Prototype Version
Last updated: August 15, 1998
There are quite a few things that would be nice to have supported in virtual servers. In the current baselined version, virtual servers are only partially supported. The current implementation of virtual servers only supports setting
- the root ftp directory,
- the log file and
- the banner.
All other directives in the ftpaccess file have to be shared globally across all virtual servers. A real limitation if you wanted to have different features supported by different servers...
An effort is underway to get a new method for totally supporting virtual domains into the baselined wu-ftpd sources. This is that effort's prototype code. This code replaces what I had done in the past to provide complete ftpaccess file directive support.The ftpaccess, ftpusers, ftpgroups, ftphosts and ftpconversions files can all be specified on a per-domain basis. What I have now is the ability to override the Master WU-FTPD config files with a local copy specific to that domain. If you do not wish to place a copy of one or all files listed above in the virtual host directory for that specific host then the master copy is used. This was amazingly simple. If you are interested in the "how did I do it" part, take a look at the code in NEWVIRT ifdefs.
I made the associated changes to ftpshut, ckconfig and my new ftprestart. The only programs in the wu-ftpd suite that do not have the new virtual access file support is ftpcount.
Supported on a virtual host basis: ---------------------------------- _PATH_FTPACCESS _PATH_FTPUSERS _PATH_PRIVATE _PATH_FTPHOSTS _PATH_CVT Set in a virtual site's ftpaccess file -------------------------------------- _PATH_XFERLOG Supported on a site-wide basis: ------------------------------- _PATH_FTPSERVERS _PATH_EXECPATH _PATH_PIDNAMES _PATH_UTMP _PATH_WTMP _PATH_LASTLOG _PATH_BSHELL _PATH_DEVNULLBesides allowing any virtual server to be able to individual configure the files mentioned, an additional benefit is that any future extensions Stan adds to the ftpaccess file will be automatically supported for virtual servers as well. Free.
All my changes were made to the latest beta-15.
These changes are being sent to Stan for inclusion in a upcoming version. He is aware of this effort.
August 15, 1998:Newvirt was upgraded to Beta 18. The newvirt features are the same as in previous versions. Hopefully this will be baselined at some point.
November 6, 1997:
This has been upgraded to Beta 15 and there have been some enhancements such as portability testing on BSDI 3.0, new manual page for ftprestart and ftpshut and additional work on ftpck. (ftpck is a separate configuration checker program. Due to the new virtual server support, a specialized ftpck is included.)
This version will continued to be supported until it can be merged into the baseline due to the number of sites that are currently using this in actual production.
July 21, 1997:
This is currently in a presubmission beta test. You are welcome to grab a copy and test it for yourself. When we feel it is ready, it will be submitted to be included in the baseline. Please let me know, you've grabbed a copy and want to be included in the "we" above.
It is presently being actively discussed on the [email protected] mailing list.
This is the third major version in prototying extended virtual hosting support. There will be no more major revisions. At this point I am only taking bug reports and portability changes. Once those are completed I will be sending the final changes to Stan for incorporation into the baseline.
If you have no interest in compiling the code to include NEWVIRT code, get the original beta version from Stan's site. This code is not for you.You can get the current version from ftp://ftp.landfield.com/wu-ftpd/newvirt/ or from this page.
- http://www.landfield.com/wu-ftpd/newvirt/newvirt-050.tar.gz - A complete patched version of the sources ready to compile (see pathnames.h note below).
In order to try out the new version of virtual hosting it is necessary to compile with the flag "-DVIRTUAL". The original virtual hosting code has been removed and is NOT THERE!As I am unaware of the types of platforms that you are using (the current development platform is Solaris 2.5.1 and BSDI) I cannot send straight patches to makefiles. Below is a description of what you need to do. Look in makefiles/Makefile.sol for my complete copy. (Please send me your changes and I will assure they make it into the copy I send to Stan.)
- Add rdservers.c and paths.c to SRCS.
- Add rdservers.o and paths.o to OBJS.
- Add ftprestart to "all:" dependency line.
all: ftpd ftpcount ftpshut ckconfig ftprestart
- Add rdservers.c to ckconfig: and ftpshut dependency line and rdservers.o to the compliation lines.
ckconfig: ckconfig.c rdservers.c ${CC} ${CFLAGS} -o $@ ckconfig.c rdservers.o ftpshut: ftpshut.c pathnames.h rdservers.c ${CC} ${CFLAGS} -o $@ ftpshut.c rdservers.o vers.o ${LIBES}
- Insert the ftprestart make instructions
ftprestart: ftprestart.c pathnames.h rdservers.c ${CC} ${CFLAGS} -o $@ ftprestart.c rdservers.o ${LIBES}
- Add the following line to the "clean:" directive.
rm -f ftprestart.o ftprestart ckconfig
- Check pathnames.h and modify accordingly.
