I accomplish this last task?

ftp ubuntu proftpd

2 Answers

  1. Best Answer

    Try commenting out DefaultRoot I think it may override the values read from the database backend.

    EDIT:

    If DefaultRoot is set and anything other than ~ then the user will be jailed in a tree rooted at DefaultRoot.

    If DefaultRoot is ~ then the user will be jailed in a tree rooted at theit home directory.

    • 4

  2. In addition to setting DefaultRoot ~ as mentioned, what does your SQL config look like - are you actually extracting it from the database?

    DefaultRoot ~

<IfModule mod_dso.c>
  LoadModule mod_sql.c
  LoadModule mod_sql_mysql.c
</IfModule>

SQLLogFile          /var/log/proftpd/mod_sql.log
PersistentPasswd    off
AuthPAM             off
AuthUserFile        /some/path/to/dummy/passwd.ftp
AuthGroupFile       /some/path/to/dummy/group.ftp
AuthOrder           mod_sql.c mod_auth_file.c

SQLConnectInfo      proftpd@localhost:3306 userdatabase password
SQLAuthTypes        Backend Crypt Plaintext OpenSSL
SQLUserInfo         user user_id password NULL NULL ftp_homedir NULL
SQLAuthenticate     users
SQLDefaultUID       14
SQLDefaultGID       50
SQLMinUserUID       13
SQLMinUserGID       49

    That's a more or less concise example of doing 100% auth from the database and jailing them to their homedir as listed in the DB. If you want to also dynamically create their home directory when they log in (useful if you add them in a database and don't want to log into a server to do it) you can add:

    CreateHome on dirmode 0755

    ...to the config. The other two dummy files listed above match your ProFTPd install, which on a Red Hat/Centos server:

    passwd.ftp

    ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin

    group.ftp

    ftp:x:50:
nobody:x:99:

    This all makes your virtual users have UID/GID of 14:50 on the hard drive regardless of their login username.

    • 2