ProFTPD Plugin for unRAID v6.8.x


SlrG

Recommended Posts

I just came across this after setting up a Ubuntu 18.04 VM for the sole purpose of being a FTP server (proftpd). I mounted my FTP root from the unraid array into the VM via fstab. I believe I have it working like I want it (I have 3 separate FTP users that each have a dedicated FTP root folder). The main thing is running into permissions and having the SMB side being able to interact with the FTP files that are being uploaded. It's working, but still need to investigate if I have the permissions in most efficient way.

 

Anyway, I just wanted to know if this is pretty much the same thing except it runs directly from the Unraid linux environment? Would there be any pros or cons to using this over the VM I setup? Unraid is only 6 days old to me so I am still learning the system and just came across this.  

 

Thanks!

 

 

Link to comment

I tried the sftp instructions provided and I think they were very easy to follow and written well, however, i use flashfxp and the rsa key made by unraid gives an error saying 'incorrect algorithm" or something similar when trying to import the key into flashfxp.

I was hoping to find a way to correct this.

Thanks in advance for any ideas or suggestions.

Sent from my SM-G950U using Tapatalk

Link to comment
On 1/14/2020 at 10:32 AM, SlrG said:

@fatmaddin2000

Sorry for the late reply. Notifications did not work.

 

It seems the naming of the file /etc/ssl/openssl.cfg has changed back to the default /etc/ssl/openssl.cnf.

So the command is now:


openssl req -new -x509 -config /etc/ssl/openssl.cnf -days 3650 -nodes -out /boot/config/plugins/proftpd/ssl/ftp.cert.pem -keyout /boot/config/plugins/proftpd/ssl/ftp.key.pem

 

@SlrG

Thanks! I have updated the original post back to the .cnf file.

Edited by Necrotic
Link to comment
  • 1 month later...

For anyone looking to get this working with unRAID 6.8.x it is actually fairly simple.

 

First I would like to talk about why this plugin no longer works with 6.8.x as it is currently implemented.

Due to the tightening of security in 6.8.x we are no longer able to execute from the flash drive.

mountscript.sh no longer is executing and as such the FTP will not have the folder structure require to allow logins and this can be seen in the system log. So we are left with a few options to fix this mountscript not executing.
We can manually create the file structure required as defined in the mountscript. However this does not survive a reboot, so other than testing, its not a viable option.  The go file, you might be able to use it, but that is not the intention of the go file. You may cause further issues so best to leave that alone.  crontab could work, with limitations. You need to implement crontab in a hacky way in order for your scripts to survive a reboot.

 

The easy fix for 6.8.x is to use "CA User Scripts"

 

Install this plugin

add new script

edit script

copy the mountscript.sh into your new script. (#comments can be copied without issues)

set to run at "At first array start only"

apply

 

either run the script now and your FTP will now work or reboot and test it.

 

That's it, ProFTPD now works in 6.8.x

 

 

 

 

Link to comment
2 hours ago, Cessquill said:

Your setup must be different to mine, since I've not had any problems.

This is the error I get without the script I posted.

 


Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - notice: unable to use DefaultRoot '~/' [resolved to '/tmp/FTP/']: No such file or directory
Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - chroot to '~/' failed for user 'JaY_III': No such file or directory
Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - error: unable to set DefaultRoot directory

 

 

Link to comment
32 minutes ago, JaY_III said:

This is the error I get without the script I posted.

 

 


Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - notice: unable to use DefaultRoot '~/' [resolved to '/tmp/FTP/']: No such file or directory
Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - chroot to '~/' failed for user 'JaY_III': No such file or directory
Mar 10 08:05:35 unRAID proftpd[9325]: 127.0.0.1 (192.168.1.1[192.168.1.1]) - error: unable to set DefaultRoot directory

Fair enough - I suspect a second user I have might suffer the same issue.  Been a while since I set it up, and don't use the other user ATM.

 

 

 

Link to comment

@JaY_III

Thank you for posting an interim solution and notifying me of the problem and the underlying cause as well. 👍

 

As I use no mount/unmount scripts myself, I would not have noticed the problem otherwise. 😳

 

I released a new version of the plugin, that should fix the problem without having to depend on the user scripts plugin. Please test the new version and report any problems.

  • Thanks 1
Link to comment
  • 5 weeks later...

AFAIK there is no good web based control center for ProFTPd that does what you want. If you know one, please let me know.
That would be the only way that could make it work in conjunction with this plugin.

 

Using one of the graphical ones, would  require a large number of packages, that are not supplied by a stock unRAID.

