From a8fc961f22b40950975ca84e9acdb2ff691779af Mon Sep 17 00:00:00 2001 From: Antoine Ginies Date: Tue, 13 Jan 2004 14:48:05 +0000 Subject: new default configuration file, and add new options in wizard --- ftp_wizard/Proftpd.pm | 159 +++++++++++++++++++++++--------- ftp_wizard/scripts/proftpd.conf.default | 106 +++++++++++++++------ 2 files changed, 197 insertions(+), 68 deletions(-) (limited to 'ftp_wizard') diff --git a/ftp_wizard/Proftpd.pm b/ftp_wizard/Proftpd.pm index 62e212cd..ad42e864 100755 --- a/ftp_wizard/Proftpd.pm +++ b/ftp_wizard/Proftpd.pm @@ -5,6 +5,7 @@ # Copyright (C) 2003 Mandrakesoft # # Author: Florent Villard +# aginies # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -29,36 +30,58 @@ require MDK::Wizard::Wizcommon; my $wiz = new MDK::Wizard::Wizcommon; -my $o = { - name => N("FTP wizard"), - var => { - wiz_ftp_external => '', - wiz_ftp_anon => '', - wiz_ftp_home => '' - }, - needed_rpm => [ 'proftpd', 'proftpd-anonymous' ], - defaultimage => "$ENV{__WIZ_HOME__}ftp_wizard/images/FTP.png" - }; +my $o = { + name => N("FTP wizard"), + var => { + wiz_ftp_external => '', +# wiz_ftp_anon => '', +# wiz_ftp_home => '', + wiz_root_login => '', + wiz_server_admin => '', + wiz_default_root => '', + wiz_ftp_resume => '', + wiz_ftp_fxp => '', + }, + needed_rpm => [ 'proftpd', 'proftpd-anonymous' ], + defaultimage => "$ENV{__WIZ_HOME__}ftp_wizard/images/FTP.png" + }; $o->{pages} = { - welcome => { - name => N("FTP Server Configuration Wizard") . "\n\n" . N("This wizard will help you configuring the FTP Server for your network."), - no_back => 1, - post => \&check, - next => 'config' - }, - config => { - name => N("FTP Server") . "\n\n" . N("Your server can act as an FTP Server toward your internal network (intranet) and as an FTP Server for the Internet.") . "\n\n" . N("Select the kind of FTP service you want to activate:") . "\n\n" . N("Don't check any box if you don't want to activate your FTP Server."), - pre => sub { - $o->{var}{wiz_ftp_internal} ||= 1; - $o->{var}{wiz_ftp_external} ||= 0; - }, - data => [ - { text => N("Enable the FTP Server for the Intranet"), type => 'bool', val => \$o->{var}{wiz_ftp_internal} }, - { text => N("Enable the FTP Server for the Internet"), type => 'bool', val => \$o->{var}{wiz_ftp_external} }, - ], - next => 'summary' + welcome => { + name => N("FTP Server Configuration Wizard") . "\n\n" . N("This wizard will help you configuring the FTP Server for your network."), + no_back => 1, + post => \&check, + next => 'config' + }, + config => { + name => N("FTP Server") . "\n\n" . N("Your server can act as an FTP Server toward your internal network (intranet) and as an FTP Server for the Internet.") . "\n\n" . N("Select the kind of FTP service you want to activate:") . "\n\n" . N("Don't check any box if you don't want to activate your FTP Server."), + pre => sub { + $o->{var}{wiz_ftp_internal} ||= 1; + $o->{var}{wiz_ftp_external} ||= 0; + }, + data => [ + { label => N("Enable the FTP Server for the Intranet"), type => 'bool', val => \$o->{var}{wiz_ftp_internal} }, + { label => N("Enable the FTP Server for the Internet"), type => 'bool', val => \$o->{var}{wiz_ftp_external} }, + ], + next => 'options' }, + options => { + name => N("Ftp Proftpd server options") . "\n\n" . N("Permit root login: allow root to log on ftp server.") . "\n" . N("Admin Email: