ProFTPD-1.3.0

Introduction to ProFTPD

The ProFTPD package contains a secure and highly configurable FTP daemon. This is useful for serving large file archives over a network.

Package Information

ProFTPD Dependencies

Optional

Linux-PAM-0.99.10.0

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/proftpd

Installation of ProFTPD

For security reasons, you should install ProFTPD using an unprivileged user and group. As the root user:

groupadd -g 46 proftpd &&
useradd -c proftpd -d /srv/ftp -g proftpd \
        -s /usr/bin/proftpdshell -u 46 proftpd &&
install -v -d -m775 -o proftpd -g proftpd /srv/ftp &&
ln -v -s /bin/false /usr/bin/proftpdshell &&
echo /usr/bin/proftpdshell >> /etc/shells

Install ProFTPD as an unprivileged user by running the following commands:

./configure --prefix=/usr --sysconfdir=/etc \
    --localstatedir=/var/run &&
make

Now, as the root user:

make install

Command Explanations

install -v -d -m775 -o proftpd -g proftpd /srv/ftp: Create the home directory for ProFTPD.

ln -v -s /bin/false /usr/bin/proftpdshell: Set the default shell as a link to an invalid shell.

echo /usr/bin/proftpdshell >> /etc/shells: Fake a valid shell for compatibility purposes.

[Note]

Note

The above two commands can be omitted if the following directive is placed in the configuration file:

RequireValidShell off

By default, proftpd will require that users logging in have valid shells. The RequireValidShell directive turns off this requirement. This is only recommended if you are setting up your FTP server exclusively for anonymous downloads.

--sysconfdir=/etc: This prevents the configuration files from going to /usr/etc.

--localstatedir=/var/run: This uses /var/run instead of /usr/var for lock files.

Configuring ProFTPD

Config Files

/etc/proftpd.conf

Configuration Information

This is a simple, download-only sample configuration. See the ProFTPD documentation in /usr/share/doc/proftpd and consult the website at http://www.proftpd.org/ for example configurations.

cat > /etc/proftpd.conf << "EOF"
# This is a basic ProFTPD configuration file
# It establishes a single server and a single anonymous login.

ServerName                      "ProFTPD Default Installation"
ServerType                      standalone
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            proftpd
Group                           proftpd

# Normally, files should be overwritable.
<Directory /*>
  AllowOverwrite                on
</Directory>

# A basic anonymous configuration, no upload directories.
<Anonymous ~proftpd>
  User                          proftpd
  Group                         proftpd
  # Clients should be able to login with "anonymous" as well as "proftpd"
  UserAlias                     anonymous proftpd

  # Limit the maximum number of anonymous logins
  MaxClients                    10

  # 'welcome.msg' should be displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>
EOF

Boot Script

Install the /etc/rc.d/init.d/proftpd init script included in the blfs-bootscripts-20080816 package.

make install-proftpd

Contents

Installed Programs: ftpcount, ftpdctl, ftptop, ftpwho, ftpshut, proftpd
Installed Libraries: None
Installed Directory: /var/run/proftpd

Short Descriptions

proftpd

is the FTP daemon.

ftpcount

shows the current number of connections.

ftpshut

shuts down all proftpd servers at a given time.

ftptop

displays running status on connections.

ftpwho

shows current process information for each session.

Last updated on 2007-07-06 16:22:19 -0500