As this is a plugin and directly integrated, each new package increases the risk of breaking something in the unRAID base functionality or adding unwanted vulnerabilities.  So this is no solution I would be willing to implement.

 

In your case I would recommend setting up a VM where you can install whatever you want, without the risk of damaging the base system. Or maybe there are docker containers, with your needed functionality. The CrushFTP one available under Apps looks promising - I did not test it though.

Link to comment
  • 4 weeks later...

Hi i wanna set up proftp with two virtual users. how exaclty can i add it? Normal tutorials dosnt work for me. I use the mod_auth_file methode. In the next step i want to share more than only one folder to that ftp-user. How can i do that?

Link to comment

@Gee1

Well, its maybe not straightforward, but possible. Following the info given here one needs to use the tool ftpasswd to generate the AuthUserFile.

 

This tool is located in /usr/local/SlrG-Common/usr/local/bin, so you need to cd into that path and run it. As it is a perl script, it will fail if you have no perl installed (default unRAID). To get it you will need to install the nerdpack plugin using APPS (Community Applications). After it is installed, go to its settings, search and enable the perl package.

 

Afterwards ftpasswd will run.  The usage is described here. This command will create a ftpd.passwd file.

ftpasswd --passwd --name vu1 --home /mnt/cache/FTP/vu1 --shell /bin/false --uid 1005

vu1 is the placeholder username I choose and I used it to define the home directory of that user, too. Setting the shell to /bin/false should prevent this user from logging in using the shell and for the uid make sure this is not already existing and used on your system. I omitted defining a group id gid, so it will be set to be the same as the uid. Create the second user using the same command, too, but change those placeholders and uid.

 

Now you move the ftpd.passwd file to the folder /boot/config/plugins/ProFTPd on the flash, so it will survive reboots of the system and add the following line to the /etc/proftpd.conf file.

AuthUserFile /boot/config/plugins/ProFTPd/ftpd.passwd

Afterwards you will have to restart the ProFTPd service in the plugins settings, to enable the change. Now your new user(s) should be able to ftp into their home directory. To mount content (one or more folders from other locations) to the homedirs use the the mountscript.sh and unmountscript.sh in /boot/config/plugins/ProFTPd/.  Example commands how to use them are given in the comment headers of those files.

  • Thanks 1
Link to comment
5 hours ago, Gee1 said:

question to mountscript: should i user user0 or user? Whats the difference

user includes files/folders for a User Share that is on the array drives or the cache whereas user0 only includes files/folders for a User Share that are on the main array drives (omitting any that are on the cache).

 

Limetech have announced that user0 is deprecated and may be removed in a future Unraid release.

Link to comment

@Gee1

If you enable the TransferLog in the /etc/proftpd.conf you should get a log file, which user logs in when and what and how much is transferred. In theory, I never did this myself, you can load that into Webalizer and get an aggregated report. Also there are the commands ftpcount, ftpwho, ftptop in /usr/local/SlrG-Common/usr/local/bin, though they give only realtime information and the ftptop command is broken, as I seem to have not included the ncurses development libraries when compiling ProFTPd for unRAID.

I'm getting the feeling ProFTPd is not the right tool to suit your needs. While it is quite powerful it is also not very user friendly and hard to manage. I developed the plugin,  when no other solution was available and integrated it into unRAIDs user management. I had and have not much need for "fancy" stuff like different access rights, many users, encryption and statistics. I understand it perfectly however, if one wants more. Maybe the CrushFTP9 docker from Community Applications would be better?

Link to comment

@Gee1

I'm sorry, I didn't know it was not free. 😱 I found it in the list of other FTP clients and saw a screenshot, of its statistics page and gui, which looked rather nice, so I thought it could be better. I'll try to release a new version which will hopefully fix ftptop. I'm curious how its output will look like, it will take me some days however.

Link to comment

i mountet the subfolders from user folder to the home dir on /mnt/cache/   ... is this a problem for the mover? Or does the mover know that these are just links ?

 

I have a very big problem with mount points and the mover.

 

i binded some folders from /mnt/users/Movies to  /mnt/cache/FTP/Movies

and now the mover moves all files from /mnt/cache/FTP/Movies to /mnt/user/movies which is impossible, it corruptet my files

 

how is it possible to tell the mover it should ignore mountpoints / symlinks ??

 

ok now i set the FTP share to cache only hopefulyl that works

Edited by Gee1
Link to comment

@Gee1

Setting to cache only should be the solution. I have it setup this way myself. I just got the time to go online and post, sadly it already created trouble. But I'm glad you found the solution yourself. I hope you can successfully restore the corrupted data.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.