Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Replace the FTP server with ProFTPd UNIX
Here is a step by step guide to installing the industrial-strength FTP server ProFTPd on Mac OS X. It assumes that you have the Developers Tools installed on your system and that you have an Internet connection. The installation will replace the existing OS X FTP server with ProFTPd.

If you'd like to get ProFTPd running on your OS X installation, read the rest of this article.

INSTRUCTIONS
  1. Get ProFTPd

    In a terminal window, type (without "%", which represents the prompt):
      %   curl -O ftp://ftp.proftpd.org/distrib/source/proftpd-1.2.4.tar.gz
    to get the source code. Then type
      %   tar xvfz proftpd-1.2.4.tar.gz
    to unpack the distribution.

  2. Compile the source and install
    %   cd proftpd-1.2.4
    % ./configure
    % make
    % sudo make install
  3. Setup ProFTPd

    On the Sharing panel turn "Allow FTP Access" off. We now edit the file /etc/inetd.conf to let your system know that you want to use FTPPro instead. Make a backup copy of the file /etc/inetd.conf in case you want to revert to the built-in ftp server. Once you've done that, edit the file:
      %   sudo pico /etc/inetd.conf
    Replace the line
      #ftp    stream  tcp     nowait  root    /usr/libexec/tcpd       ftpd -ll
    with the line
      #ftp    stream  tcp     nowait  root    /usr/libexec/tcpd        /usr/local/sbin/proftpd
    Control-O to write the file and Control-X to exit.

  4. Edit the configuration file to suit your needs

    The configuration file is stored in /usr/local/etc/proftpd.conf. ProFTPd is incredibly flexible; for details of available options, see the configuration page on the ProFTPd website. Below is my very simple configuration file: no anonymous login and each user is limited to her own home directory.
    # This is a sample ProFTPD configuration file

    ServerIdent on "FTP server ready"
    ServerName "ProFTPD"
    ServerType inetd
    DefaultServer on

    # Port 21 is the standard FTP port.
    Port 21
    # Umask 022 is a good standard umask to prevent new dirs and files
    # from being group and world writable.
    Umask 022

    # Set the user and group that the server normally runs at.
    User nobody
    Group nobody

    <Global>
    DefaultRoot ~
    DeleteAbortedStores on
    ExtendedLog [absolute path of the file you want activity be logged on]
    AllowOverwrite on
    AllowChmod off
    </Global>
    Note that the path for logging must be absolute, and does not require quotes or brackets.

  5. Turn "Allow FTP Access" on in the Sharing panel.
You should be ready to go. Enjoy!
    •    
  • Currently 0.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (0 votes cast)
 
[30,968 views]  

Replace the FTP server with ProFTPd | 41 comments | Create New Account
Click here to return to the 'Replace the FTP server with ProFTPd' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Don't download to folder with spaces!
Authored by: houchin on Nov 05, '01 01:53:56PM

One warning to anyone trying this. Don't download and untar the proftp archive into a directory that contains any spaces in its name or in the name of any directory in the path. The configure app won't work.

In general, if you want to be a Unix-type Mac user with Mac OS X, you need to get into the habit of never putting spaces in filenames, especially directory names. As we saw with the iTunes 2 installer this weekend, it's very easy for very bad things to happen.



[ Reply to This | # ]
Don't download to folder with spaces!
Authored by: dchambon on Apr 08, '02 04:53:24AM

I'vve dowloaded (as explained with curl) proftpd 1.2.4 in a folder without spaces (/Applications/Proftpd-1.2.4) but here is the message I obtain after trying to configure :

[dchambon:/Applications/proftpd-1.2.4] dchambon% ./configure
creating cache ./config.cache
checking host system type... powerpc-apple-darwin5.3
checking target system type... powerpc-apple-darwin5.3
checking build system type... powerpc-apple-darwin5.3
checking for gcc... no
checking for cc... cc
checking whether the C compiler (cc ) works... no
configure: error: installation or configuration problem: C compiler cannot create executables.

my configuration is :

G4/512 Mo - Mac OS X Server 10.1.3 + Developper tools

Can you help me ?
Do you think I can use proftpd 1.2.5rc1 ?

thanks.

Didier.



[ Reply to This | # ]
Don't download to folder with spaces!
Authored by: la33deedah33 on Sep 01, '02 09:25:10AM

Thanks for the heads up! From your post I get the message I have some very bad file / directory naming habits that I need to go through my Finder now and correct. Yipes! I have a ton of files / directories.

