From owner-freebsd-isp@FreeBSD.ORG  Wed Jun  4 08:55:08 2003
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EA98E37B419
	for <freebsd-isp@freebsd.org>; Wed,  4 Jun 2003 08:55:08 -0700 (PDT)
Received: from ns1.kolorbit.com (ns1.kolorbit.com [81.31.32.19])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C497643F93
	for <freebsd-isp@freebsd.org>; Wed,  4 Jun 2003 08:55:07 -0700 (PDT)
	(envelope-from info@kolorbit.com)
Received: from marco ([195.22.18.75])
	by ns1.kolorbit.com (8.12.9/8.12.9) with SMTP id h54F10Pa017870;
	Wed, 4 Jun 2003 17:01:05 +0200 (CEST)
	(envelope-from info@kolorbit.com)
Message-ID: <00b001c32ab1$c602dc00$6b026b83@marco>
From: =?iso-8859-1?Q?Marco_Gon=E7alves?= <info@kolorbit.com>
To: "FreeBSD ISP List" <freebsd-isp@freebsd.org>,
	"Jez Hancock" <jez.hancock@munk.nu>
References: <20030604143425.GB88470@users.munk.nu>
Date: Wed, 4 Jun 2003 16:55:44 +0100
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
Subject: Re: proftpd, mass virtual hosting and symlinks
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jun 2003 15:55:09 -0000

Use FTP,

i do virual hosting on my server, and since i use PureFTPd all muy =
trouble finished (at least with ftp sevice), i did it like this:
1 - intall pureftpd, with mysql support, so you can manage directly from =
mysql the ftp users
2 - dont run the ftp from inetd, you better with standalone via rc.d , =
here is the script that i made=20


#!/bin/sh

case "$1" in
        start)
                /usr/local/sbin/pure-ftpd -A -l =
mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n ' =
pure-ftpd'
                ;;
        stop)
                /usr/bin/killall pure-ftpd > /dev/null && echo -n ' =
pure-ftpd'
                ;;
        restart)
                /usr/bin/killall pure-ftpd && /usr/local/sbin/pure-ftpd =
-A -l mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n =
' pure-ftpd'
                ;;
        *)
                echo ""
                echo "Usage: `basename $0` { start | stop | restart }"
                echo ""
                exit 64
                ;;
esac

of course you have to have put the config file in =
/usr/local/etc/pureftpd-mysql.conf  chmod 600 root
you can have links with no problem working with chroot=20

PureFTPd is good

Best regards,
Marco Gon=E7alves

  ----- Original Message -----=20
  From: Jez Hancock=20
  To: FreeBSD ISP List=20
  Sent: Wednesday, June 04, 2003 3:34 PM
  Subject: proftpd, mass virtual hosting and symlinks


  Hi all,

  Our webserver serves a large number of domains and the partitioning
  scheme is setup like this:

  /home - contains all shell related items for users (we allow shell =
logins)
  /www - contains all documentroots for the server

  A typical user's documentroot resides in:

  /home/user/web/example.com/www/

  which is a symlink to

  /www/example.com/www

  The idea was to save time on httpd requests by serving files from a
  dedicated partition and similar issues also exist for
  suexec cgi-bin trees and logfile trees.

  The problem then is that when a user logs in via proftpd, if we use
  'DefaultRoot ~' to chroot the users to their home directories, the =
user
  is unable to follow the symlink to their web docroot(s) because of the
  old chestnut with chrooting disallowing symlinks out of the chroot =
root
  directory.

  I've read through the manual for proftpd, particularly this:
  =
http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.htm=
l

  which suggests instead of symlinking, mount each (currently symlinked)
  directory in the target directory, something like:

  mount_null /www/example.com/www /home/user/web/example.com/www

  Questions:
  Is proftpd a viable option for mass vhosting given this type of
  partitioning scheme?  If so, how would I configure proftpd to handle =
symlinks
  whilst still not allowing users to break out of their home directory?

  If proftpd is not the best option - what other ftpd are recommended?  =
I
  understand PureFTPD implements a 'quasi' chrooting system via a module
  mod_vroot - is this a better option (proftpd also appears to have
  support for mod_vroot, but docs are sparse)?

  TIA,
  Jez
  _______________________________________________
  freebsd-isp@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-isp
  To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"