23
So there were two bugs in the installer which led to an unsuccessful install. These bugs have been fixed. Thanks to Oleksii Druzhchenko for finding them.
These showstoppers lead to an immediate update to the RC, a second RC, which can be found here
- Dennis
Posted by: DP | Add comment
22
As promised, the RC1 of ProFTPd Administrator has been released totday. You can download the RC here. I would be glad for any testing and reports from you. If you find any bugs, have suggestions for possible enhancement etc. please use the ticket system.
Changes since 1.4.0 Beta
New Features:
- A installer and upgrade script for the basic setup of ProFTPd Administrator has been added under msic/
- Email notification for the new user when the account is created
- Added localization support for the userinterface
- Added support to run ProFTPd Administrator using safemode. Of course, this disables some features.
Fixed Bugs:
Changes since version 1.3.0
New features:
- A installer and upgrade script for the basic setup of ProFTPd Administrator has been added under msic/
- Email notification for the new user when the account is created
- Added localization support for the userinterface
- Added support to run ProFTPd Administrator using safemode. Of course, this disables some features.
Improvements:
- Added support for php 5.3
- Spanish language file. Thanks to Guillermo Marco
- Removed all shorttags so that the webserver doesn't need to be configured to support shorttags
- Renamed directory structure admin to admininterface and userView to userinterface
- When a user logs into the userinteface for the first time, he is forced to change his password. Either the user can set his own password or one is chosen for him by GWP depending on the admins choice.
- A user can change his password anytime per userinterface
- changed all newlines from CR LF to LF to be unix complaint
Fixed Bugs:
- Fixed minor bugs
- Fixed db_structure.sql to meet a standard setup
- Fixed some Bugs in the status section
Bye,
Dennis
Posted by: DP | Add comment
14
Hi all dear followers of ProFTPd Administrator,
it has been a while since the first Beta of ProFTPd Administrator 1.4.0 has been released. The release was still buggy and had some not so minor glichtes. Furthermore, I didn?t had as much time to work on the project as I liked. But the development has picked up some momentum again and I finished the installer and upgrade script, fixed a bug in the userinterface and did some minor clean ups. The only two task which are open for the relase of 1.4.0 are:
- Support for safe_mode: Which is being worked on
- E-Mail notification: Is being implemented at the moment.
Therefore, I am confident to say that an RC will be published in the next 7 to 14 days!
Bye,
Dennis
Posted by: DP | Add comment
28
Today I wan to explain what my plan is regarding the development of ProFTPd Administrator. First of all, I need to tell you that the development of ProFTPd Administrator 1.4 is a little bit of slow cause I am currently moving and will start a new job in a couple of weeks. But I've used this time to plan the release of version 1.4 and what the plan is after version 1.4. So let's start with 1.4. A beta version has been released before Christmas but I want to add some more features, before releasing it. These features and improvements are:
- [Feature] A web install script so that the installation process of ProFTPd Administrator isn't a PIA anymore. Basically, as with many other web apps, you will only need to upload the scripts and then execute them from a web browser. These scripts will guide you through the installation.
- [Improvement] I want to add support to run ProFTPd Administrator when openbase_dir and safe_mode are in effect. With the current Version, you see a lot of warnings.
- [Fix]: The Status Menu, regarding the OS information, needs some rewriting.
This is it. As soon as this is done, I'll release an RC. The biggest part is writing the installer, the rest is a piece of cake.
So where is ProFTPd Administrator going after version 1.4 is going to be released? To tell you the truth, the main part of the source code was written 5 years ago, in a time where ORM and web frameworks were not all that popular. The current version does not use one of these techniques. Therefore, I don't think that putting a lot more development time into the current basis will lead anywhere. So I'll start a complete rewrite of (Pro)FTPd Administrator after version 1.4. The rewrite will focus mainly on two aspects. First of all, I'll use a web framework (supporting MVC pattern) and possibly some kind of ORM (object-relational mapping) to have a modular basis which allows fast and easy integrator of new features. The second aspect is to not only support ProFTPd, but more ftp servers which support storing the user-accounts in a database. That's why the "Pro" part of the name is set in brackets. It'll be called FTPd Administrator 2 from that point on. Parallel to developing version 1.4 I already evaluate web frameworks and ORM libs and designing the new concept.