As configured, this should put all the executables and config files in a /etc/ftpd directory hierarchy. This has worked well for me since I can switch back and forth at will by a single line change in my inetd.conf file. Check the supplied version of pathnames.h and modify as you see fit. Remember, this is still beta-beta.
Keep a stable copy handy in case we run into any unforeseen problems. (I'm the paranoid kind and it has served me well...;-) )
If you change the install paths, check and change the top level makefile as well.
- build system-type.
- make install.
At this point do a "make install" in the wu-ftpd toplevel source directory and things will be installed.
Background:
This version provides two different means for supporting virtual hosting. You can use the existing virtual support limited to root/banner/logfile or you can use complete virtual support by having a completely different ftpaccess file.In the current baselined version, virtual servers are only partially supported. The current implementation of virtual servers only supports setting
All other directives in the ftpaccess file have to be shared globally across all virtual servers. A real limitation if you wanted to have different features supported by different servers...
- the root ftp directory,
- the log file and
- the banner.
Now you can use the previous method or you can create a separate ftpaccess to provide support for all ftpaccess directives. The ftpaccess, ftpusers, ftpgroups, ftphosts and ftpconversions files can all be specified on a per-domain basis. You now have the ability to override the Master WU-FTPD config files with a local copy specific to that domain. If you do not wish to place a copy of one or all files listed above in the virtual host directory for that specific host then the master copy is used.
Setup Virtual domain configuration directories:
You will need to make sure the proper files/directories are in-place. Here is my structure. (As noted before, I put everything in a single directory structure for testing convenience. Actually I do that when I'm not testing as well... Just in a different place.)From my pathnames.h
/* ** Master Copies - Possibly overridden by VIRTUAL Hosting Configuation */ #define _PATH_FTPACCESS "/etc/ftpd/ftpaccess" #define _PATH_CVT "/etc/ftpd/ftpconversions" #define _PATH_FTPUSERS "/etc/ftpd/ftpusers" #define _PATH_PRIVATE "/etc/ftpd/ftpgroups" #define _PATH_FTPSERVERS "/etc/ftpd/ftpservers" #define _PATH_FTPHOSTS "/etc/ftpd/ftphosts" /* site-wide */ #define _PATH_PIDNAMES "/etc/ftpd/ftp.pids-%s" LS Listing: rkive-19:43-kent ls -lR /etc/ftpd /etc/ftpd: total 36 drwxrwsr-x 2 root sys 512 Jun 26 19:22 bin drwxrwsr-x 4 root sys 512 Jun 26 15:48 config -rw-r--r-- 1 root sys 4096 Jun 26 19:23 ftp.pids-local -rw-r--r-- 1 root sys 4096 Jun 26 19:33 ftp.pids-remote -rw------- 1 root sys 2046 Jun 26 14:55 ftpaccess -rw------- 1 root sys 873 Jun 26 14:55 ftpconversions -rw------- 1 root sys 37 Jun 26 14:55 ftpgroups -rw------- 1 root sys 277 Jun 26 14:55 ftphosts -rw------- 1 root sys 429 Jun 26 16:03 ftpservers -rw------- 1 root sys 151 Jun 26 14:55 ftpusers drwxrwsr-x 6 root sys 512 Jun 26 14:56 man /etc/ftpd/bin: total 1848 -rwxr-xr-x 1 bin bin 28312 Jun 26 19:22 ftpcount -rwxr-xr-x 1 bin bin 37512 Jun 26 19:22 ftprestart -rwxr-xr-x 1 bin bin 47264 Jun 26 19:22 ftpshut -rwxr-xr-x 1 bin bin 28312 Jun 26 19:22 ftpwho -rwxr-xr-x 1 bin bin 385568 Jun 26 19:22 in.ftpd /etc/ftpd/config: total 12 drwxrwsr-x 2 root sys 512 Jun 26 16:04 some.domain drwxrwsr-x 2 root sys 512 Jun 26 16:06 some.other.domain drwxrwsr-x 2 root sys 512 Jun 26 15:01 landfield.com /etc/ftpd/config/some.domain: total 6 -rw------- 1 root sys 1891 Jun 26 16:03 ftpaccess -rw------- 1 root sys 146 Jun 26 16:05 ftpusers /etc/ftpd/config/some.other.domain: total 6 -rw------- 1 root sys 1891 Jun 26 16:03 ftpaccess -rw------- 1 root sys 146 Jun 26 16:05 ftpusers /etc/ftpd/config/landfield.com: total 4 -rw------- 1 root sys 2046 Jun 26 15:01 ftpaccess /etc/ftpd/man: total 8 drwxrwsr-x 2 root sys 512 Jun 26 19:22 man1 drwxrwsr-x 2 root sys 512 Jun 26 19:22 man1m drwxrwsr-x 2 root sys 512 Jun 26 19:22 man5 drwxrwsr-x 2 root sys 512 Jun 26 14:56 man8 /etc/ftpd/man/man1: total 4 -r--r--r-- 1 bin bin 374 Jun 26 19:22 ftpcount.1 -r--r--r-- 1 bin bin 450 Jun 26 19:22 ftpwho.1 /etc/ftpd/man/man1m: total 28 -r--r--r-- 1 bin bin 2177 Jun 26 19:22 ftpshut.1m -r--r--r-- 1 bin bin 10813 Jun 26 19:22 in.ftpd.1m /etc/ftpd/man/man5: total 40 -r--r--r-- 1 bin bin 15341 Jun 26 19:22 ftpaccess.5 -r--r--r-- 1 bin bin 1004 Jun 26 19:22 ftpconversions.5 -r--r--r-- 1 bin bin 683 Jun 26 19:22 ftphosts.5 -r--r--r-- 1 bin bin 2531 Jun 26 19:22 xferlog.5Create an ftpservers file:
If you wish to take advanage of the extended virtual support it is necessary to create an ftpservers file. A real simple sample is shown below.
