ProFTPD Plugin for unRAID v6.8.x


SlrG

Recommended Posts

ProFTPd

Support the plugin?

btn_donate_SM.gif

 

This is the support thread for my ProFTPD Plugin for unRAID v6.8.x :)

 

To install it:

If you have installed the Community Applications plugin open Apps and search for

ProFTPDd, then install.

 

OR

 

Open Plugins / Install Plugin and use this URL:

https://raw.githubusercontent.com/SlrG/unRAID/master/Plugins/ProFTPd.plg

 

After the installation go to Users and add a new user. Into the description field put "ftpuser" or "ftpuser /path/to/users/rootdir" and save. Afterwards go to Settings and choose ProFTPd. Enable the service and you should have a running FTP-Server.

 

Please consult the ProFTPD-README for more information about it.

 

If you encounter any problems, please report them here.

 

SlrG

Edited by SlrG
bumped version, updated install information, removed roadmap and history
  • Thanks 1
  • Upvote 1
Link to comment

This is the first release of my ProFTPD Plugin for unRAID 5.0RC8a.  :)

 

I tested it with simple features and a lot of other plugins installed, so there may be missing dependencies. ::) Please feel free to test it and report back if there are problems. I will continue testing myself. Until further notice this should be considered a development release.

 

Looks good.  Welcome to plugin writing.  Not installed yet, just skipped through the code.  One very minor point; device_status.png, new_config.png & information.png are never downloaded.  If this were the only plugin on a system, they'd not exist in /boot/config/plugins/images.

 

 

Regards,

overbyrn

Link to comment

Finally had the time to test on stock unraid without other installed

plugins. The install problem was fixed by moving the icon files to

fully reside on github. They will be downloaded on first install.

 

Sadly I now noticed another problem. My selfbuilt proftpd with

included mysql support requires a sql-lib as dependency. I missed

that, as I had sql installed before writing this plugin.  :(  Expect an

updated version.  :)

 

Edit: Updated version added to first post. Instead of pulling the rather

large SQL package as dependency I decided to check if it is installed.

If it is, ProFTPD will be installed with SQL modules. If not ProFTPD will

be installed without SQL modules.

Link to comment
  • 2 weeks later...

Please explain in detail what you want to do. :)

 

The easy way:

In Settings there should be a ProFTP Daemon entry where you can set the daemon to enable (Yes). This will make it start automatically on every boot. Also you can start or stop the daemon by hand if you wish.

 

To add FTP-users you'll have to use the unraid users page. Click add user and provide an user name. In the description field put the keyword ftpuser and optionally the home path of the user. Without home path the user will have full access to all unraid directories. This is the same as if you were using the stock unraid FTP-Server. With home path the user will be jailed into the given path.

 

Let's say you have the following setup.

 

user1: "ftpuser"

user2: "ftpuser /mnt/cache/FTP"

user3: "ftpuser /mnt/cache/FTP/user3"

user4: "ftpuser /mnt/cache/FTP/user4"

 

Then

user1 will have full access to /.

user2 will have full access to /mnt/cache/FTP including the files of user3 and user4.

user3 will have access to files in ftpuser /mnt/cache/FTP/user3 and subdirectories but

          not to the files of user 4

user4 will have access to files in ftpuser /mnt/cache/FTP/user4 and subdirectories but

          not to the files of user 3

 

The hard way:

If you want a lot of users, it might me useful to install webserver and sql plugins and setup a php and sql based user management frontend like ProFTPd-Admin (screenshot) or ProFTPd-Administrator (screenshot). The first one is rather rudimentary giving you little more than what is possible above. The latter has a nicer gui and some quota management stuff. You can set expire dates for users. But sadly it seems to be an abandoned project and it still misses a lot of functions ProFTPd supports. Both have to be installed by hand using phpmyadmin and the shell.

