LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-10-2004, 07:45 PM   #1
kafnir
Member
 
Registered: Oct 2002
Location: USA
Distribution: Fedora and Ubuntu
Posts: 137

Rep: Reputation: 15
proftpd configuration problem


can anyone please tell me how can I configure more several" virtualhost" on proftpd
this is the error message I get when I execute this command " service proftpd start"

Starting proftpd: - getaddrinfo 'web-1.gnx-usa.com' error: Name or service not known
- getaddrinfo 'web-1.gnx-usa.com' error: Name or service not known
- error: unable to determine IP address of 'web-1.gnx-usa.com'
- getaddrinfo 'ftp.gnx-usa.com' error: Name or service not known
- getaddrinfo 'ftp.gnx-usa.com' error: Name or service not known
- error: unable to determine IP address of 'ftp.gnx-usa.com'
- getaddrinfo 'ftp.foo1.com' error: Temporary failure in name resolution
- no such user 'foo1'
- Fatal: User: Unknown user 'foo1'.
[FAILED]


this is the source code that I try to configure so I can give some other people from a newsgroup acces to files in my database.where they can download and read files, but they cannot make any changes

#
# Virtual Hosting Server Configuration
# by M.Lowes <kafnir@gnx-usa.com>
# for Frontier Internet Services Limited
# (http://www.gnx-usa.com/)
#
ServerName "Master Webserver"
#
# Spawn from inetd?
#
#ServerType inetd
#
# or maybe a standalone server...
#
ServerType standalone
#
# don't give the server banner until _after_ authentication
#
DeferWelcome off
#
# Some basic defaults
#
Port 21
Umask 002
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600
#
# No, I don't think we'll run as root!
#
User ftp
Group ftp
#
# This is a non-customer usable name, (ie they should be connecting via www.{domain})
# not 'hostname'. Therefore let's dump them in a dummy account and wait for them to
# scream.
#
DefaultRoot /web/Legacy/
#
# Performance, let's do DNS resolution when we process the logs...
#
UseReverseDNS off
#
# Where do we put the pid files?
#
ScoreboardFile /var/run/proftpd
#
# Logging options
#
TransferLog /var/spool/syslog/proftpd/xferlog.legacy
#
# Some logging formats
#
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
#
# Global settings
#
<Global>
DisplayLogin welcome.msg
DisplayFirstChdir readme
#
# having to delete before uploading is a pain
#
AllowOverwrite yes
#
# Turn off Ident lookups
#
IdentLookups off
#
# Logging
#
# file/dir access
#
ExtendedLog /var/spool/syslog/proftpd/access.log WRITE,READ write
#
#
# Record all logins
#
ExtendedLog /var/spool/syslog/proftpd/auth.log AUTH auth
#
# Paranoia logging level....
#
##ExtendedLog /var/spool/syslog/proftpd/paranoid.log ALL default
</Global>

#
# Deny writing to the base server...
#
<Limit WRITE>
DenyAll
</Limit>


# --------------------------------------------
# Virtual Servers start here....
#
# (Note: this is normally auto generated by a
# script written in house).
# --------------------------------------------
#
# www.gnx-usa.com.
# This is the default server
# Gets all the connections for www.{customer.domain},
# & www.gnx-usa.com
#
<VirtualHost www.gnx-usa.com>
ServerAdmin webmaster@gnx-usa.com
ServerName "Master Webserver"
MaxLoginAttempts 2
RequireValidShell no
TransferLog /var/spool/syslog/proftpd/xferlog.www
MaxClients 50
DefaultServer on
DefaultRoot ~ !staff
AllowOverwrite yes

#
# No quickly do we kick someone out
#
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900

# --------------------------------------------
# Got a Frontpage customer who keeps breaking things????
# - stick 'em in group fpage
# --------------------------------------------
<Directory ~/public_html>
#
# Block them from doing anything other than reading...
#
<Limit STOR RNFR DELE>
DenyGroup fpage
</Limit>
</Directory>
#
# ditto for ftp_root if it's there...
#
<Directory ~/ftp_root>
<Limit STOR RNFR DELE>
DenyALL
</Limit>
</Directory>
#
# Limit by IP...
#
<Directory /web/zsl>
<Limit ALL>
Order Allow,Deny
Allow 66.240.84.215
Allow 216.199.46.11
Deny ALL
</Limit>
</Directory>

