FTP und Apache

Dieses Thema im Forum "Server Administration" wurde erstellt von Amok, 25. Okt. 2008.

  1. Amok

    Amok New Member

    Hallo

    Habe ein Proftpd Server nach diesem Howto auf gesetzt.

    http://www.howtoforge.de/howto/virtuelles-hosting-mit-proftpd-und-mysql-inkl-quota-auf-debian-etch/

    jetzt habe ich nur ein problem, das wenn ich das verzeichniss in meinen apache root habe , kann ich mich nicht ein loggen. das kommt weil z.B. /var/www/test dem benutzer www-data:www-data gehört ...

    Meine Frage wie kann ich es einstellen, das der Ftp user trotzdem da drauf hinzugreifen kann ?!

    Kann ich den user einfach der Gruppe www-data hinzufügen ?! oder wie genau muss ich das machen ?

    würde mich sehr über eine antwort freuen :)

    Greetz
    Amok
     
  2. Till

    Till Administrator

    Du musst einfach die uid des users www-data und die gid der Gruppe ww-data für Deinen virtuellen FTP User nehmen, wenn Du den FTP User in der MySQL anlegst.
     
  3. Amok

    Amok New Member

    Hallo habe es geändert ...

    uid = 33
    gid = 33

    Also in mysql ftpgroup habe ich das hinzugefügt
    www-data, 33, www-data

    und in ftpuser habe ich jeweil uid und gid in 33 geändert.

    Oct 26 13:06:13 mam-network.eu proftpd[8123] xx (xx[xx]): notice: unable to use '~/' [resolved to '/var/www/board/sig/']: Permission denied

    aber der ordner gehört www-data so wie der gruppe www-data

    wo ran kann das liegen ?
     
  4. Amok

    Amok New Member

    k einloggen geht nur wenn ich jett was hoch ladenl , bekome ich

    550 Neu Textdokument.txt: Permission denied

    Und egal mit welchen benutzer ich mich einlogge , bei Besitzer steht immer amok ob wohl ich z.B. mit den benutzer willy eingeloggt bin woran kann das liegen ?
     
    Zuletzt bearbeitet: 26. Okt. 2008
  5. Till

    Till Administrator

    Poste mal den Inhalt der proftpd.conf Datei.
     
  6. Amok

    Amok New Member

    Code:
    #
    # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    # 
    
    # Includes DSO modules
    Include /etc/proftpd/modules.conf
    
    # Set off to disable IPv6 support which is annoying on IPv4 only boxes.
    UseIPv6                off
    
    ServerName            "Debian"
    ServerType            standalone
    DeferWelcome            off
    
    MultilineRFC2228        on
    DefaultServer            on
    ShowSymlinks            on
    
    TimeoutNoTransfer        600
    TimeoutStalled            600
    TimeoutIdle            1200
    
    DisplayLogin                    welcome.msg
    DisplayChdir                   .message true
    ListOptions                    "-l"
    
    DenyFilter            \*.*/
    
    # Use this to jail all users in their homes 
    # DefaultRoot            ~
    
    # Users require a valid shell listed in /etc/shells to login.
    # Use this directive to release that constrain.
    # RequireValidShell        off
    
    # Port 21 is the standard FTP port.
    Port                21
    
    # In some cases you have to specify passive ports range to by-pass
    # firewall limitations. Ephemeral ports can be used for that, but
    # feel free to use a more narrow range.
    # PassivePorts                  49152 65534
    
    # If your host was NATted, this option is useful in order to
    # allow passive tranfers to work. You have to use your public
    # address and opening the passive ports used on your firewall as well.
    # MasqueradeAddress        1.2.3.4
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances            30
    
    # Set the user and group that the server normally runs at.
    User                proftpd
    Group                nogroup
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask                022  022
    # Normally, we want files to be overwriteable.
    AllowOverwrite            on
    
    # Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
    # PersistentPasswd        off
    
    # This is required to use both PAM-based authentication and local passwords
    # AuthOrder            *mod_auth_pam.c mod_auth_unix.c
    
    # Be warned: use of this directive impacts CPU average load!
    # Uncomment this if you like to see progress and transfer rate with ftpwho
    # in downloads. That is not needed for uploads rates.
    #
    # UseSendFile            off
    
    # Choose a SQL backend among MySQL or PostgreSQL.
    # Both modules are loaded in default configuration, so you have to specify the backend 
    # or comment out the unused module in /etc/proftpd/modules.conf.
    # Use 'mysql' or 'postgres' as possible values.
    #
    #<IfModule mod_sql.c>
    # SQLBackend            mysql
    #</IfModule>
    
    TransferLog /var/log/proftpd/xferlog
    SystemLog   /var/log/proftpd/proftpd.log
    
