Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
Witam
Potrzebuje postawić serwer ftp, padlo na proftpd. Logowanie na serwer z użyciem kont tworzonych w systemie dziala ale chcialbym tworzyć je przez ftpasswd, coby bylo bezpieczniej
do tworzenia kont uzywam tego skrypta :
#!/bin/sh if [ $# -lt 2 ] ; then echo "podaj jako pierwszy parametr nazwe uzytkownika, jako drugi parametr jego folder" else ftpasswd --passwd --file /etc/proftpd/ftpd.passwd --name $1 --home /home/$2 -p --uid 2007 --shell /bin/false mkdir -p /home/$2 chown -R proftpd:nogroup /home/$2 chmod 751 /home/$2 fi
Tu konfiguracja proftpd:
# # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # # Includes DSO modules Include /etc/proftpd/modules.conf # Set off to disable IPv6 support which is annoying on IPv4 only boxes. UseIPv6 on # If set on you can experience a longer connection delay in many cases. IdentLookups off ControlsSocket /var/run/proftpd.sock ServerName "Debian" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayChdir .message true ListOptions "-l" DenyFilter \*.*/ # Use this to jail all users in their homes DefaultRoot ~ #sciezka do pliku z userami i grupami ftp AuthUserFile /etc/proftpd/ftpd.passwd # Users require a valid shell listed in /etc/shells to login. # Use this directive to release that constrain. RequireValidShell off # Port 21 is the standard FTP port. Port 21 # In some cases you have to specify passive ports range to by-pass # firewall limitations. Ephemeral ports can be used for that, but # feel free to use a more narrow range. # PassivePorts 49152 65534 # If your host was NATted, this option is useful in order to # allow passive tranfers to work. You have to use your public # address and opening the passive ports used on your firewall as well. # MasqueradeAddress 1.2.3.4 # This is useful for masquerading address with dynamic IPs: # refresh any configured MasqueradeAddress directives every 8 hours <IfModule mod_dynmasq.c> # DynMasqRefresh 28800 </IfModule> # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User proftpd Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords: # PersistentPasswd off # This is required to use both PAM-based authentication and local passwords AuthOrder mod_auth_pam.c* mod_auth_unix.c TLSEngine off # Be warned: use of this directive impacts CPU average load! # Uncomment this if you like to see progress and transfer rate with ftpwho # in downloads. That is not needed for uploads rates. # # UseSendFile off TransferLog /var/log/proftpd/xferlog SystemLog /var/log/proftpd/proftpd.log <IfModule mod_quotatab.c> QuotaEngine off </IfModule> <IfModule mod_ratio.c> Ratios off </IfModule> # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine off ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine off </IfModule> # # Alternative authentication frameworks # #Include /etc/proftpd/ldap.conf #Include /etc/proftpd/sql.conf # # This is used for FTPS connections # #Include /etc/proftpd/tls.conf # # Useful to keep VirtualHost/VirtualRoot directives separated # #Include /etc/proftpd/virtuals.con
userzy sie tworza w pliku /etc/proftpd/ftpd.passwd ale przy probie logowania w logach wyskakuje :
13 19:57:58 vps11119 proftpd[7432] host-195-117-191-78.vps-vmware.pl (87-205-161-73.adsl.inetia.pl[::ffff:87.205.161.73]): FTP session opened. sie 13 19:57:58 vps11119 proftpd[7432] host-195-117-191-78.vps-vmware.pl (87-205-161-73.adsl.inetia.pl[::ffff:87.205.161.73]): USER test1: no such user found from 87-205-161-73.adsl.inetia.pl [::ffff:87.205.161.73] to ::ffff:195.117.191.78:21 sie 13 19:57:59 vps11119 proftpd[7432] host-195-117-191-78.vps-vmware.pl (87-205-161-73.adsl.inetia.pl[::ffff:87.205.161.73]): FTP session closed.
probowalem zmieniac uprawnienia ale to nic nie daje ...
Offline
Najprościej zrobisz to z mysql'em.
Dodajesz usera i hasło do tabelki w bazie, a w proftpd włączasz opcję autocreate home, i po sprawie.
Z ftppasswd automatyczne tworzenie folderu użyszkodnika też pójdzie, i przy okazji ustawi uprawnienia.
Sznurki:
http://www.proftpd.org/docs/directives/linked/confi … eateHome.html
http://www.proftpd.org/docs/howto/SQL.html
http://www.howtoforge.com/proftpd_mysql_virtual_hosting
To by było na tyle
:craz:
Ostatnio edytowany przez Jacekalex (2011-08-14 00:10:59)
Offline
OT:
Jacekalex napisał(-a):
:craz:
Co to? :D
Offline