 

The hardest way:

The best UI I found is gadmin-proftpd (screenshot) but that is an GTK app and requires a lot of dependency packages. Then if your main desktop is a linux system, you'll have to open a ssh connection with x11 tunnel to unraid and then the gui will open on your machine. If you are on windows you'll have to install the virtualbox plugin and a linux virtual machine with gnome desktop (eg. Linux Mint). You connect to that from windows and make it tunnel into unraid to show the gui.

 

Sounds complicated? Well, it is. :) And it isn't something one could possibly write another plugin for. There will still be manual steps left to do, which might be too complicated or too much hassle for some to tackle. And still even gadmin-proftpd does only provide a subset of the things ProFTPd can do.

 

Another hardest way (but the most powerful):

The ultimate solution albeit complicated too, is to go into shell and edit the /etc/proftpd.conf to your needs. :) Read here to learn what is possible and what not.

 

I'm planning to include the possibility to edit the config file into the plugin. This will however require an installed webserver plugin and won't be seamless, as the stock unraid webserver doesn't allow post variables to be used directly but only as passed arguments, which limits the length and therefore cuts off parts of the config file making it unusable. So the editing page will have to be provided by a full featured webserver instead.  Editing the config file by hand will still be not very user friendly, however. It's really sad there is no full featured and easy to setup php frontend for ProFTPd. :(

 

regards,

 

SlrG

Link to comment

Thanks, had thought there was gui for the settings.  But I understand it a lot better now.

 

Is the default port 21?  And where is the port setting?

 

I am simply trying to create one user.  lets says user xyz and I want them to be locked to a directory called "sam4s"

I am able to connect to the server but I am getting root access.  I am wondering if I am doing something wrong.

 

After putting in the username and the path of the "sam4s" directory I am unable to get passed login/pass screen.  Without the description it works but I get root access.  So I might be messing up in the description field.  This is what I am putting in the description: "xyz /mnt/disk1/sam4s"    xyz=user name that I put in the User Name field.

----------------------------------------------------------------------------------------------------------

Solved

 

I didn't realize this but I had to create a "ftpuser" account.

And then I was able to create "xyz" user.  Again I thought ftpuser meant that I had to substitute the name of the user.

Instead I needed to use the word "ftpuser"

 

All is working now.

 

Thank you for the plugin!

-Shawn

Link to comment

Glad you got it working. :) To clarify a bit more. The stock unraid ftpserver at the moment allows all unraid users including root ftp access to root directory. If you want to connect your unraid ftp to the internet, this is somewhat a security risk, as a potential attacker will obviously try names like root or admin first for dictionary or brute force attacks.

 

So my plugin does two things. It scans the unraid users and blocks them all from FTP access if they have not the keyword ftpuser in the description field. Second if there is a path given, it jails the users into this path. It is strongly advised to provide a path other than / as this prevents attackers from accessing critical files even if they crack a password of a FTP only user.

 

After creating a new user or adding keyword and path to a description field of an existing user the proftpd daemon needs to be restarted. Only then the new user will be registered.

 

The port is indeed 21. If you want to change that, it is set in /etc/proftpd.conf

 

It should not be necessary however, as you shouldn't connect to the internet with this port anyway. Instead you set your router to forward incoming ftp access from port xyz to port 21 on your unraid machine. So to the outerworld port xyz will be your ftp port. This protects you from stupid scripts that only scan for the standard ports. Obviously not all scripts are that dumb. :(

 

SlrG

 

 

Link to comment

With my supplied proftpd.conf it goes to the syslog. If you want to change that you can do by editing /etc/proftpd.conf in shell.

 

This is the section of the conf file:

# Control Logging - comment and uncomment as needed

# If logging Directory is world writeable the server won't start!

# If no SystemLog is defined proftpd will log to servers syslog.

#SystemLog              NONE         

#SystemLog              /boot/config/plugins/proftpd/slog

TransferLog            NONE

#TransferLog            /boot/config/plugins/proftpd/xferlog

WtmpLog                NONE

 

Uncomment the SystemLog line with path and supply a path where you want the logfile saved. Do the same with TransferLog. For WtmpLog you change the NONE to a path.

