Pure-FTPd with MySQL backend

Pure-FTPd is a free, secure, production-quality and standard-conformant FTP server. It doesn’t provide useless bells and whistles, but focuses on efficiency and ease of use. It provides simple answers to common needs, plus unique useful features for personal users as well as hosting providers.

In this tutorial we’ll install Pure-FTPd with MySQL backend.

Install Pure-FTPd with mysql backend
apt-get install pure-ftpd-mysql


Create user and group used to run the ftp server
groupadd -g 2001 ftpgroup
useradd -u 2001 -s /bin/false -d /bin/null -c "pureftpd user" -g ftpgroup ftpuser


Create database and a table that will store user information
mysql -u root -p
GRANT SELECT ON ftpd.* TO vhosts@localhost IDENTIFIED BY 'mypasswd';
FLUSH PRIVILEGES;
CREATE DATABASE ftpd;
USE ftpd;
 
CREATE TABLE users (
user varchar(30) NOT NULL,
password varchar(64) NOT NULL,
home varchar(128) NOT NULL,
bandwidth_limit_upload smallint(5) NOT NULL default 0,
bandwidth_limit_download smallint(5) NOT NULL default 0,
ip_allow varchar(15) NOT NULL default 'any',
quota smallint(5) NOT NULL default '0',
quota_files int(11) NOT NULL default 0,
active enum('yes','no') NOT NULL default 'yes',
PRIMARY KEY (user),
UNIQUE KEY User (user)
) TYPE=MyISAM;
 
INSERT INTO users (user, password, home) VALUES ('username', MD5('mypasswd'), '/home/username');
 
quit;


You will be able to control bandwidth limits and quotas for each user. Using zero for these fields will allow unlimited use of resources. The bandwidth limits are specified in KB/s and the quota in MB.

Configure Pure-ftpd (pico /etc/pure-ftpd/db/mysql.conf). Remove everything from the default configuration file and add these lines:
MYSQLSocket /var/run/mysqld/mysqld.sock
MYSQLUser vhosts
MYSQLPassword mypasswd
MYSQLDatabase ftpd
MYSQLCrypt md5
MYSQLDefaultUID 2001
MYSQLDefaultGID 2001
MYSQLGetPW SELECT password FROM users WHERE user = "\L" AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MYSQLGetDir SELECT home FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetBandwidthUL SELECT bandwidth_limit_upload FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetBandwidthDL SELECT bandwidth_limit_download FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetQTASZ SELECT quota FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")
MySQLGetQTAFS SELECT quota_files FROM users WHERE user = "\L"AND active = "yes" AND (ip_allow = "any" OR ip_allow LIKE "\R")


Create these simple text files that will force the server to create home directories for users if they don’t exist and chroot the user to it’s home directory:

pico /etc/pure-ftpd/conf/ChrootEveryone
yes


pico /etc/pure-ftpd/conf/CreateHomeDir
yes


Since we are using pure-ftpd-mysql insted of pure-ftpd, make the following change (pico /usr/sbin/pure-ftpd-wrapper):
my $daemon = '/usr/sbin/pure-ftpd-mysql';


Restart Pure-ftpd
/etc/init.d/pure-ftpd-mysql restart


We’re all done. You should be able to make connections to the servers with your favorite FTP client.

—

Update – 29th October 2008

I’ve had problems with debian-minimal installations where the ftp server simply won’t start and doesn’t leave any trace in the log files. To fix that I had to make one minor change to the inetd config file (pico /etc/inetd.conf):

ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-mysql


Open the config file and in the ftp line, change pure-ftpd-wrapper to pure-ftpd-mysql

When done, restart inetd:

/etc/init.d/openbsd-inetd restart


—

Update – 20th April 2010

In lenny, use this command to restart the service or change the variable STANDALONE_OR_INETD to standalone in /etc/default/pure-ftpd-common:

/etc/init.d/openbsd-inetd restart