Date: Wed, 4 Jun 2003 16:55:44 +0100 From: =?iso-8859-1?Q?Marco_Gon=E7alves?= <info@kolorbit.com> To: "FreeBSD ISP List" <freebsd-isp@freebsd.org>, "Jez Hancock" <jez.hancock@munk.nu> Subject: Re: proftpd, mass virtual hosting and symlinks Message-ID: <00b001c32ab1$c602dc00$6b026b83@marco> References: <20030604143425.GB88470@users.munk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Use FTP,
i do virual hosting on my server, and since i use PureFTPd all muy =
trouble finished (at least with ftp sevice), i did it like this:
1 - intall pureftpd, with mysql support, so you can manage directly from =
mysql the ftp users
2 - dont run the ftp from inetd, you better with standalone via rc.d , =
here is the script that i made=20
#!/bin/sh
case "$1" in
start)
/usr/local/sbin/pure-ftpd -A -l =
mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n ' =
pure-ftpd'
;;
stop)
/usr/bin/killall pure-ftpd > /dev/null && echo -n ' =
pure-ftpd'
;;
restart)
/usr/bin/killall pure-ftpd && /usr/local/sbin/pure-ftpd =
-A -l mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n =
' pure-ftpd'
;;
*)
echo ""
echo "Usage: `basename $0` { start | stop | restart }"
echo ""
exit 64
;;
esac
of course you have to have put the config file in =
/usr/local/etc/pureftpd-mysql.conf chmod 600 root
you can have links with no problem working with chroot=20
PureFTPd is good
Best regards,
Marco Gon=E7alves
----- Original Message -----=20
From: Jez Hancock=20
To: FreeBSD ISP List=20
Sent: Wednesday, June 04, 2003 3:34 PM
Subject: proftpd, mass virtual hosting and symlinks
Hi all,
Our webserver serves a large number of domains and the partitioning
scheme is setup like this:
/home - contains all shell related items for users (we allow shell =
logins)
/www - contains all documentroots for the server
A typical user's documentroot resides in:
/home/user/web/example.com/www/
which is a symlink to
/www/example.com/www
The idea was to save time on httpd requests by serving files from a
dedicated partition and similar issues also exist for
suexec cgi-bin trees and logfile trees.
The problem then is that when a user logs in via proftpd, if we use
'DefaultRoot ~' to chroot the users to their home directories, the =
user
is unable to follow the symlink to their web docroot(s) because of the
old chestnut with chrooting disallowing symlinks out of the chroot =
root
directory.
I've read through the manual for proftpd, particularly this:
=
http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.htm=
l
which suggests instead of symlinking, mount each (currently symlinked)
directory in the target directory, something like:
mount_null /www/example.com/www /home/user/web/example.com/www
Questions:
Is proftpd a viable option for mass vhosting given this type of
partitioning scheme? If so, how would I configure proftpd to handle =
symlinks
whilst still not allowing users to break out of their home directory?
If proftpd is not the best option - what other ftpd are recommended? =
I
understand PureFTPD implements a 'quasi' chrooting system via a module
mod_vroot - is this a better option (proftpd also appears to have
support for mod_vroot, but docs are sparse)?
TIA,
Jez
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b001c32ab1$c602dc00$6b026b83>