 

For more advanced logging features have a look here.

SlrG

Link to comment
  • 3 weeks later...
  • 2 weeks later...

I never tried myself. Support is compiled in, so theoretically it should work. AFAIK certificates will have to be created beforehand, which is not done automatically. Also there may be changes in the config needed, which have to be done by hand also. Please check the proftpd documentation and Google for further info.

 

I had gadmin-proftpd running on my system, which if I remember correctly was able to generate certificates and change the config. But you'll need a full slackware system with added unraid or have to install a big load of additional packages to stock unraid if you want to get this to work. For stock unraid you'll then need another linux system from which you tunnel into the x11 output of the unraid system to get the gui of gadmin-proftpd. Not an easy task and nothing that could be easily put into an plugin.

 

Sadly there are no powerful php based admin tools around either. They all have much less functionality and even worse, most of the tools besides gadmin are no longer actively maintained.

 

SlrG

Link to comment

I'm new to this command line stuff.  How do I got about restarting the daemon?  Also, if I don't restart the daemon and i try to ftp in using my newly created user it still works, but goes to the root directory.  From what I understand, this is the built in FTP server.  How do I disable that server?

 

Edit:  I wanted to also say that I don't have anything referring to proFTPd in the Settings tab.  Therefore I believe that the plugin is not running.  I'm running 5.0-rc5 if that helps.  Should I upgrade to the latest rc?

 

Thanks

Link to comment

Theoretically you should not need the command line. Normally you unzip the plugin and put the *.plg file into \\tower\flash\config\plugins. You then reboot your server and the plugin should install. During install it will disable the internal FTP.

 

As you still can access the internal one, the plugin did not install correctly. I did not test on RC5, so I can't say where the problem is. Please provide the syslog for further investigation.

 

After the plugin is successfully installed, you'll find an icon under Settings / Network Services. Once you click on this, you'll go to the plugin config page.

 

There you switch the Enable ProFTP Daemon Option to yes and click Apply. This will make sure the server is restarted when you reboot your machine. Afterwards you'll find a button to stop the ProFTP Daemon and to restart it. No need for the command line.

 

With installed Simplefeatures Webserver you'll be able to edit the config file without using the shell. For further instructions on how to setup your FTP users please see the README.txt.

 

SlrG

Link to comment
  • 3 weeks later...

Thank you so much for working on this, SlrG!

 

I was burglarized a few months ago and afterwards got a wired IP camera (specifically this one here http://www.dahuasecurity.com/products/ipc-hdw2100-195.html).  I set it up just assuming, for some reason, that I could set it up to record to my Unraid box (they both connect to the same switch).  I then discovered oops, ftp is apparently not a simple thing to get working - at least not for a Linux noob like me haha.

 

Hopefully one day in the next few months I'll be able to get my camera to record to Unraid somehow.  I'm hoping not to be burglarized again of course, but if it does happen again I'd love to be able to have a clue about when it was, what was taken, how many people there were, and maybe even how they got in or who they were. :(

 

I know some people have said they setup ftp on a computer and then copy the files from there to their Unraid box, but I'd really rather not have another device in the loop using power and being a possible source of failure.

 

Right now I'm running 4.7, but I have a couple 4TB drives pre-clearing on 5.0-rc12a via the preclear_disk.sh script and virtual terminals on the console.  I'm wary of migrating the array I care about to a beta but I'm considering it soon.  After all, this is only the 36th iteration of version 5 so how many bugs can be left?  Ok, maybe a lot - I don't know how these things work haha.

 

Thanks again anyways for your work on this.  Looking forward to seeing if I can use it to help set up an ftp destination for my ipcam!

Link to comment

@yaksaredabomb:

I'm very glad to hear you like my plugin. :) Don't hesitate to report any problems you encounter, as this will help me fix bugs lurking in the plugin or improve its usability.

