PureFTPd Server on FreeBSD

This HOWTO describe a good configuration of PureFTPd on FreeBSD in combination with MySQL.

PureFTPD
Written by M.Mastenbroek October 2003 / Document version 2.1 ( Updated 29 September 2005)

Index:

Foreword

This HowTo explains how to configure PureFTPd on FreeBSD.
The grey coloured boxes show the effective steps you will need to execute.

Before I decided to use PureFTPd I tried almost any available FTP server for FreeBSD.
One of the benefits of PureFTPd is the large scale of options that can be maintained for every individual FTP account. Eventual I found PureFTPd the best choice for FreeBSD.

Some advantages of PureFTPd:

*There are no exploits available for PureFTPd (source: http://packetstormsecurity.org)

Requirements

*This knowledge is not required for PureFTPd, but this HowTo contains a PureFTPd configuration in conjunction with a MySQL database.

Step 1 installation of PureFTPd & MySQL.

Installation of the MySQL server:

If there isn’t any MySQL server installed on your system you can follow these installation instructions to install a MySQL server.
If you already have a MySQL server installed you can start with the installation of the PurFTPd server.

Shell:
cd /usr/ports/databases/mysql40-server
make install clean

It’s also possible to choose for a different version of MySQL, for the working of PureFTPd server this will make no sense.

After the installation you need to add the following lines into your 'rc.conf' file located in your '/etc' directory.

Editor:
# MySQL Server 4.0
mysql_enable="YES"
mysqllimits_enable="NO"

After the installaltion you must start the MySQL server.

Shell:
/usr/local/etc/rc.d/mysql-server.sh start

Installation of the PureFTPd server:

Shell:
cd /usr/ports/ftp/pure-ftpd
make config


Configuration options for PureFTPd port.



The following configuration screen appears, I suggest that you should take over these values, make sure that at least the MySQL option is selected.

Shell:
make install clean

After the installation you need to add the following lines to your 'rc.conf' file located in your '/etc' directory.

Editor:
# Pure-FTPd
pureftpd_enable="YES"


Step 2 creating a MySQL database.

PureFTPd allow two types of user. If you decided to use the 'User manager for PureFTPd', you can go directly to the following step because the 'installation wizard' for this software will also creates this database.

First you need a valid MySQL user, for example the user root, with enough privileges to create a database, two tables and (for security reasons) an new MySQL user with restricted privileges. To find out if you are using a valid MySQL user you can execute the following command.

'MySQL -u=[username] -p[=password]'

For example:

Shell:
mysql -u root -psecret

If it works you will go directly to the MySQL prompt, otherwise you must change your username or password.
Hint, if have just install the MySQL server the root users doesn’t have a password jet, just execute the command without the option '-p'

When you succeed you can download the MySQL installation script and execute the following command.

Shell:
fetch "http://machiel.generaal.net/files/pureftpd/v2.x/script.mysql"
mysql -u root -psecret < script.mysql

If there are no messages after the execution of this command than the sql script did his job. You now have created a new database users called 'ftp', and you created a database called 'ftpuser' with 2 tables.

Warning, don’t execute this command more than ones, this will irrevocable lead to errors

Step 3 configuration of PureFTPd.

This configuration, a PureFTPd server in conjunction with a MySQL database, needs the following two configuration files.
  1. pure-ftpd.conf: This file contains the main configuration of the FTP server for example: Maximum number of clients or the location of the LOG files.
  2. pureftpd-mysql.conf: This file tells the PureFTPd server how to handle the database.
Both files doesn’t exist when you just installed the the PureFTPd server, but the PureFTPd packages gives you 2 example files located in the '/usr/local/etc' directory. The first file is from the packages, the second one you can download from this website because there are to many differences between the sample file and the changes you else should have to do.

Go to the directory and copy / download those two files.

Shell:
cd /usr/local/etc
cp pure-ftpd.conf.sample pure-ftpd.conf
fetch "http://machiel.generaal.net/files/pureftpd/v2.x/pureftpd-mysql.conf"

Now you have both files, only the first one needed a small modification.

Edit the configuration file 'pure-ftpd.conf' and make sure that following line with the attribute 'MySQLConfigFile' is enabled and points to the right location.

Editor:
# MySQL configuration file (see README.MySQL)
MySQLConfigFile /usr/local/etc/pureftpd-mysql.conf

Step 4 start PureFTPd.

To start the PureFTPd server you have to execute the following line.

Shell:
/usr/local/etc/rc.d/pure-ftpd.sh start

And if you wish to stop the server just execute '/usr/local/etc/rc.d/pure-ftpd.sh stop'

Now you can manage your virtual ftp user by using a MySQL client.
You could use the command line MySQL client but there are also free graphical clients available. For example on the website of MySQL (http://www.mysql.org) you can download a graphical Linux, FreeBSD or Windows client called ‘MySQLGUI’. (also available in the port collection of FreeBSD ‘/usr/ports/databases/mysql-gui’)
A other option is to follow the next step in this document and install the User manager for PureFTPd.

