Torqzone

Abstract

This article will explain how to install and configure pure-ftpd server on openSuSE linux. We will configure it to use virtual users through pure-ftpd’s own database. This article will also explain how to setup pure-ftpd with MySQL based authentication.

Installation

Log in to your box and open up YaST (yast2). Then navigate to Software Management:

There search for pure-ftpd (you may even enter exactly like this). Agree to install it. This will install all the configuration files and init scripts needed for pure-ftpd to run. At this point, if you do not have mysql-server package installed, please do so, as it will be needed in the last section of this tutorial, explaining how to configure pure-ftpd with MySQL.

Configuration

By default pure-ftpd uses PAM authentication, which is great for personal use, but not generally recommended, as it is bad to use your account passwords as FTP passwords, because they are sent in clear text to the server.

So what we need to do now is go to /etc/pure-ftpd/pure-ftpd.conf and change the following lines for the server to work properly:

• AnonymousOnly must be set to no, else you will not be able to log in
• NoAnynymous should be set to yes, otherwise you will have a public ftp
• PAMAuthentication should be set to no (it is on by default)

PureDB should be un-commented and pointing to the location on the screenshot below:

I would also advise to change the Umask to 137:027 for simpler security and set AutoRename to no, otherwise if you upload a file with the same name it will not be overwritten, but given a different name (which is not what most people expect). Also NoRename should be set to no, else you will not be able to rename the files, which is also not convenient. Ok, now save and close the file. You can start the server now with /etc/init.d/pure-ftpd start

Adding a User

Users are now added with the pure-pw utility. If you just type pure-pw you will see how powerful this tool really is. Right now I will only go over the basics of user creation.

First you need to find out which system user needs to use the ftp account. This is necessary for the ftp server to properly assign user permissions to the uploaded file, so for instance we have a system user tester, who belongs to the users group. To create an ftp account for this user we will use:

pure-pw useradd tester_ftp -u tester -g users -d /home/tester/public_html

this will ask you for the user password and then add the user. Obviously, as you can see it will point the ftp account to the public_html directory. There is also a number of options and restrictions you can apply to the user and you can see those in reply of the pure-pw utility.

After this step one needs to compile the database using pure-pw mkdb. This will create the pdb file needed by the server. No restart is necessary, which makes this a very clean approach to user adding.

Who is on my ftp server right now

Pure-ftpd provides many useful utilities, one of my favorites is the pure-ftpwho, which shows all logged in users and what they are doing. It can also export the list as xml, which is great for integration with other applications.

MySQL Based authentication

For this to work you need to perform several steps. First check that the MySQL server is installed and running. Try something like /etc/init.d/mysql status. If you see something other, than running you need to check what is the problem.  If it is running login to the database server as some user, who can create databases and users and type the following:

create database pureftpd;

grant all on pureftpd.* to pureftpd@localhost identified by ‘ftpdpassword’;

Replace the ftpdpassword with some password, which is more secure.

Then create the table, where users will be stored:

CREATE TABLE ftpd (
User varchar(16) NOT NULL default ”,
status enum(’0′,’1′) NOT NULL default ‘0′,
Password varchar(64) NOT NULL default ”,
Uid varchar(11) NOT NULL default ‘-1′,
Gid varchar(11) NOT NULL default ‘-1′,
Dir varchar(128) NOT NULL default ”,
ULBandwidth smallint(5) NOT NULL default ‘0′,
DLBandwidth smallint(5) NOT NULL default ‘0′,
comment tinytext NOT NULL,
ipaccess varchar(15) NOT NULL default ‘*’,
QuotaSize smallint(5) NOT NULL default ‘0′,
QuotaFiles int(11) NOT NULL default 0,
PRIMARY KEY (User),
UNIQUE KEY User (User)
) TYPE=MyISAM;

This database is basically a replica of what you have see while executing the pure-pw utility and it allows you to store all the information you can enter into the pure-db database.

Now, you need to tell pure-ftpd how to access the dabase. You need to create the

/etc/pure-ftpd/pureftpd-mysql.conf file and put the text there as follows:

Also, replace the password with the string you typed previously.

Now, open up the /etc/pure-ftpd/pure-ftpd.conf file and uncomment the MySQLConfigFile.  I would also recommend commenting out the PureDB line, as it could get confusing if you have users with the same name here and there.

Now, you can restart the server and enter users into the database table. The server will immediately pick them up, so no restart will be necessary.

Abstract

This article describes setup of lighttpd web server for virtual hosting support using evhost module. The presentation operating system is openSuSE 10.3, however it does work in a similar way on other linux distributions.

Checking module status

There are several ways lighttpd could support virtual hosting. Lighttpdeven supports MySQL based virtual hosts, we will explain how to set it up using the evhost module. This module comes standard in openSuSE, however it is disabled by default. Go to /etc/lighttpd/modules.conf and find the line for evhost module. Please read the comments posted in this file, which say, that only 1 virtual hosting module could be loaded at a time. If simple vhost module is included, comment it out with a # sign and remove the # sign from the include line for evhost. In the end it should look like this:

Configuration of the evhost module

Now, that the module is loaded it needs to be configured. At this point you need to decide where do you want to store all your site files (of course if you want sites to link to user public_html directories you could use a default path and then create symlinks to public_html directories). We are not dealing with public shared hosting and I personally don’t like to store website files on the root file system (because sites can grow unpredictably and use up all space causing issues), so I changed the server root to /home/www and assigned correct permissions there (lighttpd:lighttpd). The vhosts dirparameter was left un-touched as it is fine to append vhosts to server root. The end result should look similar to this:

At this point we need to look at the evhost.conf file in the conf.d directory. It configures the patters, which tell lighttpd how to process the domain name and where to get the files from. Please note, that this is just a routing file and you don’t need to put domain-specific configuration inside of it (like mod_rewrite or custom log, etc). The comments inside this file are very self-explanatory and you can configure the service how you want to. For me the result is show below:

What this config does, it it appends the domain name + tld to the vhosts dir, which is /home/www/vhosts and also appends the htdocs dir where the end files will be located. The htdocs put here is used for backups and to prevent a mess. I backup only the htdocs directory and put the tgz file in the respective domain + tld directory. If you do not need this, you can skip this directory.  So if we take an example to domain www.torqzone.com, then the path to it would be /home/www/vhosts/torqzone.com/htdocs .

If I wanted to create a torqzone.net domain I could simply symlink the torqzone.net to torqzone.com and it would work instantly.

Custom vhost configuration

As I mentioned previously you will need some specific settings for every domain (log files, etc). I like to put these settings into vhosts.d dir (although you are not obliged to to id, but it keeps things clean).

An example of such a configuration for torqzone.com is shown below:

The reason why the $HTTP["host"] is not == to the domain is because I want subdomains to point to the same place as the main domain is pointing. So if I type www.torqzone.com it works the same as torqzone.com.

The log filename links to the log for this domain. This is necessary to provide access statistics through any log analizer application like webalizer or awstats. Please note, that in the log_root (which is /var/log/lighttpd) I have created a directory torqzone.com, please do not forget to assign appropriate permissions to it.

This is it

After these steps you should be able to server multiple domains names on the server.