source: server/major/proftpd.xml@ cbfe279

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
   "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../../general.ent">
  %general-entities;

  <!ENTITY proftpd-download-http "http://ftp.proftpd.org/distrib/source/proftpd-&proftpd-version;.tar.bz2">
  <!ENTITY proftpd-download-ftp  "ftp://ftp.proftpd.org/distrib/source/proftpd-&proftpd-version;.tar.bz2">
  <!ENTITY proftpd-md5sum        "5feb4a7348e12faefc25e34fd92efdd6">
  <!ENTITY proftpd-size          "901 KB">
  <!ENTITY proftpd-buildsize     "7.3 MB">
  <!ENTITY proftpd-time          "0.27 SBU">
]>

<sect1 id="proftpd" xreflabel="ProFTPD-&proftpd-version;">
  <?dbhtml filename="proftpd.html"?>

  <sect1info>
    <othername>$LastChangedBy$</othername>
    <date>$Date$</date>
    <keywordset>
      <keyword role="package">proftpd-&proftpd-version;.tar</keyword>
      <keyword role="ftpdir">proftpd</keyword>
    </keywordset>
  </sect1info>

  <title>ProFTPD-&proftpd-version;</title>

  <indexterm zone="proftpd">
    <primary sortas="a-proftpd">Proftpd</primary>
  </indexterm>

  <sect2 role="package">
    <title>Introduction to ProFTPD</title>

    <para>The <application>ProFTPD</application> package contains a secure
    and highly configurable FTP daemon. This is useful for serving large
    file archives over a network.</para>

    <bridgehead renderas="sect3">Package Information</bridgehead>
    <itemizedlist spacing="compact">
      <listitem>
        <para>Download (HTTP): <ulink url="&proftpd-download-http;"/></para>
      </listitem>
      <listitem>
        <para>Download (FTP): <ulink url="&proftpd-download-ftp;"/></para>
      </listitem>
      <listitem>
        <para>Download MD5 sum: &proftpd-md5sum;</para>
      </listitem>
      <listitem>
        <para>Download size: &proftpd-size;</para>
      </listitem>
      <listitem>
        <para>Estimated disk space required: &proftpd-buildsize;</para>
      </listitem>
      <listitem>
        <para>Estimated build time: &proftpd-time;</para>
      </listitem>
    </itemizedlist>

    <bridgehead renderas="sect3">ProFTPD Dependencies</bridgehead>

    <bridgehead renderas="sect4">Optional</bridgehead>
    <para role="optional"><xref linkend="linux-pam"/></para>

    <para condition="html" role="usernotes">User Notes:
    <ulink url="&blfs-wiki;/proftpd"/></para>

  </sect2>

  <sect2 role="installation">
    <title>Installation of ProFTPD</title>

    <para>For security reasons, you should install
    <application>ProFTPD</application> using an unprivileged user and group.
    As the <systemitem class="username">root</systemitem> user:</para>

<screen role="root"><userinput>groupadd -g 46 proftpd &amp;&amp;
useradd -c proftpd -d /srv/ftp -g proftpd \
        -s /usr/bin/proftpdshell -u 46 proftpd &amp;&amp;
install -v -d -m775 -o proftpd -g proftpd /srv/ftp &amp;&amp;
ln -v -s /bin/false /usr/bin/proftpdshell &amp;&amp;
echo /usr/bin/proftpdshell &gt;&gt; /etc/shells</userinput></screen>

    <para>Install <application>ProFTPD</application> as an unprivileged user by
    running the following commands:</para>

<screen><userinput>./configure --prefix=/usr --sysconfdir=/etc \
    --localstatedir=/var/run &amp;&amp;
make</userinput></screen>

    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>

<screen role="root"><userinput>make install</userinput></screen>

  </sect2>

  <sect2 role="commands">
    <title>Command Explanations</title>

    <para><command>install -v -d -m775 -o proftpd -g proftpd
    /srv/ftp</command>: Create the home directory for
    <application>ProFTPD</application>.</para>

    <para><command>ln -v -s /bin/false /usr/bin/proftpdshell</command>:
    Set the default shell as a link to an invalid shell.</para>

    <para><command>echo /usr/bin/proftpdshell &gt;&gt;
    /etc/shells</command>: Fake a valid shell for compatibility purposes.</para>

    <note>
      <para>The above two commands can be omitted if the following directive is
      placed in the configuration file:</para>

<screen><literal>RequireValidShell off</literal></screen>

      <para>By default, proftpd will require that users logging in have valid
      shells. The RequireValidShell directive turns off this requirement. This
      is only recommended if you are setting up your FTP server exclusively
      for anonymous downloads.</para>
    </note>