Software requirements for User manager for PureFTPd (optionally)


The User manager for PureFTPd allows administrators to easily create, change, or delete 'virtual' PureFTPd users.

Before you can install this software you need the following extra packages.

When you have already installed those packages you can go to the next step where you will find the installation instructions how to install the User manager for PureFTPd.

If you don’t have installed Apache you can follow these installation instructions to install Apache2.

Shell:
cd /usr/ports/www/apache2
make install clean

After the installation you need to add the following lines to your 'rc.conf' file located in your '/etc' directory.

Editor:
# Apache 2
apache2_enable="YES"

If you don’t have installed PHP Apache Module you can follow these installation instructions to install mod_php5.

Shell:
cd /usr/ports/www/mod_php5
make install clean

Make sure that you select APACHE2 during the installation process when you are using Apache 2

[X] APACHE2 Use apache 2.x instead of apache 1.3.x

After the installation of mod_php5 you should add the following to your Apache configuration file called 'httpd.conf' located in the '/usr/local/etc/apache2' directory.

Editor:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

Add also the attribute 'index.php' to the 'DirectoryIndex' parameter.
The result should look like this.

Editor:
DirectoryIndex index.php index.html index.html.var

If you don’t have installed PHP Extensions you can follow these installation instructions to install php5-extensions.

Shell:
cd /usr/ports/lang/php5-extensions
make config
make install clean

During the installation process you need to select the extensions you wish to install.
I suggest that you will not remove a default selected extension and only add the extension 'MYSQL' that is not selected by default.

Anyway, the minimum extensions required for the User manager for PureFTPd are:

[X] MYSQL MySQL database support
[X] PCRE Perl Compatible Regular Expression support
[X] POSIX POSIX-like functions
[X] SESSION session support

Finally if you just installed or changed one of those packages you will need to start / restart your web server to activate the changes you made.

Execute the following command to start / restart the Apache webserver.

Shell:
apachectl restart

Installation User manager for PureFTPd (optionally)

In this step you will find the installation instructions how to install the User manager for PureFTPd.

First you will need to download and extract this software in your 'www' directory of your web server. The following commands will do this, the last command prepares the config.php file by changing the owner of the file. Apache is now allowed to change the content of this file.

Shell:
cd /usr/local/www/data
fetch "http://machiel.generaal.net/files/pureftpd/ftp_v2.1.tar.gz"
tar -xvzf ftp_v2.1.tar.gz
cd ftp
chown www config.php

The last thing you have to do is running the 'installation wizard' called 'install.php' in your web browser.
This software will lead you step by step through the configuration of the User manager for PureFTPd.

Installation Wizard.

Web based pure-ftpwho (optionally)

With the 'pure-ftpwho' commando the root user can see the actual status of the ftp server. This program is part of the PureFTPd distribution and can only executed by the root user. The pure-ftpwho command has a option to generate html output, this makes it possible to easily create a cgi application for your web server. The problem here is that for security reasons the web server doesn’t execute cgi applications at root level. To solve this problem I have made the following solution.

Create the following file 'ftpstatus.c' in your 'cgi-bin' directory of your web server (The default cgi-bin directory from Apache is '/usr/local/www/cgi-bin/') and take over this content.

Editor:
#include <stdlib.h>

int main(int argc, char *argv[])
{
  system("/usr/local/sbin/pure-ftpwho -H -w");
  return 0;
}

Compile the source code and change the execute rights. After that it doesn’t make any sense witch user execute the program, from now on the program will always have the permissions of the owner, in this case that will be the root user.

Shell:
cc -Wall -o ftpstatus ftpstatus.c
chmod 755 ftpstatus
chmod ug+s ftpstatus

The source file called 'ftpstatus.c' is not longer needed and can be removed. The status of the ftp server can now be viewed in your web browser. The address is something like this 'http://myipaddress.com/cgi-bin/ftpstatus’ change the text ‘myipaddress.com’ in your own ip-address or domain name.

The output of the cgi application in your web browser could look like this.

PureFTPd server activity.
F.A.Q.

Links to other sources

http://www.pureftpd.org/
The original web site of the PureFTPd developers.
http://www.solariz.de/Ffiledb/filedb.php?action=fileinfo&id=1
A (other) PHP script to manage virtual PureFTPd users.
http://www.google.com/bsd
And of course my favorite search machine www.google.com or www.google.com/bsd.
http://machiel.generaal.net/index.php?subject=pureftpd
Here you can find the Dutch version of this HOWTO.

P.S. Links to Dutch websites you can found in the Dutch version of this HOWTO.

Back