install proftpd with web ui on ubuntu 10.04

ProFTPD_Logo-b6d73176e2768915

Last night I was searching around for a good ftp server with good access control,quota support and logging and stumbled upon ProFTPD.

ProFTPD is a advanced ftp server that is extendible with modules and the config is pretty straight  forward (markup us equal to that from apache.conf). I also found a good web ui for ProFTPd with mysql logging,quota support, user management, group management, system resources, etc. named ProFTPd Administrator.

Because setting this up was a slight pain in the ass, here’s an howto for the ubuntu folks !

Step 1: preparation

make sure all the needed packages are installed:

sudo apt-get install apache2 php5 mysql-server mysql-client proftpd proftpd-mysql phpmyadmin

  • Choose a password for the root account in mysql and write it down somewhere (or remember it, even better!).
    quick tip: for easly ‘rememberable’ passwords, use pwgen. Pwgen generates hard to guess, but easy to remember passwords.
  • For phpmyadmin, choose apache2 configuration.

Go to your www-root and download proftpd-adm:

cd /var/www/
wget http://sourceforge.net/projects/proftpd-adm/files/proFTPd%20Administrator/proFTPd%20Administrator%20v1.2/proftpd_admin_v1.2.tar.gz/
tar vxzf proftpd_admin_v1.2.tar.gz
mv proftpd_admin_v1.2 ftp

Step 2: Installing the mysql user and table

Go to /var/www/ftp/misc and edit the database file.

cd /var/www/ftp/misc/database_structure_mysql
vi (or your favorite text editor) db_structure.sql

and change the last lines as followed:

GRANT ALL ON usertable proftpd_admin.* TO proftpd@localhost IDENTIFIED BY ‘SomePass‘;
GRANT ALL ON grouptable TO proftpd@localhost IDENTIFIED BY ‘<database_password>';
GRANT ALL ON xfer_stat TO proftpd@localhost IDENTIFIED BY ‘<database_password>';

Changes are displayed in bold, changes that needs your specific input are displayed in bold italic.
Things that needs to be deleted are striketrough.

Now we need to create the database and fill it with the tables, like this.

mysql -u root -p < db_structure.sql

Test this by executing the following (you will be prompted for the proftpd password you changed above):

mysql -u proftpd -p proftpd_admin
mysql> show tables;
+————————-+
| Tables_in_proftpd_admin |
+————————-+
| ftpquotalimits          |
| ftpquotatallies         |
| grouptable              |
| usertable               |
| xfer_stat               |
+————————-+
5 rows in set (0.00 sec)

Step 3: configuring proFTPd

make the ftp dirs and correct the rights:

mkdir /ftp
chown nobody:nogroup /ftp
chmod 0660 /ftp
mkdir /ftp/incoming
chown nobody:nogroup /ftp/incoming
chmod 0660 /ftp/incoming

Save the default config under another name:

cd /etc/proftpd
mv proftpd.conf proftpd.conf.default

and copy the one from the proFTPd Administrator package & edit:

cp /var/www/ftp/misc/sample_config/proftpd_quota.conf proftpd.conf
vi proftpd.conf

As above, changes are displayed in bold, changes that needs your specific input are displayed in bold italic.
Things that needs to be deleted are strikethrough.

ServerName                      “Server
ServerType                      standalone
ServerIdent                     on              “Server
DeferWelcome                    on
DefaultServer                   on
DisplayLogin                    .welcome        # Textfile to display on login
DisplayConnect                  .connect        # Textfile to display on connection
DisplayFirstChdir               .firstchdir     # Textfile to display on first changedir

UseReverseDNS                   off
IdentLookups                    off

Port                            21
Umask                           022
MaxInstances                    15
MaxClientsPerHost               3               “Only %m connections per host allowed”
MaxClients                      10              “Only %m total simultanious logins allowed”
MaxHostsPerUser                 1
Include                         /etc/proftpd/modules.conf
User                            nobody
Group                           nobodynogroup
[…]
# Set up authentication via SQL
# ===========
AuthOrder                       mod_sql.c
SQLAuthTypes                    Backend
SQLConnectInfo                  proftpd_admin@localhost proftpd SomePass
SQLUserInfo                     usertable userid passwd uid gid homedir shell
SQLGroupInfo                    grouptable groupname gid members
SQLUserWhereClause              “disabled=0 and (NOW()<=expiration or expiration=-1 or expiration=0)”
[…]

ProFTPd Should be configured right now with quota support & authentication via a mysql back end.

try to start the service:

service proftpd restart

If it returns ok, you win! Else, post the errors you’ve got in the comments below.