FTPd Administrator 2 will take some time. After the design / concept is finalized I will implement all features of version 1.4 and after that is done, I'll add support for pure-ftpd (etc.). As soon as this is done, the first stable release of FTPd Administrator 2 will hit the download page. But it will take some time.
All the users of version 1.* don't need to worry, I'll add an easy way to upgrade to V 2.
Bye,
Dennis
Posted by: DP | Add comment
26
The zip file uploaded on the proftpd administrator project page for the 1.4.0 beta release was corrupt, it couldn't be unzipped. I just uploaded a new archive which works. This error was caused by indefero because the export function of indefero produces corrupt zip files (on my server). I'll look into this problem during the next couple of days.
Bye
Dennis
23
Hi,
during December I’ve added some new features to proftpd administrator. This will result in a new version (1.4.0) of proftpd administrator. The new features are:
- A admin can specify on a per user basis if a user can set his own password or a pasword is automatically chosen for him.
- Reworked the userView part:
- When a user logs into the userView for the first time, he is forced to change his password. Either the user can set his own password or one is chosen for him by GWP depending on the admins choice.
- A user can change his password anytime per userView
- Added support for php 5.3
- Removed all (or at least most) short tags so that apache parses all php files without any additional configuration
Additional changes:
- Fixed some minor bugs
- Fixed db_structure.sql to meet a standard setup
- Changed CR LF to LF in all .php and .pl files
- Added mysql update script for proftpd_admin 1.4.0
I would like to encourage anyone to test this Beta. But DO NOT use it in a production system. Wait for a stable release! If you find any bug, please report them using the issue system. All the needed documentation for install / Updating and bug reporting can be found here. You can download the beta here.
Dennis
05
Hello everyone,
today I've finished the installation of indefero, a project management system, which I'll use for the further development of ProFTPd Administrator and all my other projects. Currently, Version 1.3.0 has been added to the git repository. You can take a look a the project and the source code here.
If you've got any suggests for ProFTPd Administrator or you've found any bugs, please use the issue system so that I can easily track and reply to them instead of using this blog's comment system. I hope that the development will gain some moment ;)
Bye, Dennis
Posted by: DP | Add comment
02
This article is outdated, please go to the new home of proftpd administrator.
Hello,
during the last couple of weeks I spent some of my time to enhance proftpd Administrator. This is a web frontend to manage ftp accounts and the proftpd server. The project’s last release dates back to 2006, but the latest Version (1.2) has a lot of nice features. Therefore, I fixed some bugs and added a lot of new features to it and removed some others. If you find any bugs or need help, just contact me via info(q)batland(d)de where (q) stands for @ and (d) for a dot. So far, this is the only documentation. But, I’ll add some more during the next couple of weeks if needed.
This Version has been tested with FreeBSD 7.3, Ubuntu 10.04 and SLES 10.0, but it should work on any other *nix and Windows, too, as long as mysql, proftpd, php and apache can be installed.
You’ll find all the needed information in the following paragraphs. The changelog is incomplete. I’ve applied many minor changes so that I just wrote down the important changes.
New Features:
- Added a login system to the web frontend. After 10 login failures the account is automatically disabled and can be reactivated by a script.
- Management of administrators via scripts
- Password generator which is deriviate from the GWP
- Overview of the current active Bans
- support to run script when a group is added or deleted
- A separate interface for users so that they can see their quota stats without having any permissions.
- Activation and deactivation all users of a group
- German translation
- Import of users via a CSV file
- Improvement to the web GUI
Removed Features:
- A user only belongs to one group, no secondary groups exists anymore
- Support for postgres_sql (which can be added without a problem)
- Configuration of the proftpd administrator via the webinterface because of security reasons
Bug Fixes:
- Fixes system problems with the parsing of command outputs to generate the system status
- Fixes some security holes such as mysql injection
- Removed the usage of $_SERVER[’PHP_SELF’]
- Added some protection against SQL injection
- Removed warnings and minor errors
Download
You can download the ProFTPd Administrator here.
Install Instructions:
- Setup Apache including mod_php
- Setup a MySQL Server
- You need to edit misc/database_structure_mysql/db_structure.sql. In line 89 to 94 replace each test at the end of the line by a password for the mysql database for proftpd administrator. In line 97 replace the test123 with a different password. The second account is used by the web interface for regular ftp-uses to display their quotas. This user has only read rights on some tables.