    <IfModule mod_quotatab.c>
    QuotaEngine off
    </IfModule>
    
    <IfModule mod_ratio.c>
    Ratios off
    </IfModule>
    
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default. 
    <IfModule mod_delay.c>
    DelayEngine on
    </IfModule>
    
    <IfModule mod_ctrls.c>
    ControlsEngine        off
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
    </IfModule>
    
    <IfModule mod_ctrls_admin.c>
    AdminControlsEngine off
    </IfModule>
    
    #
    # Alternative authentication frameworks
    #
    #Include /etc/proftpd/ldap.conf
    #Include /etc/proftpd/sql.conf
    
    #
    # This is used for FTPS connections
    #
    #Include /etc/proftpd/tls.conf
    
    # A basic anonymous configuration, no upload directories.
    
    # <Anonymous ~ftp>
    #   User                ftp
    #   Group                nogroup
    #   # We want clients to be able to login with "anonymous" as well as "ftp"
    #   UserAlias            anonymous ftp
    #   # Cosmetic changes, all files belongs to ftp user
    #   DirFakeUser    on ftp
    #   DirFakeGroup on ftp
    # 
    #   RequireValidShell        off
    # 
    #   # Limit the maximum number of anonymous logins
    #   MaxClients            10
    # 
    #   # We want 'welcome.msg' displayed at login, and '.message' displayed
    #   # in each newly chdired directory.
    #   DisplayLogin            welcome.msg
    #   DisplayFirstChdir        .message
    # 
    #   # Limit WRITE everywhere in the anonymous chroot
    #   <Directory *>
    #     <Limit WRITE>
    #       DenyAll
    #     </Limit>
    #   </Directory>
    # 
    #   # Uncomment this if you're brave.
    #   # <Directory incoming>
    #   #   # Umask 022 is a good standard umask to prevent new files and dirs
    #   #   # (second parm) from being group and world writable.
    #   #   Umask                022  022
    #   #            <Limit READ WRITE>
    #   #            DenyAll
    #   #            </Limit>
    #   #            <Limit STOR>
    #   #            AllowAll
    #   #            </Limit>
    #   # </Directory>
    # 
    # </Anonymous>
    
    
    DefaultRoot ~
    
    # The passwords in MySQL are encrypted using CRYPT
    SQLAuthTypes            Plaintext Crypt
    SQLAuthenticate         users groups
    
    # used to connect to the database
    # databasename@host database_user user_password
    SQLConnectInfo  ftp@localhost 
    
    # Here we tell ProFTPd the names of the database columns in the "usertable"
    # we want it to interact with. Match the names with those in the db
    SQLUserInfo     ftpuser userid passwd uid gid homedir shell
    
    # Here we tell ProFTPd the names of the database columns in the "grouptable"
    # we want it to interact with. Again the names match with those in the db
    SQLGroupInfo    ftpgroup groupname gid members
    
    # set min UID and GID - otherwise these are 999 each
    SQLMinID        500
    
    # create a user's home directory on demand if it doesn't exist
    SQLHomedirOnDemand on
    
    # Update count every time user logs in
    SQLLog PASS updatecount
    SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
    
    # Update modified everytime user uploads or deletes a file
    SQLLog  STOR,DELE modified
    SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
    
    # User quotas
    # ===========
    QuotaEngine on
    QuotaDirectoryTally on
    QuotaDisplayUnits Mb
    QuotaShowQuotas on
    
    SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
    
    SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
    
    SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
    
    SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies
    
    QuotaLimitTable sql:/get-quota-limit
    QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
    
    RootLogin off
    RequireValidShell off
    
    TimeoutNoTransfer 600
    TimeoutStalled 600
    TimeoutIdle 1200
    UseReverseDNS off
    IdentLookups off
    # Logging Formate
    LogFormat default "%h %l %u %t "%r" %s %b"
    LogFormat auth "%v [%P] %h %t "%r" %s"
    LogFormat write "%h %l %u %t "%r" %s %b"
    # Logging aktivieren
    # alle logins
    ExtendedLog /var/log/proftpd/ftp_auth.log AUTH auth
    # file/dir Zugriff
    ExtendedLog /var/log/proftpd/ftp_access.log WRITE,READ write
    # fuer paranoide (vorsicht, erzeugt grosse Logfiles)
    ExtendedLog /var/log/proftpd/ftp_paranoid.log ALL default
    DelayEngine off
     
  7. Till

    Till Administrator

    Setze bitte mal:

    SQLMinID 500

    auf:

    SQLMinID 33

    und starte proftpd neu.
     
  8. Amok

    Amok New Member

    ok danke jetzt geht alles so wie es soll
     

Diese Seite empfehlen