    <para><parameter>--sysconfdir=/etc</parameter>: This prevents the
    configuration files from going to
    <filename class="directory">/usr/etc</filename>.</para>

    <para><parameter>--localstatedir=/var/run</parameter>:
    This uses <filename class="directory">/var/run</filename> instead of
    <filename class="directory">/usr/var</filename> for lock files.</para>

  </sect2>

  <sect2 role="configuration">
    <title>Configuring ProFTPD</title>

    <sect3 id='proftpd-config'>
      <title>Config Files</title>

      <para><filename>/etc/proftpd.conf</filename></para>

      <indexterm zone="proftpd proftpd-config">
        <primary sortas="e-etc-proftpd">/etc/proftpd.conf</primary>
      </indexterm>

    </sect3>

    <sect3>
      <title>Configuration Information</title>

      <para>This is a simple, download-only sample configuration. See the
      <application>ProFTPD</application> documentation in
      <filename class="directory">/usr/share/doc/proftpd</filename> and
      consult the website at <ulink url="http://www.proftpd.org/"/> for
      example configurations.</para>

<screen role="root"><userinput>cat &gt; /etc/proftpd.conf &lt;&lt; "EOF"
<literal># This is a basic ProFTPD configuration file
# It establishes a single server and a single anonymous login.

ServerName                      "ProFTPD Default Installation"
ServerType                      standalone
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            proftpd
Group                           proftpd

# Normally, files should be overwritable.
&lt;Directory /*&gt;
  AllowOverwrite                on
&lt;/Directory&gt;

# A basic anonymous configuration, no upload directories.
&lt;Anonymous ~proftpd&gt;
  User                          proftpd
  Group                         proftpd
  # Clients should be able to login with "anonymous" as well as "proftpd"
  UserAlias                     anonymous proftpd

  # Limit the maximum number of anonymous logins
  MaxClients                    10

  # 'welcome.msg' should be displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  &lt;Limit WRITE&gt;
    DenyAll
  &lt;/Limit&gt;
&lt;/Anonymous&gt;</literal>
EOF</userinput></screen>

    </sect3>

    <sect3  id="proftpd-init">
      <title>Boot Script</title>

      <para>Install the <filename>/etc/rc.d/init.d/proftpd</filename> init
      script included in the <xref linkend="bootscripts"/>
      package.</para>

      <indexterm zone="proftpd proftpd-init">
        <primary sortas="f-proftpd">proftpd</primary>
      </indexterm>

<screen role="root"><userinput>make install-proftpd</userinput></screen>

    </sect3>

  </sect2>

  <sect2 role="content">
    <title>Contents</title>

    <segmentedlist>
      <segtitle>Installed Programs</segtitle>
      <segtitle>Installed Libraries</segtitle>
      <segtitle>Installed Directory</segtitle>

      <seglistitem>
        <seg>ftpcount, ftpdctl, ftptop, ftpwho, ftpshut, proftpd</seg>
        <seg>None</seg>
        <seg>/var/run/proftpd</seg>
      </seglistitem>
    </segmentedlist>

    <variablelist>
      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
      <?dbfo list-presentation="list"?>
      <?dbhtml list-presentation="table"?>

      <varlistentry id="proftpd-prog">
        <term><command>proftpd</command></term>
        <listitem>
          <para>is the FTP daemon.</para>
          <indexterm zone="proftpd proftpd-prog">
            <primary sortas="b-proftpd">proftpd</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="ftpcount">
        <term><command>ftpcount</command></term>
        <listitem>
          <para>shows the current number of connections.</para>
          <indexterm zone="proftpd ftpcount">
            <primary sortas="b-ftpcount">ftpcount</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="ftpshut">
        <term><command>ftpshut</command></term>
        <listitem>
          <para>shuts down all <application>proftpd</application> servers
          at a given time.</para>
          <indexterm zone="proftpd ftpshut">
            <primary sortas="b-ftpshut">ftpshut</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="ftptop">
        <term><command>ftptop</command></term>
        <listitem>
          <para>displays running status on connections.</para>
          <indexterm zone="proftpd ftptop">
            <primary sortas="b-ftptop">ftptop</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="ftpwho">
        <term><command>ftpwho</command></term>
        <listitem>
          <para>shows current process information for each session.</para>
          <indexterm zone="proftpd ftpwho">
            <primary sortas="b-ftpwho">ftpwho</primary>
          </indexterm>
        </listitem>
      </varlistentry>

    </variablelist>

  </sect2>

</sect1>