Install and setup pure-ftpd with virtual users

Oct 25, '04 09:42:00AM

Contributed by: froinds

Let's start by downloading Pure-FTPd [548KB download]. Expand the archive. In the terminal, cd into the pure-ftpd folder that was just created. Before you compile it, take a look at the README file inside that folder and scroll down to ADVANCED COMPILATION. Read about the different options you have to build your pure-ftpd server. To be able to create virtual users (users with no OS X accounts), compile it using --with-puredb. If the options sound too complicated, don't worry, just configure it using --with-everything, and you'll build a server with almost all available features. In your terminal, enter ./configure --with-everything. When this step is done, type sudo make install-strip to install it.

Creating the ftp user
To use puredb as your authentication method and to create virtual users, you must first create one ftp user in your system:

$ sudo niutil -create / /users/ftpuser
### This creates a user in the NetInfo database

$ sudo niutil -createprop / /users/ftpuser uid 601
### Assigns user ID number. It can be any number over 501 that
### is not taken by another user.

$  sudo niutil -createprop / /users/users gid 20
### Group to which the user will belong. You could give it its own gid 601.

$ sudo niutil -createprop / /users/ftpuser home "/Users/ftpfolder"
### Assigns a home folder that you must create. The home folder doesn't
have to reside inside /Users.

$ sudo niutil -createprop / /users/ftpuser shell "/dev/null" 
### For security reasons, don't give this user a shell.

$ sudo niutil -createprop / /users/ftpuser passwd "*"
### Blank password; you'll create it in the next step

$ sudo passwd ftpuser
### Make sure you give it a password to activate this account
Now create the user's home folder by typing mkdir /Users/ftpfolder, and set the ownership for it:
sudo chown ftpuser:staff /Users/ftpfolder
If you leave the home folder like this, without copying the template /System/Library/User Template/English.lproj, the FTP user won't show in your login window with the rest of the users. Let's give credit to the author of this hint for the previous steps...

Running pure-ftpd with xinetd
If pure-ftpd will be launched by xinetd when an FTP connection is established, then you must configure the /etc/xinetd.d/ftp configuration file. Here is my configuration:
service ftp
{
  disable     = no
  socket_type = stream
  wait        = no
  user        = root
  server      = /usr/local/sbin/pure-ftpd
  server_args = -l puredb:/etc/pureftpd.pdb -A -C 10 -E -j -p 2500:2600 -P mydomain.com
  protocol    = tcp
  groups      = yes
  #flags      = REUSE IPv6
}
Here's a description of the various settings on server_args and elsewhere: Creating virtual users
Let's create our first virtual user, whose name is Joe:
$ sudo pure-pw useradd Joe -u ftpuser -d /Users/ftpfolder/Joe
Enter your administrator password, and then enter the password for the user you're creating (you'll be prompted twice for it). Now you must rebuild the database for puredb to your server recognizes the new user:
$ sudo pure-pw mkdb
For more examples, and a complete guide to creating virtual users, check out this section of the Pure-FTPd website.

Restart xinetd
Type sudo kill -HUP 'cat /var/run/xinetd.pid' to have your changes take effect. Connect to your server with this newly created user name and password.

Note: Check the man pages to run pure-ftpd in daemon mode without xinetd.

Comments (4)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20041022232337148