Beta Branch Centmin Mod .08 beta + pure-ftpd virtual FTP user support

no just change /etc/ssl/private/pure-ftpd.pem did you restart pure-ftpd service ?

 

not for CentOS it's configured for /etc/ssl/private/pure-ftpd.pem for Centmin Mod.

edit: hmmm

Code:

ls -lah /etc/pki/pure-ftpd/pure-ftpd.pem
-rw------- 1 root root 3.2K Apr  3 01:20 /etc/pki/pure-ftpd/pure-ftpd.pem

ls -lah /etc/ssl/private/pure-ftpd.pem
-rw------- 1 root root 1.9K Apr  3 01:21 /etc/ssl/private/pure-ftpd.pem

edit2: indeed looks like /etc/pki/pure-ftpd/pure-ftpd.pem is used ! guess need to fix that

thanks @AlekseY for catching the error - FIXED update inc/pureftpd.inc pure-ftpd.pem location · centminmod/centminmod@636fa07 · GitHub

 

that's only for source compiling pure-ftpd which is not available for Centmin Mod yum package installed pure-ftpd. I can't find any document reference to setting language in pure-ftpd.conf so far. Probably need to google more

edit: it might also work in pure-ftpd startup script on CentOS 6.6 that would be /etc/init.d/pure-ftpd but for CentOS 7. it uses systemd so would be at
/etc/systemd/system/multi-user.target.wants/pure-ftpd.service

Code:

[Unit]
Description=Pure-FTPd FTP server
After=syslog.target network.target

[Service]
Type=forking
PIDFile=/var/run/pure-ftpd.pid
ExecStart=/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize

[Install]
WantedBy=multi-user.target

i wonder if this would work by changing this line from

Code:

ExecStart=/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize

to

Code:

ExecStart=/usr/sbin/pure-config.pl /etc/pure-ftpd/pure-ftpd.conf --daemonize --with-language=russian

then restarting pure-ftpd service

 

• Did you let the script generate a password for you or set your own ?
• Did you make sure to enable explicit TLS/SSL mode and enable PASV passive mode like in 1st post here.
• Which FTP client ? As not all FTP clients support FTP explicit TLS/SSL mode only clients listed at bottom of this post.

From 1st post here, try the pure-pw commands to display pure-ftpd user details and change the user password. Also pure-pw manual is here and http://download.pureftpd.org/pub/pure-ftpd/doc/README.Virtual-Users

list all pure-ftpd created virtual FTP users

Code:

pure-pw list

Code:

pure-pw list
ftpuser             /usr/local/nginx/html/./                         
ftpuser2            /usr/local/nginx/html/./                         
ftpuser3            /usr/local/nginx/html/./                         
ftpuser4            /home/nginx/domains/domain1.com/./               
ftpuser6            /home/nginx/domains/sub.domain1.com/./             
ftpuser5            /home/nginx/domains/domain2.com/./

to delete virtual FTP user

Code:

pure-pw userdel FTPUSERNAME
pure-pw mkdb

change virtual FTP user's password

Code:

pure-pw passwd FTPUSERNAME
pure-pw mkdb

show full details for an specific pure-ftpd virtual FTP user

Code:

pure-pw show FTPUSERNAME

password is encrypted

Code:

pure-pw show ftpuser5

Login              : ftpuser5
Password           : $1$msgfvdN0$51dhLdPGiCQpQEwtZ30kF1
UID                : 500 (nginx)
GID                : 500 (nginx)
Directory          : /home/nginx/domains/domain2.com/./
Full name          :
Download bandwidth : 0 Kb (unlimited)
Upload   bandwidth : 0 Kb (unlimited)
Max files          : 0 (unlimited)
Max size           : 0 Mb (unlimited)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local  IPs :
Denied  local  IPs :
Allowed client IPs :
Denied  client IPs :
Time restrictions  : 0000-0000 (unlimited)
Max sim sessions   : 0 (unlimited)

I think you didn't enable PASV passive mode as i see port 21 actually being connected to, PASV will change that to a port listened to over TLS/SSL if enabled.

 

try changing the password via pure-pw command and see if that works

and

• Did you let the script generate a password for you or set your own ?

 

also restart pure-ftpd service

what do you get for output of these 2 commands

Code:

service pure-ftpd status
service pure-ftpd restart

 

restarting pure-ftpd got it to work or changing passwords + restart ?

install and upgrade AFAIK prompts for xenforo forum username/password ? not your own ftp ?

edit: I see what you mean, I started a dedicated thread in Forums usage forum at Xenforo - Install and Upgrade by Waindigo Xenforo Addon - FTP Login Details | Centmin Mod Community so as to not get too off topic here.

 

yes that is correct, need to disable some php functions as per Getting Started Guide item 14. FAQ item 2 regarding not for shared hosting still applies.

only way is full jailed/chroot accounts outlined here. But that isn't on the books until Centmin Mod feature set is properly stabilised as outlined here.

no native support in Pure-FTPD but you can script something Pure-ftpd, a way to modify ftp configuration to limit file size? | Web Hosting Talk You'd be on your own for that.

 

Malware & Virus Scan FTP Uploaded Files

One thing that Pure-FTPD users can do is configure automatic malware and virus scans on uploaded files done through Pure-FTPD. Be aware this may potentially increase your cpu and memory usage requirements - especially for large file uploads. To implement automatic malware and virus scanning on uploaded files via Pure-FTPD you need

1. To install Linux Malware Detect (maldet) and ClamAV scanner via Centmin Mod maldet.sh addon which is available in Centmin Mod .08+ beta03 and higher addons/maldet.sh directory path. Details at Maldet - Linux Malware Detect Addon (discussion) | Centmin Mod Community
2. Then on Centmin Mod .08+ beta03 and higher you should already have Pure-FTPD support.

Once maldet.sh addon is installed and with running Pure-FTPD service, you enable pure-ftpd CallUploadScript support and setup the the called shell script clamscan.sh which is invoked each time a file is uploaded via Pure-FTPD virtual FTP user.

Create a file named setup-callupload.sh and place in file the contents. This script properly sets up what is needed to enable CallUploadScript in pure-ftpd.conf, setup the clamscan.sh shell script which runs each time files are uploaded and runs the pure-uploadscript in background. Any infections are reported in /var/log/clamscan-pureftpd.log and normal uploads are logged in /var/log/pureftpd.log.

Code:

#!/bin/bash

sed -i 's|^#CallUploadScript yes|CallUploadScript yes|g' /etc/pure-ftpd/pure-ftpd.conf

cat >/etc/pure-ftpd/clamscan.sh<< EOF
#!/bin/bash
/usr/bin/clamdscan --remove --quiet --no-summary "\$1" --log=/var/log/clamscan-pureftpd.log
EOF

chmod +X /etc/pure-ftpd/clamscan.sh

pure-uploadscript -B -r /etc/pure-ftpd/clamscan.sh

echo "pure-uploadscript -B -r /etc/pure-ftpd/clamscan.sh" >> /etc/rc.local

service pure-ftpd restart

then chmod +x and run script

Code:

chmod +x setup-callupload.sh
./setup-callupload.sh