Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 16 Mar 2005 13:54:23 -0600
From:      Mark Johnston <mjohnston@skyweb.ca>
To:        "Scott St. John" <scott@scottah.com>
Cc:        freebsd-isp@freebsd.org
Subject:   Re: FTP controlled by SQL
Message-ID:  <1111002863.7843.8.camel@localhost.localdomain>
In-Reply-To: <200503161844.j2GIinBi053119@kelly.talon.net>
References:  <200503161844.j2GIinBi053119@kelly.talon.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 2005-03-16 at 13:45 -0500, Scott St. John wrote:
> I have a client who wants to be able to add/remove users to an FTP site. 
> They do not have access to the machine so this sounds like a job for PHP and
> MySQL.  I have been trying (pulling hair out) with Proftp and MySQL.
> 
> My question is:  is anyone on the list doing something like this and what
> are you using?

I'm doing something very like this, using the ProFTPD port version
1.2.10_1 and PostgreSQL.  Relevant config chunks:

AuthPAM                         off
DefaultRoot                     ~
SQLConnectInfo dbname@db.host.fqdn username password
SQLAuthenticate users		# Could also use groups
SQLAuthTypes Plaintext		# Passwords are stored as plaintext
SQLHomedirOnDemand on		# Create missing home directories
SQLNegativeCache on		# Cache missing usernames
SQLDefaultGID 10000		# Everyone will get this GID
SQLMinUserUID 10000		# Users must be at least UID 10000
SQLNamedQuery getuser SELECT "name, password, uid, NULL, '/home/' ||
name, NULL FROM domain WHERE name = '%U' AND enabled"
SQLUserInfo custom:/getuser

Basically, this turns off PAM, and authenticates using the given SQL
query.  It doesn't use groups (everyone gets the DefaultGID of 10000).
The order in the SQLNamedQuery is significant - it's name, password,
numeric uid, numeric gid, home directory, something else (sorry).  %U is
the username the user entered.

Management of the database table is done with an internal web front-end,
but it's a trivial matter of programming anyway.  PHP sounds eminently
suitable.

HTH,
Mark

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1111002863.7843.8.camel>