hallo
Ik ben aan het dwalen in het doolhof van de uitgebreide configuratie mogelijkheden van proftpd. mijn proftpd server is geinstaleerd met quota's en mysql. het werkt werkt maar niet optimaal. wat ik wil bereiken:
-niemand mag op de ftp server inloggen behalve de mensen die in de mysql database staan aangegeven.
-deze mensen mogen uitsluitend in hun eigen map, dit is dus hun root directorie
-in hun map mogen ze mappen maken bestanden aanpassen en plaatsen en downloaden.
dit is mijn config file tot zo ver:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "FTP server"
ServerType standalone
Systemlog /server/logs/proftpd/ftp.log
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Don't use IPv6 support by default.
UseIPv6 off
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30
# Set the user and group under which the server will run.
User proftpd
Group proftpd
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>
# Added mysql lines
# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes Plaintext Crypt
SQLAuthenticate users*
# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo proftpd@localhost proftpd *secret*
# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo ftpuser userid passwd uid gid homedir shell
# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo ftpgroup groupname gid members
# set min UID and GID - otherwise these are 999 each
SQLMinID 500
# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
# Update modified everytime user uploads or deletes a file
SQLLog STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on
SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_ou$
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM $
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %$
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
RootLogin off
RequireValidShell off
# fake user settings
DirFakeUser on herrbrand
DirFakeGroup on herrbrand
DirFakeMode 0000
# Log file/dir access
ExtendedLog /server/logs/proftpd/proftpd_access.log
# Record all logins
ExtendedLog /server/logs/proftpd/proftpd_auth.log
# Paranoia logging level....
ExtendedLog /server/logs/proftpd/proftpd_paranoid.log
wat moet ik nog veranderen aan deze config file om mijn wensen te bereiken?
Volgens mij klopt de umask niet, en moet deze niet in een <virtualHost> sectie?
wat doet dit precies:
<Limit SITE_CHMOD>
DenyAll
</Limit>
Alvast bedankt voor de hulp.
Robbert