ProFTP-this has got to be easier than I'm making it, please help!
 

I know this is long, please read the post and help if you can, I'm ready to scrap linux after 3 months of hard work setting up other parts of my linux server.


I've been attempting to get FTP working for about a month now. No one seems to know what I'm talking about. I am a linux newbie but I've learned a lot about my machine in the past 3 months.

Is ProFTP just a crappy program that no one uses and that's why I can't get a freaking answer? If it is, just say - use *** ftp program instead, it works and everyone uses it so you'll have lots of support. Or am I in the wrong form? If so, just direct me to the right forms to deal with linux server type issues. Here is my problem:

I am setting up a linux machine to be a webserver. I am running slackware 9, Apache 2.0.48 and ProFTPd 1.2.9. I have all my web related stuff in /wwwroot
/wwwroot/apache2 - apache
/wwwroot/proftpd - proftpd
/wwwroot/mysql - my sql
/wwwroot/sites - all web sites
...and so on.

I compiled proftpd from source and installed it. I have used the included ftpasswd file to setup a password file with some users and a group file. They are located in /wwwroot/passwords/ftp.passwd (and ftp.group).

I can login to my ftp server with anonymous access and upload anything I want to the anonymous directory. The owner/permissions on the 'upload' directory (in /home/ftp) are 'ftp/ftp 755'. I want some people I host for to be able to login to ftp with user/pass and manage their website. When I login with a user account I created (in /wwwroot/passwords/ftp.passwd) I am taken to the proper home directory but I cannot upload anything unless the permissions on the directory are 777. Previously when I uploaded files with a user account, they had ownership of operator/games. I added "UserOwner ftp GroupOwner ftp" which fixed that problem, but I still can't upload anything unless the directory permissions are 777. Why can I upload with anonymous and permissions are 755 but not with a user account.

Do I need to add <Limit STOR> somewhere or <Limit WRITE> ?

I have pasted my proftpd.conf file below for scrutiny. I enjoy using my linux box and like the way it's administrated and how 'light' it is but I'm considering scrapping it all because I can't setup FTP after 1+ month of attempting to get it right.

Please help!

^bump

Hello,

I am also somewhat of a linux newbie building a web hosting server. I am using RedHat 9. Like you, I am using ProFTPd as my FTP server. I also struggled at first with the FTP user thing. I finally figured out that you can use system users as FTP users (and POP3 mail users). I am not using any ftp.passwd file or any special FTP authentication. To create an FTP user, I simply add another UNIX system user. I use Webmin to add users as I do not know the full command line way to add users with all the options I want. So you might want to think about installing webmin if you don't have it and you want an easy way to add users and do many other things on your Linux system. Anyway, to add a user (in webmin) you just type in the username and password you want (click the "Normal Password" circle and then type the password in the box next to it). Then set their shell to /bin/false so that they cannot SSH into your machine if you have SSH daemon running. Then I set their group to "ftp" and type in or choose their home directory.

Then, to give them the right permissions, you chown their home directory and any other directory that is already under their home directroy (such as public_html) to the user that will be FTPing to that directory.

For example: Lets say you want to create a user named fredftp with a password that you specify and the home directory of /wwwroot/fred.com and you are at the command line, you would first create the user.

Then, create the password for the account:

Then, change the owner of the directory so that the user can change the permissions to anything he wants in his directory.

Then change permissions of the directory so that only that user will be able to change the permissions and files of that directory.

Now the user should be able to log in to your ftp server with the username fredftp and the password that you supply him. It should chroot him into /wwwroot/fred.com as long as you have the DefaultRoot ~ statement in your proftpd.conf file.

Here is the proftpd.conf file that I use to make this setup work:

Here is a small description of the above file: (courtesty of redhat.hostinghacks.net)

ServerName "yourdomain.com" - This will be visible during login.

Umask 022 - Makes new directories and files with 755 permissions which prevents them from being group and world writable. If you want group writable use: Umask 002.

<Global>
AllowOverwrite yes
<Limit ALL SITE_CHMOD> - allow chmod and overwrites.
AllowAll
</Limit>
</Global>

DefaultRoot ~ - Jail users into their home directories.

RequireValidShell no - There are 2 choices for user login shells:

Set 'RequireValidShell no' in /etc/proftpd.conf
Add /bin/false to /etc/shells, in which case you don't need 'RequireValidShell no'

UseReverseDNS off
IdentLookups off - time/bandwidth reducing options

MaxInstances 25 - prevents dos attacks in standalone mode.

MaxLoginAttempts 3
LsDefaultOptions "-a"
TimeoutNoTransfer 900
TimeoutIdle 600 - typical ftp settings
TimeoutLogin 300
AllowRetrieveRestart on
AllowStoreRestart on

However, this setup will not allow anonymous connections.


I'm not sure what to add or take off to allow anonymous connections.

This should be all you need to run your ftp server with authenticated users.

Let me know if this helps at all.

Louie