Please bear with me as I am new to Unix, but I wish to upgrade my User habits to Unix compatibility. You are saying, if I get your post correctly, that no file or directory name / label should contain spaces; is that correct? Therefore, for example, <MacOSXHints> should be written as indicated without the brackets; is that your message? (As opposed to writing incorrectly as <Mac OS X Hints>).

Are there other common habits that are Unix incompatible? Where would I learn of same, if you have such info, i.e. a site and any other reference material. I have O'Reilly on Learning Unix for Mac OS X and Learning the Unix Operating System, but have not found such hints as you posted.

Thanks for your tip.



[ Reply to This | # ]
ProFTPD
Authored by: nturpin on Nov 06, '01 06:48:33PM

ProFTPD seems to use PAM authorisation, however I can't find any evidence that OS X supports this. You can compile ProFTPD without PAM support, however I would prefer not for various reasons. Am I incorrect in thinking that there is no PAM support in OS X, and if there isn't, is there any way of integrating it into OS X?



[ Reply to This | # ]
ProFTPD
Authored by: etwoy on Nov 07, '01 11:10:23PM

Why do you not want to run ProFTPd without PAM?

It's not required. It's an optional component to run with PAM, as is ldap/sql and the rest of it.



[ Reply to This | # ]
Maybe an error...
Authored by: fabrizio on Nov 06, '01 07:48:23PM

In file /etc/inetd.conf the line to insert I think is:
#ftp stream tcp nowait root /usr/libexec/tcpd /usr/local/sbin/in.proftpd



[ Reply to This | # ]
Maybe an error...
Authored by: nturpin on Nov 06, '01 08:16:04PM

Surely that is just to tell the system to use proFTPD instead of FTP. Also to fool system preferences into turning on proFTPD instead of FTP services.



[ Reply to This | # ]
Negative GID errors...
Authored by: etwoy on Nov 06, '01 09:46:03PM

Well, I'm really surprised to see this article saying this is all so easy...

I've been working on getting 1.2.4 of ProFTPd working under OS X Server 1.2 for a few days now, and in communicating with the developers, they said that negative GID values will cause errors in operation....

So I thought I'd try compiling this on my 10.1 laptop, and voila! the errors are still there...

put proftpd in standalone mode (not inetd), and launch it like this:

proftpd -n -d5

(do not detach from terminal, and debug level 5)

When I do this, I get:


- error: GID of -1 not allowed
- Fatal: Group: Unknown group 'nogroup'.


Anyway. I reckon you're going to run into problems as soon as you try to do anything unusual, like chroot a user into somewhere other than their home directory for example...

be glad to be proven wrong though.


etwoy




[ Reply to This | # ]
Negative GID errors...
Authored by: etwoy on Nov 06, '01 09:51:08PM

before anyone leaps on me for it, yes I forgot to change 'nogroup' to 'nobody', and that's what the second line refers to.

the rest of my message still stands though. GID -1 produces errors.





[ Reply to This | # ]
Negative GID errors...
Authored by: seann on Aug 26, '03 06:22:17PM

check to see who has -1 in /etc/passwd

I think root sometimes has -1 when its not enabled, or some jazz.

netinfo database maybe.

seen it before.



[ Reply to This | # ]
users....
Authored by: jefman on Nov 07, '01 02:04:18PM

Can someone help me out ?

How do I set up users for the ftp server, is there a way without creating new users in System Preferences/Users ?

Thanks in advance !

/Jef



[ Reply to This | # ]
Patch now available!
Authored by: etwoy on Nov 13, '01 11:09:43PM

This comment addresses the problems posed by my earlier thread.

Thanks to the very excellent work by TJ one of the ProFTPd development team, there is now a patch available which will solve all the Group problems with OS X.

http://bugs.proftpd.org/showattachment.cgi?attach_id=1198


Save that as a file, and put it at the root level of the Proftpd source tree. If you called it 'patch-file', then apply it with the following command.

patch -p0 < patch-file


then continue wiht make,makeinstall etc.



[ Reply to This | # ]
Patch now available!
Authored by: csotto on Nov 14, '01 05:08:27PM

I tried this patch and all i get is:
[localhost:~/downloads/proftpd-1.2.4] myname% patch -p0 < patch1.txt
patch unexpectedly ends in middle of line
patch: **** Only garbage was found in the patch input.

Is there any chance to get this working?
Thanks
BTW: I did save the file as plain text instead of rtf with the same results.



[ Reply to This | # ]
Patch now available!
Authored by: juanfc on Mar 01, '02 02:47:48PM

The patch seems ok (I would like where it cames from), but the final make gives the same results: it doesn't compile!



