Difference between revisions of "Installation:Ubuntu:ProFTPd"

From PMWH2 - PHPMyWebHosting's official wiki
Jump to: navigation, search
(Finally)
 
 
Line 1: Line 1:
<div align="right">[[Installation:Upuntu|up]]</div>
+
<div align="right">[[Installation:Ubuntu|up]]</div>
  
 
====Installation====
 
====Installation====

Latest revision as of 10:44, 12 December 2012

up

Installation

On Ubuntu 7.10 Server you need to install the following packages:

  • proftpd
  • proftpd-mysql (mySQL)
  • proftpd-pgsql (PostgreSQL)
  • ucf

On Debian GNU/Linux use this command to install all at once:

mySQL

sudo apt-get install proftpd proftpd-mysql ucf

PostgreSQL

sudo apt-get install proftpd proftpd-pgsql ucf

Prepare for configuration

mySQL

First we create a mysql user to access the proftpd tables:

bash #> mysql -u root -p mysql
Enter password: 
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 244
Server version: 5.0.45-Debian_1ubuntu3.1-log Debian etch distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> GRANT SELECT,UPDATE on pmwh.proftpd to 'proftpd'@'localhost' identified by "proftpd-password";
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT SELECT on pmwh.proftpd_groups to 'proftpd'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT SELECT on pmwh.proftpd_quotalimits to 'proftpd'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT SELECT,INSERT,UPDATE on pmwh.proftpd_quotatallies to 'proftpd'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

PostgreSQL

comming soon

Configuration

etc/proftpd/modules.conf

#
# This file is used to manage DSO modules and features.
#

# This is the directory where DSO modules reside

ModulePath /usr/lib/proftpd

# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded

ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *

LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c
LoadModule mod_sql.c

 # for mySQL use
 LoadModule mod_sql_mysql.c
 # for PostgreSQL use
 # LoadModule mod_sql_postgres.c

LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c
LoadModule mod_quotatab_ldap.c
LoadModule mod_quotatab_sql.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c

# keep this module the last one
LoadModule mod_ifsession.c

/etc/proftpd.conf Then edit /etc/proftpd.conf and replace the content with the following content:

#
# Includes required DSO modules. This is mandatory in proftpd 1.3
#
Include /etc/proftpd/modules.conf

ServerName                      "%v"
ServerType                      standalone
DeferWelcome                    on

DefaultRoot                     ~

MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                     "-l"

DenyFilter                      \*.*/

Port                            21

# Turn off Ident lookups
IdentLookups         off

# Turn off DelayEngine (on|off)
DelayEngine off

#
# Logging options
#
SystemLog       /var/log/proftpd/system_log
TransferLog          /var/log/proftpd/xfer_log

# Some logging formats
#
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
# Log file for awstats
LogFormat awstats "%t   %h      %u      %m      %f      %s      %b"     # WARNING: You must use a tab char between % tags and not a space !
ExtendedLog           /var/log/proftpd/awstats.xfer_log read,write awstats

# Log file/dir access
ExtendedLog          /var/log/proftpd/access_log    WRITE,READ write

# Record all logins
ExtendedLog          /var/log/proftpd/auth_log      AUTH auth

# Paranoia logging level....
ExtendedLog          /var/log/proftpd/paranoid_log  ALL default

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            vmail
Group                           vmail

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                           022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                  on

DefaultRoot ~ !users

# SQLLOGFILE /var/log/proftpd/sql.log

SQLAuthTypes                    Crypt
SQLAuthenticate                 users* groups*

# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo                pmwh2@localhost postfix_user postfix_password

# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo                     proftpd username password uid gid homedir NULL

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo                    proftpd_groups groupname gid members

# set min UID and GID - otherwise these are 999 each
SQLMinID                        500

# create a user's home directory on demand if it doesn't exist
SQLHomedirOnDemand on
# show to user @ login
SQLNamedQuery count SELECT "count from proftpd where username='%u'"
SQLNamedQuery used SELECT "proftpd_quotatallies.bytes_in_used FROM proftpd_quotatallies where proftpd_quotatallies.name='%u'"
SQLNamedQuery avail SELECT "proftpd_quotalimits.bytes_in_avail FROM proftpd_quotalimits where proftpd_quotalimits.name='%u'"
SQLShowInfo PASS "230" "You've logged on %{count} times, %u"
SQLShowInfo PASS "230" "QuotaInfo: %{used}(used) / %{avail}(limit) bytes"

#Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE username='%u'" proftpd

# updates bytes_xx
SQLLog STOR updatebytesin
SQLNamedQuery updatebytesin UPDATE "bytes_in = bytes_in + '%b' WHERE username = '%u'" proftpd
SQLLog RETR updatebytesout
SQLNamedQuery updatebytesout UPDATE "bytes_out = bytes_out + '%b' WHERE username = '%u'" proftpd

# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail,  files_in_avail, files_out_avail, files_xfer_avail FROM proftpd_quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM proftpd_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" proftpd_quotatallies

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" proftpd_quotatallies

QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

QuotaLock /var/run/tally.lock

RootLogin off
RequireValidShell off

SQLDefaultUID                   5000       # [VMAIL-UID]
SQLDefaultGID                   5000       # [VMAIL-GID]

Finally

Restart proftpd by

sudo /etc/init.d/proftpd restart

Configuring ProFTPd done. next step