</VirtualHost>

# --------------------------------------------
#
# Legacy server, left in because some people
# haven't realised it's gone yet. Shove 'em into
# a dummy $home
#
<VirtualHost web.gnx-usa.com>
ServerAdmin webmaster@gnx-usa.com
ServerName "Legacy Web Upload Server"
MaxLoginAttempts 2
RequireValidShell no
MaxClients 50
DefaultRoot ~ !staff
MaxClients 2
AllowOverwrite yes
TransferLog /var/spool/syslog/proftpd/xferlog.web-1
</VirtualHost>

# --------------------------------------------
#
# ftp.gnx-usa.com
#
<VirtualHost ftp.gnx-usa.com>
ServerAdmin ftpmaster@gnx-usa.com
ServerName "gnx-usa Internet Public FTP Server"
TransferLog /ftp/xferlog/ftp.gnx-usa.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.gnx-usa.com
AllowOverwrite yes

#
# Auth files....
#
AuthUserFile /var/conf/ftp/authfiles/passwd.ftp.gnx-usa.com
AuthGroupFile /var/conf/ftp/authfiles/group.ftp.gnx-usa.com

# A basic anonymous configuration, no upload directories.
<Anonymous /ftp/ftp.gnx-usa.com>
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp
RequireValidShell no

# Limit the maximum number of anonymous logins
MaxClients 50

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.

<Directory pub/incoming>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP>
AllowAll
</Limit>
</Directory>

<Directory home>
<Limit ALL>
DenyAll
</Limit>
</Directory>

#
# Limit access to the mirrors to LINX
# only
#
<Directory mirrors>
<Limit RETR>
Order Allow,Deny
Allow .us, .gnx-usa.com
Allow .vom.tm
Deny ALL
</Limit>
</Directory>

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>


</Anonymous>

</VirtualHost>

# ----------------------------------------------------
# Virtual ftp with anon access, but no incoming
#
<VirtualHost ftp.foo1.com>
ServerAdmin ftpmaster@foo1.com
ServerName "Foo1 FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo1.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo1.com
User foo1
Group foo1
AllowOverwrite yes

#
# Auth files....
#
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo1.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo1.com

<Anonymous /ftp/ftp.foo1.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
</VirtualHost>


# ----------------------------------------------------
# ftp.foo2.com
# Anon, no incoming, some private access areas
#
<VirtualHost ftp.foo2.com>
ServerAdmin ftpmaster@mcresearch.co.uk
ServerName "MC Research FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo2.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo2.com
User foo2
Group foo2
AllowOverwrite yes

#
# Auth files....
#
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo2.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo2.com

<Anonymous /ftp/ftp.foo2.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20

<Directory download>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>

<Directory /ftp/ftp.foo2.com/pub>
<Limit WRITE>
AllowUser clint
DenyAll
</Limit>
</Directory>

<Directory /ftp/ftp.foo2.com/download>
<Limit ALL>
AllowUser clint
AllowUser customer
DenyAll
</Limit>
</Directory>
</VirtualHost>


# ----------------------------------------------------
# ftp.foo3.com
#
#
<VirtualHost ftp.foo3.com>
ServerAdmin ftpmaster@farrukh.co.uk
ServerName "Farrukh FTP Archive"
TransferLog /var/spool/syslog/xfer/ftp.foo3.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /web/farrukh2/ftp_root
User clinton
Group clinton
AllowOverwrite yes

#
# Auth files....
#
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo3.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo3.com

<Anonymous /web/farrukh2/ftp_root>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20

<Directory pub/incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP>
AllowAll
</Limit>
</Directory>


<Directory pub/Incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP>
AllowAll
</Limit>
</Directory>
#
# block access to the secure areas by anon...
#
<Directory fpub>
<Limit ALL>
DenyAll
</Limit>
</Directory>

<Directory fgroup>
<Limit ALL>
DenyAll
</Limit>
</Directory>
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>

#
# define user based access
#
<Directory /web/clint/ftp_root/fpub>
<Limit ALL>
AllowUser clint
AllowUser cguest
DenyAll
</Limit>
</Directory>

<Directory /web/clint/ftp_root/fgroup>
<Limit ALL>
AllowUser clint
AllowUser cgroup
DenyAll
</Limit>
</Directory>
</VirtualHost>


# ----------------------------------------------------
# ftp.foo4.com
# anon, with incoming upload
#
<VirtualHost ftp.foo4.com>
ServerAdmin ftpmaster@teamwork.co.uk
ServerName "Teamwork FTP Server"
TransferLog /var/spool/syslog/xfer/ftp.foo4.com
MaxLoginAttempts 3
RequireValidShell no
DefaultRoot /ftp/ftp.foo4.com
User foo4
Group foo4
AllowOverwrite yes