Step 4: Securing ProFTPd Administrator

Security first! Whe are going to secure our /ftp webdirectory with use of apaches build in httpauth.

edit the default site:

vi /etc/apache2/sites-available/default

Again, changes are displayed in bold, changes that needs your specific input are displayed in bold italic.
Things that needs to be deleted are strikethrough.

<VirtualHost *:80>
ServerAdmin webmaster@localhost

DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride NoneAll
Order allow,deny
allow from all
</Directory>
[…]

Now we create the .htpasswd file. For maximum security, I place this in my apache /etc/ dir

htpasswd -c /etc/apache2/.htpasswd root

Enter your password as you wish.

Go to /var/www/ftp/ and create the .htaccess file

cd /var/www/ftp/
vi .htaccess

AuthType Basic
AuthName “Restricted Area”
AuthUserFile /etc/apache2/.htpasswd
Require user root

Now restart apache2 to apply your changes;

service apache2 restart

Step 6: Make a little change to ProFTPd Administrator code

edit the class_system.php file on line 196 to fix the module problem:

#exec($GLOBALS[‘config_path_to_proftpd’] . ‘ -l’, $modules);
#Fix for ubuntu
exec(“cat /etc/proftpd/modules.conf | egrep -v \”^#\” | egrep -v \”^ModuleControlsACLs\” | sed ‘s/LoadModule //g’ | egrep -v \”^ModulePath\””,$modules);

Step 7: Configuring ProFTPd Administrator

make sure configuration.xml is writable to apache:

chown www-data:www-data /var/www/ftp/configuration.xml

in your webbrowser, go to [ip-server]/ftp/configure.php
login with your credetials as mentioned above.

Database

Enter the information as followed:

  • username: proftpd
  • password: SomePass
  • Hostname: localhost
  • Database: proftpd_admin
  • Database server : mysql
  • Subtype: Standard

ProFTPd

Enter the information as followed:

  • FTP root: /ftp
  • Default home directory: /ftp
  • Create user command: empty
  • Delete user command: /bin/bash /var/www/ftp/misc/user_script/delete_user.sh
  • Default shell: # /etc/shells: valid login shells

Filepaths

Enter the information as followed:

  • who: /usr/bin/who
  • df: /bin/df
  • ps: /bin/ps
  • sysctl: /sbin/sysctl
  • ftpwho: /usr/bin/ftpwho
  • Kernel configuration file: /boot/config-2.6.32-25-generic (check in your /boot the latest config file)
  • proftpd: /usr/sbin/proftpd

Extentions

  • Quota: enabled
    (if you can’t select enabled, check if you entered the above hack correct and include /etc/proftpd/modules.conf is present in your /etc/proftpd/proftpd.conf file.)

Step 9: Success!

Done! try to create a user in Users > Create User and try to login. Set some quotas, etc. Play with it and get to know the interface!

If you’re stuck somewhere, leeave a comment and I’ll try to help you out.

subutux

subutux wrote 34 posts

Post navigation


Comments

  • Samuelsson

    Love this guide. Have been looking a long time for an "up-to-date-guide". Thanks!

  • transient1

    Hi. Great guide, was exactly what I was looking for, so thanks! However, after getting everything installed and set up there are some odd inconsistencies. For example, I get the configure.php page and see a Submit button to commit my changes on all tabs except the Database tab, so the changes I made don't persist. There are also no extensions listed on the extensions tab at all.

    Also, under the main proFTPD Administrator section, the only tabs with content are About, Manual, and Configure. The others give me "The website cannot be displayed" errors. Weird, since all of those files are in the same directory. Any thoughts?

  • sham

    when starting Fatal: unknown configuration directive 'DisplayFirstChdir' on line 9 of '/etc/proftpd/proftpd.conf'

  • AdiP

    503: Login inccorect, no matter what I do. :D

  • Zara

    hi i get Fatal: unknown configuration directive 'DisplayFirstChdir' on line 9 of '/etc/proftpd/proftpd.conf'.
    when i try to restart the server

  • Nathan

    After adding the code to fix proftpd_admin for ubuntu.

    #exec($GLOBALS['config_path_to_proftpd'] . ‘ -l’, $modules);
    #Fix for ubuntu
    exec(“cat /etc/proftpd/modules.conf | egrep -v ”^#” | egrep -v ”^ModuleControlsACLs” | sed ‘s/LoadModule //g’ | egrep -v ”^ModulePath””,$modules);

    I get the following error in apache
    PHP Parse error: syntax error, unexpected 'for' (T_FOR) in /var/www/ftp/class_system.php on line 198

    Also don't you mean to comment out the lines? PHP comments are // for single line and /* */ for multi line.

Leave a Reply