====== Usare pureftpd con autenticazione su MySQL ======

Lo scenario ovvero: il disastro


Il problema si è verificato una sera di circa un anno fa. Improvvisamente il server FTP (proftpd) [[papers:proftpd.mysql|configurato come descritto]] qui si è "spento" e non siamo riusciti a capirne il motivo.\\
Trattandosi di una macchina di produzione con un discreto numero di virtual domains a bordo, oltre a cercare di capire il problema originario, abbiamo iniziato a cercare un'alternativa "veloce".

In breve tempo abbiamo individuato in Pure-FTPd un possibile sostituto.\\
Abbiamo provveduto ad installarlo dai ports (/usr/ports/ftp/pure-ftpd) attivando l'opzione MySQL e adattando il file di configurazione /usr/local/etc/pureftpd-mysql.conf alla struttura del database precedentemente utilizzata dal proftpd.

<code>
##############################################
#                                            #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations.         #
#                                            #
##############################################
# Optional : MySQL server name or IP. Don't define this for unix sockets.
# MYSQLServer     127.0.0.1

# Optional : MySQL port. Don't define this if a local unix socket is used.
# MYSQLPort       3306

# Optional : define the location of mysql.sock if the server runs on this host.
MYSQLSocket     /tmp/mysql.sock

# Mandatory : user to bind the server as.
MYSQLUser       xxxLOGINxxx

# Mandatory : user password. You must have a password.
MYSQLPassword   xxxDB_PASSWORDxxx

# Mandatory : database to open.
# Qui il nome del database è quello usato per il proftpd
MYSQLDatabase   proftpd

# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "md5" *and* "password"
MYSQLCrypt      cleartext

# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.
# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.

# Query to execute in order to fetch the password
MYSQLGetPW      SELECT password FROM ftpusers WHERE (username="\L" and LoginAllowed='Y')

# Query to execute in order to fetch the system user name or uid
#MYSQLGetUID     SELECT Uid FROM users WHERE User="\L"

# Optional : default UID - if set this overrides MYSQLGetUID
MYSQLDefaultUID 1000

# Query to execute in order to fetch the system user group or gid
#MYSQLGetGID     SELECT Gid FROM users WHERE User="\L"

# Optional : default GID - if set this overrides MYSQLGetGID
MYSQLDefaultGID 1000

# Query to execute in order to fetch the home directory
MYSQLGetDir     SELECT homedir FROM ftpusers WHERE (username="\L" and loginallowed='Y')

# Optional : query to get the maximal number of files 
# Pure-FTPd must have been compiled with virtual quotas support.
# MySQLGetQTAFS  SELECT QuotaFiles FROM users WHERE User="\L"

# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.
# MySQLGetQTASZ  SELECT QuotaSize FROM users WHERE User="\L"

# Optional : ratios. The server has to be compiled with ratio support.
# MySQLGetRatioUL SELECT ULRatio FROM users WHERE User="\L"
# MySQLGetRatioDL SELECT DLRatio FROM users WHERE User="\L"

# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .
# MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L"
# MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L"

# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.
# MySQLForceTildeExpansion 1

# If you upgraded your tables to transactionnal tables (Gemini,
# BerkeleyDB, Innobase...), you can enable SQL transactions to
# avoid races. Leave this commented if you are using the
# traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.
# MySQLTransactions On
</code>


La scelta si è dimostrata vincente è siamo riusciti a far ripartire il server nel giro di un paio d'ore.
----
**Links**\\
[[proftpd.mysql.conf|Il file di configurazione usato per il proftpd (proftpd-mysql.conf)]]\\
[[papers:proftpd.mysql|Configurare proftpd con MySQL]]\\
[[http://www.pureftpd.org|pure-FTPd Homepage]]\\
[[http://www.pureftpd.org/README.MySQL|pure-FTPd - MySQL docs]]\\