 

Two things to consider though. First: Unraid 5 comes with a FTP server installed already. It will allow unraid users full FTP access to all unraid directories. Test it, if it's sufficient for you, you won't need my plugin. My plugin is for you, if you want to limit your FTP users in what they may access and what not. Or if you want lots of users stored in a sql database, additional security features or other stuff proftpd provides.

 

Second: I don't know if your security cameras will need the FTP protocol to save their data to your unraid. They might be able to write to a samba share directly. If so, you won't need my plugin either. :)

 

And there I go chasing one of the few users away who is interested and gave positive feedback.  ??? I'll have to put some restrictions on myself.  :-X  ;)

 

Link to comment
  • 1 month later...

thank you for the the plugin

 

but after rebooting i don't see ProFTPD under settings, and the built-in FTP server is still running

 

here is my sys log

 

please advice :(

 

Thank you.

 


installing plugin: proftpd
May 22 18:19:26 server logger:  file /tmp/plugin-prepare: successfully wrote INLINE file contents
May 22 18:19:26 server logger:   /bin/bash /tmp/plugin-prepare ... 
May 22 18:19:26 server logger: 
May 22 18:19:26 server logger: *************************************************************
May 22 18:19:26 server logger: * ProFTPD plugin installation started...
May 22 18:19:26 server logger: *************************************************************
May 22 18:19:26 server logger: 
May 22 18:19:26 server logger: success
May 22 18:19:26 server logger:  file /tmp/plugin-cleanup: successfully wrote INLINE file contents
May 22 18:19:26 server logger:   /bin/bash /tmp/plugin-cleanup ... success
May 22 18:19:26 server logger:  file /boot/config/plugins/proftpd/README: already exists
May 22 18:20:06 server logger:  file /boot/config/plugins/proftpd/device_status.png: downloading from -q --no-check-certificate https://github.com/SlrG/unRAIDplugins/raw/master/proftpd//device_status.png ... bad download, deleting
May 22 18:20:06 server emhttp: unRAID System Management Utility version 5.0-rc12a

 

in the boot/config/plugins folder, i have

proftpd.plg

/proftpd/README

 

i do not have other files

 

 

 

 

 

Link to comment

okay.

 

i downloaded the files manully from https://github.com/SlrG/unRAIDplugins/tree/master/proftpd

 

and past them in /boot/config/plugins/proftpd

 

and then i rebooted the server

 

now the built-in FTP server is stopped and i have the ProFTPD installed but also stopped.

 

when i try to start it, it doesnt start

 

in the Local Version it says

ProFTPD Package v/usr/local/sbin/proftpd: cannot execute

ProFTPD Plugin v/usr/local/sbin/proftpd: cannot execute

 

and in the online version it says the same

 

and also when i try to enable the ProFTP Daemon in the configuration it doesn't

 

here is my syslog

 

