proftpd, mass virtual hosting and symlinks

Marco Gonçalves info at kolorbit.com
Wed Jun 4 08:55:09 PDT 2003 

Use FTP,

i do virual hosting on my server, and since i use PureFTPd all muy trouble finished (at least with ftp sevice), i did it like this:
1 - intall pureftpd, with mysql support, so you can manage directly from mysql the ftp users
2 - dont run the ftp from inetd, you better with standalone via rc.d , here is the script that i made 


#!/bin/sh

case "$1" in
        start)
                /usr/local/sbin/pure-ftpd -A -l mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n ' pure-ftpd'
                ;;
        stop)
                /usr/bin/killall pure-ftpd > /dev/null && echo -n ' pure-ftpd'
                ;;
        restart)
                /usr/bin/killall pure-ftpd && /usr/local/sbin/pure-ftpd -A -l mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n ' pure-ftpd'
                ;;
        *)
                echo ""
                echo "Usage: `basename $0` { start | stop | restart }"
                echo ""
                exit 64
                ;;
esac

of course you have to have put the config file in /usr/local/etc/pureftpd-mysql.conf  chmod 600 root
you can have links with no problem working with chroot 

PureFTPd is good

Best regards,
Marco Gonçalves

  ----- Original Message ----- 
  From: Jez Hancock 
  To: FreeBSD ISP List 
  Sent: Wednesday, June 04, 2003 3:34 PM
  Subject: proftpd, mass virtual hosting and symlinks


  Hi all,

  Our webserver serves a large number of domains and the partitioning
  scheme is setup like this:

  /home - contains all shell related items for users (we allow shell logins)
  /www - contains all documentroots for the server

  A typical user's documentroot resides in:

  /home/user/web/example.com/www/

  which is a symlink to

  /www/example.com/www

  The idea was to save time on httpd requests by serving files from a
  dedicated partition and similar issues also exist for
  suexec cgi-bin trees and logfile trees.

  The problem then is that when a user logs in via proftpd, if we use
  'DefaultRoot ~' to chroot the users to their home directories, the user
  is unable to follow the symlink to their web docroot(s) because of the
  old chestnut with chrooting disallowing symlinks out of the chroot root
  directory.

  I've read through the manual for proftpd, particularly this:
  http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.html

  which suggests instead of symlinking, mount each (currently symlinked)
  directory in the target directory, something like:

  mount_null /www/example.com/www /home/user/web/example.com/www

  Questions:
  Is proftpd a viable option for mass vhosting given this type of
  partitioning scheme?  If so, how would I configure proftpd to handle symlinks
  whilst still not allowing users to break out of their home directory?

  If proftpd is not the best option - what other ftpd are recommended?  I
  understand PureFTPD implements a 'quasi' chrooting system via a module
  mod_vroot - is this a better option (proftpd also appears to have
  support for mod_vroot, but docs are sparse)?

  TIA,
  Jez
  _______________________________________________
  freebsd-isp at freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-isp
  To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"

More information about the freebsd-isp mailing list