[ Reply to This | # ]
sudo make
Authored by: shacker on Nov 23, '01 09:11:45PM

Note that the instructions are misleading - you can't just make -- you have to "sudo make" - otherwise it tries to create a directory in a path it doesn't have permisson for, and make fails.



[ Reply to This | # ]
Anonymous?
Authored by: shacker on Nov 23, '01 10:47:14PM

Has anyone gotten anonymous FTP working with ProFTPd? I've got it set up exactly as on my Linux box, but keep gettting "Login failed." Any hints?



[ Reply to This | # ]
Anonymous?
Authored by: baas on Jan 06, '02 03:47:40PM

make sure you have a ftp user on which you can run the anonymous connection. If you want to know how, follow the instructions in the hint called 'enabling anonymous ftp' on this site. Furthermore, in proftpd it is important that the ftp-user has a correct shell set, so check that the default shell is a valid shell as listed in /etc/shells.

it should work now, if anybody still had problems, let me know.



[ Reply to This | # ]
proftpd can't resolve hostname
Authored by: hagbard on Dec 06, '01 09:29:55AM

I installed, patched, reinstalled proftpd without any problem.
Only, when I launch it, it tries to resolve my host address and since
it cannot do it (I have a 192.168.x.x type of address), it barfs out.
Does anyone have suggestions as to how to either tell proftpd my host address, or
change the system resources so that a lookup isn't called when searching for a corresponding hostname ?

thanks ;-)



[ Reply to This | # ]
proftpd can't resolve hostname
Authored by: baas on Jan 05, '02 08:45:11AM

Hi, i had the same problem, but i solved it now ;)

please make sure you have the exact same hostname listed in NetInfo (You can check in NetInfo Manager, under machines), as in the terminal window, make sure you have no capitols in the netinfo name, as they are not supported, and make sure (this was the problem with me) you do not have any characters other than letters (or dashes, i suppose)in your hostname. Even though your terminal-window will support it, nslookup will not. Hope you get it working.

You can always set your hostname with the 'hostname "{string}"' command in the terminal.
And you can check your hostname by simply typing 'hostname' in the terminal.

Good Luck!
Maarten Baas.



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: Anonymous on Dec 27, '01 09:52:55PM

When running make as root on OS X 10.1.2, "make modules" fails with the following errors:

In file included from /System/Library/Frameworks/CoreServices.framework/Frameworks/OT.framework/Headers/OT.h:29,
from /System/Library/Frameworks/CoreServices.framework/Headers/CoreServices.h:25,
from /usr/include/profile.h:17,
from /usr/include/krb.h:154,
from mod_unixpw.c:45:
/System/Library/Frameworks/CoreServices.framework/Frameworks/OT.framework/Headers/OpenTransportProviders.h:126: warning: `TCP_NODELAY' redefined
/usr/include/netinet/tcp.h:148: warning: this is the location of the previous definition
/System/Library/Frameworks/CoreServices.framework/Frameworks/OT.framework/Headers/OpenTransportProviders.h:127: warning: `TCP_MAXSEG' redefined
/usr/include/netinet/tcp.h:149: warning: this is the location of the previous definition
In file included from /System/Library/Frameworks/CoreServices.framework/Frameworks/OT.framework/Headers/OT.h:29,
from /System/Library/Frameworks/CoreServices.framework/Headers/CoreServices.h:25,
from /usr/include/profile.h:18,
from /usr/include/krb.h:155,
from mod_unixpw.c:45:
/System/Library/Frameworks/CoreServices.framework/Frameworks/OT.framework/Headers/OpenTransportProviders.h:110: parse error before `0x01'
make[1]: *** [mod_unixpw.o] Error 1
make: *** [modules] Error 2

Anyone else run into this, or better yet, know of a fix?



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: jtnt on Jan 23, '02 03:11:56PM

Yep, same as you. Running 10.1.2 and I get the exact same (or very similar) error on make during the 'make module' part. Anyone found anything out about this?



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: themaf on Mar 08, '02 08:37:09AM

Yep, I got the same thing. Is there anyone that knows how to fix this, or let us know what we are missing to compile it.



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: kyngchaos on Apr 03, '02 11:45:47AM

Same here on two different Macs - new dual 1G and old PB G3 firewire, both 10.1.3. Patch doesn't help.

I found a precompiled binary, but there was no info as to what options and modules were used, tho it looks like just defaults were used. I would like to compile it with a couple optional modules.



