I want to control my ProFTPd authentication by a MySQL database. Users will be able to change the username and password of their FTP account(s) in a PHP web application. This provokes a following problem: The users set in the database usertable do not match the system users. So I am not able to change the directory permissions in my filesystem and ProFTPd logs the error:
username chdir("/var/www/vhosts/sites/username"): Permission denied
But how could I give these FTP users access to these folders? If I set up a user called www-data it works fine but the usernames will not be defined in /etc/passwd.
The second thing I want to manage is the restriction of this only directory, in this case /var/www/vhosts/sites/username. The user mustn't have access to other directories if they are not in the home directory above.
How do I fix this?
Best Answer
You will have to give your proftpd virtual users ownership of their files and directories just like you would a real user. You can do this with chown. As the users aren't system users you will have to use the numeric UID:GID e.g. if username is UID 10001 and GID 1111 (from the mysql database) then
should give username control over their own files. Ensure that www-data user has suitable read only access to the file & directories e.g. give world r-x to directories and r-- to files.
If you set the
directive then the users will be confined within their own directory tree.