- Copy the following directories to apaches data directory: admin and userView
- Copy the configuration.xml to a directory accessible by the web server, but not accessible via the web server so that no user can download the file.
- Now edit the configuration.xml: You need to change the password in line 10 to the first password you set in the db_struture.sql file and maybe you need to change the IP of the mysql server if it is not running on localhost. Additionally check the lines 52 - 70 regarding the correct paths to the command.
- You need to set the Path to the admin directory in the admin/include_rootpath.php (2. line) and in the 3. line the path to the configuration file.
- Open the userView/index.php and change line 12 - 13 so that the correct password is set (this is the second password you choose in the db_structure.sql) and your database host.
- Before we can setup an administrator account the following Perl modules need to be installed: Term::ReadKey, XML::Simple, DBD::mysql. I suggest to use your OS package manager to install these, because if you have no experiences with cpan, it can be tough.
- Now you need to edit scripts/rootpath.pl. Set the correct path to you configuration in the 1. line including its name.
- The last step is to configure your proftpd. You find an example configuration in misc/proftpd. this includes three files: proftpd.conf, include_mysql.conf and modules.conf. In the proftpd.conf you need to set your IP address and port. Additionally, you can activate TLS or configure additional modules. In the include_mysql.conf you need to set the credentials. This is done in line 13, change test to your password you choose in db_structure.sql. Now start the proftpd server. Depending on your proftpd installation you need to edit the modules.conf file to deactivate not installed modules or to adjust the ModulePath.
- You can change the language of the userView frontend by editing the index file and including a different language file.
Upgrading Instructions:
- Change the two Password set in /misc/database_structure_mysql/upgrade_to_1.3.sql in line 11 and line 13.
- Execute the SQL Script.
- You can delete all files of the previous version.
- Copy the following directories to apaches data directory: admin and userView
- Copy the configuration.xml to a directory accessible by the web server, but not accessible via the web server so that no user can download the file.
- Now edit the configuration.xml: You need to change the password in line 10 to the first password you set in the db_struture.sql file. Additionally check the lines 52 - 70 regarding the correct paths to the command.
- You need to set the Path to the admin directory in the admin/include_rootpath.php (2. line) and in the 3. line the path to the configuration file.
- Open the userView/index.php and change line 12 - 13 so that the correct password is set
General Instructions:
Management of administrators via scripts:
| createAdmin.pl | A "createuser" unix like script. It takes no argument. All needed information will re requested interactively by the script. |
| enableAdmin.pl | First argument is the name of the administrator which shall be activated because the account is deactivated after 10 failed login attempts. |
| deleteAdmin.pl | Deletes a administrator. The scripts takes no argument. All needed information will re requested interactively by the script. |
| upDateAdminPwd.pl | Changes the password of an administrator. The scripts takes no argument. All needed information will re requested interactively by the script. |
Instructions for use import:
The cvs file needs to have the following format regarding the columns:
- Username
- Password
- Groupename
- Is deactivated (=1) or is active (=0)
- Expiration date. Set to 0 if the account does not expire. Otherwise use the following format: YYYY-MM-DD HH:MM:SS
- Real name of the user
- Address
- Notes
Note: The groups of the users need to exist otherwise the import will fail.
A few Screenshots:
(After successful login)
(create user)
(overview of all groups)
(report when the user is created)
(the overview about the used quota for a standard ftp user)
Bye, Dennis
Posted by: DP | 13 Comments
30
Hi,
I just added a patch for proftpd to extend the functionality of the CreateHome directive. My problem was that the home directory should not be created with the owner being the ftp user, because this can lead to several problems in some deployment scenarios. Basically it boils down to this: Several
users share the same home directory and they shall be able to read each
others files, but a user shall only be able able to delete it's own
files. Currently the owner of the directory can delete all files, even though the sticky bit is set, because the
user who first logs on will own the directory and, therefore, be able to
delete all files, regarding of the files' permissions.
Therefore, I needed a way to automatically create the home directory while being able to specify the owner.
So I added a new option to the CreateHome directive. The option is called homeuid and can be used as follows:
- /ftp/foobar being owned by UID 150 and GID being the new user's group.
- /ftp/foobar/new is owned by UID 10000 and GID of the new user's group.
The patch for mod_auth.c and mkhome.c can be found here. I'll submit this to the official proftpd project during the next couple of days. I'll inform you if the patch is accepted or not.
Bye,
Dennis