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: kyngchaos on Apr 09, '02 01:43:20PM

Figured it out (for anyone interested):

in the file modules/mod_unixpw.c, between lines 44 and 45, insert these two lines:

#undef TCP_NODELAY
#undef TCP_MAXSEG

Apparently these are used in the coreservices headers, but are NOT supposed to affect user compilation, but they do.

You'll still get a bunch of warnings, but it compiles and runs. Add this to the GUID patch and everything should be peachy.



[ Reply to This | # ]
Make errors on 10.1.2
Authored by: jesk on Sep 01, '02 08:31:40AM

i dont this and it seems that it compiles correctly, but when im starting proftpd i become the message:"bus error". can anybody help me?



[ Reply to This | # ]
Getting it all together
Authored by: Moo0 on Mar 09, '02 04:38:18PM

first, download the patch using wget - not explorer or the like. It will mess up the file.

don't make the mistake I did - DO change the user/group proftpd is running on in the proftpd.conf file, as the default ones will not work :)

Second of all: if you want to deny 1 or more users access to ftpd, simply state this in your proftpd.conf file:
<limit all>
DenyUser mysql, www, otheruser, etc
</limit>

this could be handy in case you have provided the mysql and/or www users a password.



[ Reply to This | # ]
Getting it all together
Authored by: Anonymous on Mar 10, '02 02:47:08PM

Did you get proFTPd to compile under OS X 10.1.3? If so, I and a coupla other folks would love to know how... (if the patch you're referencing fixes our make problems, I'd love to see that stated :)



[ Reply to This | # ]
Getting it all together
Authored by: Moo0 on Mar 11, '02 03:23:24AM

yes, I did. MacOS X 10.1.3, G4 667, running perfect so far!

I simply downloaded the source, applied the patch, compiled and installed.
I changed the proftpd.conf to my needs - and voila!



[ Reply to This | # ]
Getting it all together
Authored by: arle on Mar 20, '02 09:28:15PM

B&W G3 350, OS X 10.1.3, 576 MB RAM

No luck in compiling this. I get the same errors others have reported. Is there a hardware issue here? Despite patching the source and following all the suggestions in this discussion the thing simply fails to compile.

Anyone have a binary distribution of this that they could make available?

-Arle



[ Reply to This | # ]
gahhh
Authored by: Greenfruit on Mar 28, '02 03:29:11PM

i keep getting
[public2-port1-3-cust36:/proftpd-1.2.4] matthewm% ./configure
loading cache ./config.cache
checking host system type... powerpc-apple-darwin5.3
checking target system type... powerpc-apple-darwin5.3
checking build system type... powerpc-apple-darwin5.3
checking for gcc... no
checking for cc... no
configure: error: no acceptable cc found in $PATH

any ideas?



[ Reply to This | # ]
gahhh
Authored by: dchambon on Apr 08, '02 09:09:12AM

You must have the developper tools installed in order to use a compiler.

A CD was supplied with Mac OS X 10.0.4.

Updates are available on www.apple.com/developer.

Didier.



[ Reply to This | # ]
Loggin in as different users from same host
Authored by: iloatheny on Apr 08, '02 03:36:16AM

In an effort to test whether everything went ok, I opened one connection to localhost and logged on as my normal user, did an ls, then opened another one as anonymous. When I ls, I get a 421, and the log says:
"Failed binding to 127.0.0.1, port 20: Address already in use"

It seems that whenever I'm logged on as one user, suspend the process, then log on as another user, I get a 421.

Am I the only one getting this behaviour? Is it OS X specific? OS X Server 10.1.3, proftpd patch is applied.



[ Reply to This | # ]
Configure error
Authored by: dchambon on Apr 09, '02 04:00:49AM

I'vve dowloaded (as explained with curl) proftpd 1.2.4 in a folder without spaces (/Applications/Proftpd-1.2.4) but here is the message I obtain after trying to configure :

[dchambon:/Applications/proftpd-1.2.4] dchambon% ./configure
creating cache ./config.cache
checking host system type... powerpc-apple-darwin5.3
checking target system type... powerpc-apple-darwin5.3
checking build system type... powerpc-apple-darwin5.3
checking for gcc... no
checking for cc... cc
checking whether the C compiler (cc ) works... no
configure: error: installation or configuration problem: C compiler cannot create executables.

my configuration is :

G4/512 Mo - Mac OS X Server 10.1.3 + Developper tools

Can you help me ?
Do you think I can use proftpd 1.2.5rc1 ?

thanks.

Didier.



