I've got a group called 'ftpuser'. This group has user1 and this works great. When I look at /etc/group I see 'ftpuser:x:1002:user1'. When I check /etc/proftpd.conf I see 'DefaultRoot /var/www/user1.com user1'. This configuration worked for some time now. Now, I'd like to add user2 for my user2.com domain. I ran these commands: Code: useradd -g ftpuser -s /bin/ftp user2 usermod -G ftpuser passwd ftpuser and I edited /etc/proftpd.conf to say: Code: DefaultRoot /var/www ftpuser DefaultRoot /var/www/user1.com user1 DefaultRoot /var/www/user2.com user2 And restarted proftpd process. But the problem is that when I try connecting with user1, everything works great. When I try connecting with user2, it says "Incorrect login". What am I missing?
Typical, I solve my problem 5minutes after I post it in the forums I ran this: Code: useradd -g /var/www/user2.com -s /bin/ftp -g ftpuser user2 usermod -G ftpuser user2 passwd user2 I guess the problem was I never specified the user's home directory?
Darn. I just realized that I haven't solved my problem at all. Sure, I can login via FTP directly to /var/www/user2.com but that's only because thats user2's home directory. The problem persists... and advice?
Code: # # /etc/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # ServerName "Debian" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ DefaultRoot /var/www ftpuser DefaultRoot /var/www/domain.com domain DefaultRoot /var/www/domain2.com domain2 DefaultRoot ~ # Slow FTP ... UseReverseDNS off IdentLookups off # Uncomment this if you are using NIS or LDAP to retrieve passwords: #PersistentPasswd off # Uncomment this if you would use TLS module: #TLSEngine on # Uncomment this if you would use quota module: #Quotas on # Uncomment this if you would use ratio module: #Ratios on # Port 21 is the standard FTP port. Port 21 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User nobody Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. #DelayEngine off # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> This is my /etc/proftpd.conf To answer your question falko: no, this isnt really a *problem*, but I still haven't figured out how to create virtual users... like having 3 ftp accounts for the same /var/www/domain-something.com and each of them having different DefaultRoot directories... (just an example)
