pure-ftpd with mysql auth
Requirements
1. Running Webserver with PHP Support 2. A Running PureFTP Daemon with MySQL Auth support 3. MySQL 4. PhpMyAdmin
Instruction
USE="mysql" emerge -av pure-ftpd
Edit /etc/conf.d/pure-ftpd, and edit the auth method to this:
File: /etc/conf.d/pure-ftpd
AUTH="-l mysql:/etc/pureftpd-mysql.conf"
Note: if you want to use unix and puredb method, just add them in the same line
AUTH="-l unix -l puredb:/etc/myfile.db -l mysql:/etc/pureftpd-mysql.conf"
In order to get pureftpd to start, you have to uncomment out this line of code in /etc/conf.d/pure-ftpd:
File: /etc/conf.d/pure-ftpd
IS_CONFIGURED="yes"
Now create the /etc/pureftpd-mysql.conf with the follwing: Note: the password should be the same as mysql userpassword from your MySQL database configuration (See below).
File: /etc/pureftpd-mysql.conf
MYSQLSocket /var/run/mysqld/mysqld.sock #MYSQLServer localhost #MYSQLPort 3306 MYSQLUser pureftpd MYSQLPassword ftpdpass MYSQLDatabase pureftpd #MYSQLCrypt md5, cleartext, crypt() or password() - md5 is VERY RECOMENDABLE uppon cleartext MYSQLCrypt cleartext MYSQLGetPW SELECT Password FROM ftpd WHERE User="L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MYSQLGetUID SELECT Uid FROM ftpd WHERE User="L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MYSQLGetGID SELECT Gid FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MYSQLGetDir SELECT Dir FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MySQLGetBandwidthUL SELECT ULBandwidth FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MySQLGetBandwidthDL SELECT DLBandwidth FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MySQLGetQTASZ SELECT QuotaSize FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R") MySQLGetQTAFS SELECT QuotaFiles FROM ftpd WHERE User="L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "R")
Note: if you want to use network instead of local socket, just comment the socket part and uncomment the host and port
Now create a pureftp database: Code:
user@host $ mysql -u root -p
password:
mysql> CREATE DATABASE pureftpd;
mysql> USE pureftpd;
mysql> CREATE TABLE ftpd (
User varchar(16) NOT NULL default '',
status enum('0','1') NOT NULL default '0',
Password varchar(64) NOT NULL default '',
Uid varchar(11) NOT NULL default '-1',
Gid varchar(11) NOT NULL default '-1',
Dir varchar(128) NOT NULL default '',
ULBandwidth smallint(5) NOT NULL default '0',
DLBandwidth smallint(5) NOT NULL default '0',
comment tinytext NOT NULL,
ipaccess varchar(15) NOT NULL default '*',
QuotaSize smallint(5) NOT NULL default '0',
QuotaFiles int(11) NOT NULL default 0,
PRIMARY KEY (User),
UNIQUE KEY User (User)
) TYPE=MyISAM;
mysql> grant SELECT, INSERT, UPDATE, DELETE, CREATE, DROP on pureftpd.* to pureftpd@localhost identified by 'ftpdpass';
mysql> flush privileges;
mysql> exit
Restart Pure-ftpd
/etc/init.d/pure-ftpd restart
Now you can access Phpmyadmin and admin, the ftp users via the web
Note: You have to set the Uid and Gid in you mysql database to the actual ids for your ftp user from the password and group file.
http://gentoo-wiki.com/HOWTO_PureFTPD_with_MySQL_Auth_and_PhpMyAdmin »
ftpd Table:
- User: The name of the virtual PureFTPd user (e.g. exampleuser).
- status: 0 or 1. 0 means the account is disabled, the user cannot login.
- Password: The password of the virtual user. Make sure you use MySQL's MD5 function to save the password encrypted as an MD5 string:
- UID: The userid of the ftp user you created at the end of step two (e.g. 2001).
- GID: The groupid of the ftp group you created at the end of step two (e.g. 2001).
- Dir: The home directory of the virtual Proftpd user (e.g. /home/www.example.com). If it does not exist, it will be created when the new user logs in the first time via FTP. The virtual user will be jailed into this home directory, i.e., he cannot access other directories outside his home directory.
- ULBandwidth: Upload bandwidth of the virtual user in KB/sec. (kilobytes per second). 0 means unlimited.
- DLBandwidth: Download bandwidth of the virtual user in KB/sec. (kilobytes per second). 0 means unlimited.
- comment: You can enter any comment here (e.g. for your internal administration) here. Normally you leave this field empty.
- ipaccess: Enter IP addresses here that are allowed to connect to this FTP account. * means any IP address is allowed to connect.
- QuotaSize: Storage space in MB (not KB, as in ULBandwidth and DLBandwidth!) the virtual user is allowed to use on the FTP server. 0 means unlimited.
- QuotaFiles: amount of files the virtual user is allowed to save on the FTP server. 0 means unlimited.
Here is my sample database entry
mysql> select * from ftpd;' +-------+--------+-------------+-----+-----+-----------+-------------+-------------+---------+----------+-----------+------------+ | User | status | Password | Uid | Gid | Dir | ULBandwidth | DLBandwidth | comment | ipaccess | QuotaSize | QuotaFiles | +-------+--------+-------------+-----+-----+-----------+-------------+-------------+---------+----------+-----------+------------+ | bob | 1 | bobspass | 1004 | 407 | /home/ftp | 0 | 0 | | * | 0 | 0 | | joe | 1 | joespass | 1004 | 407 | /home/ftp | 0 | 15 | | * | 0 | 0 | +-------+--------+-------------+-----+-----+-----------+-------------+-------------+---------+----------+-----------+------------+
Here are the permissions for my ftp directories
# ls -l /home dr-x------ 5 ftp ftp 4096 Jan 21 21:10 ftp # ls -l /home/ftp total 12 dr-x------ 2 ftp ftp 4096 Feb 15 10:44 software drwx------ 2 ftp ftp 4096 Feb 6 10:34 upload dr-x------ 2 ftp ftp 4096 Feb 7 11:03 video
Notice that the software and video directories don't have w (write) permissions meaning you can only download from these directories whereas the upload directory has write permission so you can upload files here.
http://www.howtoforge.com/pureftpd_mysql_virtual_hosting_p3 »