[ Reply to This | # ]
Configure error
Authored by: cookiemonsta on May 07, '02 03:38:38PM

go to versiontracker, select OS x

search for proFTPd, and d/l it

it is a pre built binary. to configure it for X. you can either:

run it as a replacement, to change the port number go to netinfo manager, authenitacte yourself and then choose services, fine FTP and change port to whatever and MAKE SURE u change the FTP-DATA port as well. It shuuld be FTP port -1 ie, ftp port on 5000, ftp data port = 4999

this should solve all your probs., ;)



[ Reply to This | # ]
Bus error
Authored by: jesk on Aug 30, '02 11:56:28AM

in the file modules/mod_unixpw.c, between lines 44 and 45, insert these two lines:

#undef TCP_NODELAY
#undef TCP_MAXSEG

i done this, but when im starting proftpd i become this: "Bus error".
I took the latest proftpd source for compile 1.25. i tried this on macosx 10.2 and on 10.1.2.
both system give me the same error. what can i do ? i would simply take the lukemftpd1.1 but with this ftpd i cant jail users into their homedirectorys:"550 Can't change root.".
why is it such complicated to become a ftpd running on macosx? can someone help me please?
thanks



[ Reply to This | # ]
proftpd mod_wrap
Authored by: luflores on Oct 31, '02 07:34:23AM

I have problem compiling proftpd-1.2.7rc2 with mod_wrap. It said that it is missing lnsl or libnsl (Network service library). I don't know where to get this library for darwin. Did any one knows?

-luis



[ Reply to This | # ]
proftpd mod_wrap
Authored by: luflores on Oct 31, '02 07:48:50AM

This is the error

gcc -Llib -ltinfo -lgcc -o proftpd src/main.o src/timers.o src/sets.o src/pool.o src/regexp.o src/dirtree.o src/support.o src/inet.o src/log.o src/scoreboard.o src/netio.o src/ident.o src/data.o src/modules.o src/auth.o src/fs.o modules/mod_core.o modules/mod_xfer.o modules/mod_unixpw.o modules/mod_auth.o modules/mod_ls.o modules/mod_log.o modules/mod_site.o modules/mod_wrap.o modules/module_glue.o -lsupp -lncurses -lwrap -lnsl
ld: can't locate file for: -lnsl
make: *** [proftpd] Error 1


sorry for the double post.

-luis



[ Reply to This | # ]
Proftpd -lns
Authored by: luflores on Nov 01, '02 05:44:26PM

I read from some post that libnslins not need it on FreeBSD. Since Darwin is base on BSD I remove it from the Make and it worked ok.

-luis



[ Reply to This | # ]
inetd config error with proftpd
Authored by: Marvine on Dec 30, '02 11:51:21AM

I had several problem when replacing the ftpd server of mac os x 10.2 :
I had to replace the ftpd bin with proftpd under the name ftpd
so I removed the -l argument in /etc/inetd.conf

I still have this error in the consol when I start the ftp share with the panel :

Dec 30 17:40:52 localhost xinetd[643]: 643 {hard_reconfig} No available services. Exiting

Dec 30 17:40:53 localhost xinetd[700]: Error reading included directory: /etc/xinetd.d [line=11]

Is it dangerous or not ??
because I really need the passivport option of proftpd...

Marvine



[ Reply to This | # ]
What are the benefits here?
Authored by: digitalone on Jan 24, '03 06:51:06AM

Excuse the ignorance,
But what are the advantages of proFTPD over the built-in server in 10.2.3? Will this give me the abilty to monitor a connections progress as well as its stats [i.e.- 38% completed ,45k/sec, or somehing along those lines.] I don't believe, or haven't found am efficient way to do this yet. [PEBKAC! :>]
And I will have the same GUI control in the sharing panel, too i take it?

Thanks,
Sean

PEBKAC = Problem Exists Between Keyboard And Chair



[ Reply to This | # ]
What are the benefits here?
Authored by: fireproof on Dec 15, '03 05:21:26PM
Well, I switched because my users were having trouble with Dreamweaver's FTP (it's documented on Macromedia's website, and they're not fixing it). And, yeah, I know that Dreamweaver MX 2004 has SFTP, but my users haven't all switched yet and may never get there. Here's one addition, for those that are making the switch on OS X Server (10.2.8 in my case) -- once you've modified the /etc/xinetd.d/ftp file to look like the inetd.conf above, you'll still need to make sure that your users have a default shell of some sort, or they won't be able to login via ftp at all!
service ftp
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/local/sbin/proftpd
        groups          = yes
        flags           = REUSE
}


[ Reply to This | # ]