# # ftpservers file # # Format: # IP Address Path to directory holding configuration # or hostname files for this virtual domain # # ftpaccess file for the landfield.com domain # landfield.com /etc/ftpd/config/landfield.com # # ftpaccess file for the some.domain # some.domain /etc/ftpd/config/some.domain # # ftpaccess file for the some.other.domain # 208.196.145.140 /etc/ftpd/some.other.domain #Make sure to create the directories you have listed. ;-)
Virtual ftpaccess files:
For each virtual domain that you want to support, you have the option to create a ftpaccess file specific for that domain. This will override completely what you have in the Master ftpaccess file. This file must contain all directives as the merge code is not there yet. If you do not create an ftpaccess file for a specific domain, the domain will use the Master ftpaccess file settings. (Merge is coming...)The only additions to the ftpaccess file that you need to make over a non-virtual version is the "root" and "logfile" directives. These act to assure the proper ftpd root directory is used for each of the supported virtual domains. The logfile directive is used to specify where you want the transfer logs recorded for that specific virtual domain. A sample is specfied below.
root /ftp logfile /var/log/xferlogMaster ftpaccess file Modifications:
If you do not want to setup a completely different ftpaccess file for a virtual domain, you can specify three separate things for the virtual server you want to setup in the master ftpaccess file.The format of a virtual server entry is
- root - This it the path to the ftp directory that you previously setup for this virtual server.
- banner - This it the path to banner you wish displayed when a user connects to the virtual server.
- logfile - This is the path to the logfile that is setup specifically for this virtual server.
virtual <address> <root | banner | logfile> <path>
<address> is the IP address of the virtual server. The second argument specifies the <path> is either the path to the root of the filesystem for this virtual server, the banner presented to the user when connecting to this virtual server, or the logfile where transfers are recorded for this virtual server. If the logfile is not specified the default logfile will be used.
For example, add lines similar to the following for each virtual server you are trying to set up.
# Virtual Server at 10.10.10.10 virtual 10.10.10.10 root /var/ftp/virtual/ftp-serv virtual 10.10.10.10 banner /var/ftp/virtual/ftp-serv/banner.msg virtual 10.10.10.10 logfile /var/log/ftp/virtual/ftp-serv/xferlogDone this way, all other message files and permissions as well as any other settings in the Master ftpaccess file apply to all listed virtual servers.Adding other virtual domain files
With this release you have the ability to create other configuration files on a per-virtual-domain basis. Currently, the files you put into the virtual domain directory you have listed in the ftpservers file MUST be named:ftpaccess - virtual domain's access file ftpusers - restrict the accounts that can use the web server, ftpgroups - SITE GROUP and SITE GPASS support, ftphosts - allow or deny usernames access to that virtual server, ftpconversions - customize conversions available in the virtual domain.NOTE!!!: If you misspell any of them or name them something else, the server WILL NOT find them.
Again, a better test strategy is to create an entire runtime directory dedicated to wu-ftpd such as /usr/local/wu-ftpd-test/ or /etc/ftpd/ and make sure all the files and executables go there. In that manner you will be able to do a hot swap if you ever want to/need to.
As Larry Wall used to say:IMPORTANT! Help save the world! Communicate any problems and suggested patches to me, [email protected], so we can keep the world in sync. If you have a problem, there's someone else out there who either has had or will have the same problem.
THANKS!
See the README for additional information.