FreeBSD - ProFTPd

Установка

 # cd /usr/ports/ftp/proftpd && make config
 ┌────────────────────────────────────────────────────────────────────┐
 │                    Options for proftpd 1.3.2c                      │
 │ ┌────────────────────────────────────────────────────────────────┐ │
 │ │[ ] BAN              Include mod_ban (Requires CTRLS)           │ │
 │ │[ ] CLAMAV           Include mod_clamav                         │ │
 │ │[ ] CTRLS            Include controls                           │ │
 │ │[ ] DIGEST           Include mod_digest                         │ │
 │ │[ ] IFSESSION        Include mod_ifsession                      │ │
 │ │[ ] IPV6             Use IPv6                                   │ │
 │ │[ ] LDAP             Use LDAP                                   │ │
 │ │[ ] LDAP_TLS         Use LDAP TLS (Requires LDAP, OPENSSL)      │ │
 │ │[X] NLS              Use nls (builds mod_lang)                  │ │
 │ │[ ] OPENSSL          Include mod_tls                            │ │
 │ │[ ] PGSQL            Postgres auth (Can be combined with MYSQL) │ │
 │ │[X] QUOTA            Include mod_quota                          │ │
 │ │[ ] QUOTATAB_RADIUS  include mod_quotatab_radius                │ │
 │ │[ ] RADIUS           Include mod_radius                         │ │
 │ │[ ] RATIO            Include mod_ratio                          │ │
 │ │[ ] README           Include mod_readme                         │ │
 │ │[ ] REWRITE          Include mod_rewrite                        │ │
 │ │[ ] TDS              FreeTDS - Sybase & MS-SQL auth (Exclusive) │ │
 │ │[ ] WRAP             Include mod_wrap2                          │ │
 │ │[ ] WRAP_FILE        Include mod_wrap2_file                     │ │
 │ │[ ] WRAP_SQL         Include mod_wrap2_sql                      │ │
 │ │[X] MYSQL            MySQL auth (Can be combined with PGSQL)    │ │
 ├─└────────────────────────────────────────────────────────────────┘─┤
 # make install clean

/usr/local/etc/proftpd.conf

 ServerName                      "ProFTPD Default Installation"
 ServerType                      standalone
 DefaultServer                   on
 ScoreboardFile                  /var/run/proftpd/proftpd.scoreboard
 
 # Do not perform ident nor DNS lookups (hangs when the port is filtered)
 IdentLookups                    off
 UseReverseDNS                   off
 
 # mod_lang
 <IfModule mod_lang.c>
      LangEngine on
      UseEncoding KOI8-R CP1251
 </IfModule>
 
 # Port 21 is the standard FTP port.
 Port                            21
 
 # Umask 022 is a good standard umask to prevent new dirs and files
 # from being group and world writable.
 Umask                           022
 MaxInstances                    30
 CommandBufferSize               512
 PassivePorts                    49152 65535
 
 # Set the user and group under which the server will run.
 User                            nobody
 Group                           nogroup
 
 # To cause every FTP user to be "jailed" (chrooted) into their home
 # directory, uncomment this line.
 DefaultRoot ~
 
 # Normally, we want files to be overwriteable.
 AllowOverwrite          on
 
 # Bar use of SITE CHMOD by default
 <Limit SITE_CHMOD>
      DenyAll
 </Limit>
 
 # Define the log formats
 LogFormat                       default "%h %l %u %t \"%r\" %s %b"
 LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
 TransferLog                     /var/log/proftpd/tranfer.log default
 SystemLog                       /var/log/proftpd/error.log
 
 # ------------------ sql autentication ---------------------------------
 SQLBackend              mysql
 SQLAuthTypes            Backend
 SQLMinUserUID           1000
 SQLMinUserGID           1000
 SQLAuthenticate         users
 SQLConnectInfo          mysql-db@localhost:3306 mysql-login mysql-password
 SQLUserInfo             users userid passwd uid gid homedir shell
 RequireValidShell       off
 # -----------------------------------------------------------------------

Настройка MySQL

 mysql> create database mysql-db;
 mysql> grant all privileges on mysql-db.* to mysql-login@localhost identified by "пароль";
 mysql>\q
 # mysql -u mysql-login -p''пароль'' mysql-db
 mysql> CREATE TABLE users (userid VARCHAR(30) NOT NULL UNIQUE, passwd VARCHAR(80) NOT NULL, uid INTEGER, gid INTEGER, homedir VARCHAR(255), shell VARCHAR(255));

Создание FTP-юзера

 mysql> insert into users VALUES ('vukor','пароль',1001,1001,'/home/vukor.tomsk.ru','/sbin/nologin');
 mysql> update users SET passwd=password('пароль') where userid='vukor';

Создадим каталог для логов и активируем proftpd:

 # mkdir /var/log/proftpd
 # echo "proftpd_enable="YES"" >> /etc/rc.conf
 # /usr/local/etc/rc.d/proftpd start

p.s. пока не нашел решение как сделать аутентификацию only MySQL (пускает системного юзера также). Но если удалить таблицу users, то успешная аутентификация не выполняется.

Ссылки

Комментарии

 
blog/2011/12/08-freebsd_-_proftpd.txt · Последние изменения: 2011/12/08 15:30 — Антон Бугреев · []