#
# Auth files....
#
AuthUserFile /var/conf/ftp//authfiles/passwd.ftp.foo4.com
AuthGroupFile /var/conf/ftp//authfiles/group.ftp.foo4.com

<Anonymous /ftp/ftp.foo4.com>
User ftp
Group ftp
UserAlias anonymous ftp
RequireValidShell no
MaxClients 20

<Directory pub/incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP>
AllowAll
</Limit>
</Directory>


<Directory pub/Incoming/*>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE DIRS READ>
DenyAll
</Limit>
<Limit CWD XCWD CDUP>
AllowAll
</Limit>
</Directory>

<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
</VirtualHost>

# ----------------------------------------------------
# The end....
# ----------------------------------------------------
 
Old 06-10-2004, 11:41 PM   #2
LoK
Member
 
Registered: May 2004
Location: Detroit MI
Distribution: RHE & FC
Posts: 31

Rep: Reputation: 15
Holy cow! That is the biggest config I think I have ever seen eheh I have a ton of vhosts and it's nowhere near that size

At any rate...

That config has many examples in it. You need to read each section that has comments and modify it accordingly (comments start with #).

For example:


<VirtualHost www.gnx-usa.com>
ServerAdmin webmaster@gnx-usa.com
ServerName "Master Webserver"
MaxLoginAttempts 2
RequireValidShell no
TransferLog /var/spool/syslog/proftpd/xferlog.www
MaxClients 50
DefaultServer on
DefaultRoot ~ !staff
AllowOverwrite yes


Should turn into something like.....

<VirtualHost YOUR HOSTNAME OR IP ADDRESS>
ServerAdmin webmaster@YOUR DOMAIN
ServerName "ANYTHING YOU WANT"
MaxLoginAttempts 2
RequireValidShell no
TransferLog /var/spool/syslog/proftpd/xferlog
MaxClients 50
DefaultServer on
DefaultRoot ~ !staff
AllowOverwrite yes


This config file is rather large, and will require many changes. You need to address each and every line that doesn't start with a # sign.

If this is your first time configuring proftp I would suggest starting out with the default config and adding to it rather than using someone elses prefabricated config. I suggest this because it will give you a working FTP while you learn

The VHOST's are very simple to add and require only a few basic options. I will paste and example just so you can get an idea of what it would look like.


<VirtualHost YOUR IP>
ExtendedLog PATH TO EXTENDED LOG READ BytesLog
TransferLog PATH TO XFERLOG
ServerName YOUR DOMAIN NAME
AuthUserFile PATH TO THE VHOST USERFILE
MaxClients 3 "Sorry, this ftp server has reached its maximum user count (%m). Please try again later"
DirFakeGroup On ftpgroup
DirFakeUser On ftpuser
DefaultRoot ~
<Directory />
AllowOverwrite on
HideGroup wheel
HideUser root
</Directory>
<Anonymous FTP PATH>
UseFtpUsers on
RequireValidShell off
UseFtpUsers on
RequireValidShell off
User ftp
Group ftp
UserAlias anonymous ftp
DisplayLogin welcome.msg
DisplayFirstChdir .message
<Limit WRITE>
DenyAll
</Limit>
<Directory incoming>
<Limit STOR>
AllowAll
</Limit>
<Limit WRITE READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>


When ever you see a line that says "DIRECTORY" you are setting up permissions for the users in that directory.

This can be a very long and drawn out topic I would suggest (as I mentioned above) starting with the DEFAULT config and building it up to match your needs. Only use the config you pasted in your post as a reference. The example I pasted is a "working vhost" entry, however there are other settings which proceed it.

Everything in the config will be commented and for the most part you should be able to understand what they are referring too in each section. It's important that you take the time to read the man pages while you configure it. Not only does it guide you on the basic usage but it will keep you from allowing people to trash your box.

One small mistake could result in someone taking over your computer so be sure to then edit!

NOTE: Pasting my example in your config WILL NOT WORK!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
proftpd configuration / login in problem mickeyren Linux - Software 6 03-01-2005 12:47 PM
proftpd configuration problem adrianmak Linux - Software 1 10-13-2004 09:02 PM
Proftpd configuration/users problem Slack 9.1 Akadin05 Linux - Networking 1 01-04-2004 10:21 PM
proftpd configuration lok1 Linux - Software 1 12-04-2003 11:41 PM
proFTPD configuration help please ScreeminChikin Linux - Networking 1 01-04-2003 07:59 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration