Installing Pure-FTPd with MySql backend on squeeze

Pure-FTPd is actively supported, and it was always designed with security in mind. It doesn’t provide useless bells and whistles, but focuses on efficiency and ease of use.

The server can run with privilege separation for paranoid security. It can even run 100% non-root, with its built-in chroot() emulation and virtual accounts.

1. Install the Pure-FTPd package
apt-get install pure-ftpd-mysql

2. Create user and group used to run the server
groupadd -g 2001 ftpgroup
useradd -u 2001 -s /bin/false -d /bin/null -c "pureftpd user" -g ftpgroup ftpuser

3. Create database and a table that will store user information
mysql -u root -p
CREATE DATABASE {database};
USE ftpd;
 
CREATE TABLE users (
user varchar(30) NOT NULL,
password varchar(64) NOT NULL,
home varchar(128) NOT NULL,
bandwidth_limit_upload smallint(5) NOT NULL default 0,
bandwidth_limit_download smallint(5) NOT NULL default 0,
ip_allow varchar(15) NOT NULL default 'any',
quota smallint(5) NOT NULL default '0',
quota_files int(11) NOT NULL default 0,
active enum('yes','no') NOT NULL default 'yes',
PRIMARY KEY (user),
UNIQUE KEY User (user)
) TYPE=MyISAM;
 
INSERT INTO users (user, password, home) VALUES ('username', MD5('mypasswd'), '/home/username');
 
GRANT SELECT ON {database}.* TO {username}@localhost IDENTIFIED BY '{password}';
FLUSH PRIVILEGES;
 
quit;

Replace {database} with a name of your new database containing the FTP user table, {username} with a new MySql database user that will be able to access the FTP user table (used by Pure-FTPd) and {password} with a strong password that you only have to enter once in the Pure-FTPd config files.

You will be able to control bandwidth limits and quotas for each user. Using zero for these fields will allow unlimited use of resources. The bandwidth limits are specified in KB/s and the quota in MB.

4. Create a config file for Pure-FTPd. Open the /etc/pure-ftpd/db/mysql.conf file with a text editor (ex. pico /etc/pure-ftpd/db/mysql.conf). Remove everything from the default config file and add these lines add:
MYSQLSocket /var/run/mysqld/mysqld.sock
MYSQLUser {username}
MYSQLPassword {password}
MYSQLDatabase {database}
MYSQLCrypt md5
MYSQLDefaultUID 2001
MYSQLDefaultGID 2001
MYSQLGetPW SELECT password FROM users WHERE user = "\L" AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MYSQLGetDir SELECT home FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetBandwidthUL SELECT bandwidth_limit_upload FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetBandwidthDL SELECT bandwidth_limit_download FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetQTASZ SELECT quota FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetQTAFS SELECT quota_files FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")

5. Create simple yes/no text files to configure features, first make sure users are chrooted to it’s home directory:
echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone

6. If user’s home directory doesn’t exist, create it.
echo "yes" > /etc/pure-ftpd/conf/CreateHomeDir

7. Restart Pure-ftpd
/etc/init.d/pure-ftpd-mysql restart

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>