installing plugin: proftpd
May 22 21:07:17 server logger:  file /tmp/plugin-prepare: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   /bin/bash /tmp/plugin-prepare ... 
May 22 21:07:17 server logger: 
May 22 21:07:17 server logger: *************************************************************
May 22 21:07:17 server logger: * ProFTPD plugin installation started...
May 22 21:07:17 server logger: *************************************************************
May 22 21:07:17 server logger: 
May 22 21:07:17 server logger: success
May 22 21:07:17 server logger:  file /tmp/plugin-cleanup: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   /bin/bash /tmp/plugin-cleanup ... success
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/README: already exists
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/device_status.png: already exists
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/images/device_status.png: successfully copied LOCAL file
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/new_config.png: already exists
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/images/new_config.png: successfully copied LOCAL file
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/proftpd.conf: already exists
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/proftpd.png: already exists
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/proftpd/proftpd.png: successfully copied LOCAL file
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/proftpd/proftpd.page: successfully wrote INLINE file contents
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/proftpd.cfg: already exists
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/proftpd/proftpd.php: successfully wrote INLINE file contents
May 22 21:07:17 server logger:  file /boot/config/plugins/proftpd/proftpdce.zip: already exists
May 22 21:07:17 server logger:  file /etc/rc.d/rc.proftpd: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   successfully changed file mode
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/proftpd/event/disks_mounted: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   successfully changed file mode
May 22 21:07:17 server logger:  file /usr/local/emhttp/plugins/proftpd/event/unmounting_disks: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   successfully changed file mode
May 22 21:07:17 server logger:  file /var/log/plugins/proftpd: successfully wrote INLINE file contents
May 22 21:07:17 server logger:  file /tmp/proftpd-install: successfully wrote INLINE file contents
May 22 21:07:17 server logger:   /bin/bash /tmp/proftpd-install ... 
May 22 21:07:17 server logger: Looking for locally saved version of proftpdce...
May 22 21:07:17 server logger: Found up to date local versions of proftpdce...
May 22 21:07:57 server logger: Looking for locally saved version of proftpd packages...
May 22 21:07:57 server logger: Local package does not exist, downloading .tgz to /tmp
May 22 21:08:38 server logger: Local package does not exist, downloading -sql.tgz to /tmp
May 22 21:09:18 server logger: Deleting old builds from /boot/config/plugins/proftpd...
May 22 21:09:18 server logger: Moving downloaded versions from /tmp/ to /boot/config/plugins/proftpd/...
May 22 21:09:18 server logger: No SQL found. Installing proftpd without SQL support...
May 22 21:09:18 server logger: Cannot install /boot/config/plugins/proftpd/.tgz:  file not found
May 22 21:09:18 server logger: 
May 22 21:09:18 server logger: Disable builtin FTP-Server...
May 22 21:09:18 server logger: Restart inetd to apply change...
May 22 21:09:19 server logger: Starting Internet super-server daemon:  /usr/sbin/inetd
May 22 21:09:19 server logger: Remove example config file...
May 22 21:09:19 server logger: Symlink new config file...
May 22 21:09:19 server logger: 
May 22 21:09:19 server logger: *************************************************************
May 22 21:09:19 server logger: * ProFTPD plugin has been installed.
May 22 21:09:19 server logger: * Copyright 2013, SlrG
May 22 21:09:19 server logger: * Version: 0.5
May 22 21:09:19 server logger: *************************************************************
May 22 21:09:19 server logger: 
May 22 21:09:19 server logger: success
May 22 21:09:19 server logger:  plugin successfully installed

 

 

 

Link to comment

It seems the plugin has trouble do download files from my github account. Why this is, I have no idea at the moment.

 

It seems you have no mysql installed, so please download proftpd-1.3.5rc2.tgz package and put it in the plugin folder. Open a shell and change to this folder and manually do installplg proftpd-1.3.5.rc2.tgz.

 

Afterwards you should be able to start the server. If not, please post again. In the meantime I'll try to think of ways we could check whats wrong with the download connection.

 

Edit: I think I found the problem. Github changed something regarding their link structure, which breaks the plugin. I'll propably have to move the downloaded elements to dropbox or something.

Link to comment

unfortunately did not work with me :(

 

root@server:/boot/config/plugins/proftpd# installplg proftpd-1.3.5.rc2.tgz

installing plugin: proftpd-1.3.5.rc2.tgz

xml parse error

root@server:/boot/config/plugins/proftpd#

 

please you may try to use google drive to host your files

 

thank you.

Link to comment

I should not have read your log when it was late and I was tired yesterday.  :-[

 

I did a clean installation today and while this worked fine for me (so Github is not responsible), I noticed a bug, that is propably responsible that the plugin doesn't work for you. I updated the first post with a fixed version.

 

Please delete the proftpd folder and the proftpd.plg in /boot/config/plugins and restart your server to get a clean system. Then please unzip the redownloaded plugin to /boot/config/plugins and restart again.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.