email address of FTP maintainer.") . "\n" . N("Chroot Home user: Block user in their home directory.") . "\n\n" . N("allow FTP resume: allow resume upload or download on ftp server.") . "\n" . N("Allow FXP: allow file transfert via other ftp."), + pre => sub { + $o->{var}{wiz_root_login} ||= 0; + $o->{var}{wiz_default_root} ||= 1; + $o->{var}{wiz_ftp_resume} ||= 1; + $o->{var}{wiz_ftp_fxp} ||= 0; + }, + data => [ + { label => N("Admin email"), val => \$o->{var}{wiz_server_admin} }, + { label => N("Permit root Login"), type => 'bool', val => \$o->{var}{wiz_root_login} }, + { label => N("Chroot Home user"), type => 'bool', val => \$o->{var}{wiz_default_root} }, + { label => N("Allow FTP resume"), type => 'bool', val => \$o->{var}{wiz_ftp_resume} }, + { label => N("Allow FXP"), type => 'bool', val => \$o->{var}{wiz_ftp_fxp} }, + ], + next => 'summary', + }, warning_dhcp => { name => N("Warning.") . "\n\n" . N("Warning\nYou are in dhcp, server may not work with your configuration."), ignore => 1, @@ -69,23 +92,33 @@ $o->{pages} = { ignore => 1, next => 'config' }, - summary => { - name => N("Configuring the FTP Server") . "\n\n" . N("The wizard collected the following parameters + summary => { + name => N("Configuring the FTP Server") . "\n\n" . N("The wizard collected the following parameters needed to configure your FTP Server") . "\n\n" . N("To accept these values, and configure your server, click the Next button or use the Back button to correct them"), - pre => sub { - $o->{var}{internal} = $o->{var}{wiz_ftp_internal} ? N("enabled") : N("disabled"); - $o->{var}{external} = $o->{var}{wiz_ftp_external} ? N("enabled") : N("disabled") - }, - data => [ - { label => N("Intranet FTP Server:"), fixed_val => \$o->{var}{internal} }, - { label => N("Internet FTP Server:"), fixed_val => \$o->{var}{external} }, - ], - post => \&do_it, - next => 'end' - }, + pre => sub { + $o->{var}{internal} = $o->{var}{wiz_ftp_internal} ? N("enabled") : N("disabled"); + $o->{var}{external} = $o->{var}{wiz_ftp_external} ? N("enabled") : N("disabled"); + $o->{var}{rootlogin} = $o->{var}{wiz_root_login} ? N("enabled") : N("disabled"); + $o->{var}{defaultroot} = $o->{var}{wiz_default_root} ? N("enabled") : N("disabled"); + $o->{var}{ftpresume} = $o->{var}{wiz_ftp_resume} ? N("enabled") : N("disabled"); + $o->{var}{fxp} = $o->{var}{wiz_ftp_fxp} ? N("enabled") : N("disabled"); + }, + data => [ + { label => N("Intranet FTP Server:"), fixed_val => \$o->{var}{internal} }, + { label => N("Internet FTP Server:"), fixed_val => \$o->{var}{external} }, + { label => N("Admin email"), fixed_val => \$o->{var}{wiz_server_admin} }, + { label => N("Permit root Login"), fixed_val => \$o->{var}{rootlogin} }, + { label => N("Chroot Home user"), fixed_val => \$o->{var}{defaultroot} }, + { label => N("Allow FTP resume"), fixed_val => \$o->{var}{ftpresume} }, + { label => N("Allow FXP"), fixed_val => \$o->{var}{fxp} }, + ], + post => \&do_it, + next => 'end' + }, end => { - name => N("Congratulations") . "\n\n" . N("The wizard successfully configured your Intranet/Internet FTP Server"), + name => N("Congratulations") . "\n\n" . N("The wizard successfully configured your Intranet/Internet FTP Server"), end => 1, + no_back => 1, next => 0 }, }; @@ -148,6 +181,19 @@ sub print_anonymous() { '; } +sub change_options { + my ($var, $var_in_conf) = @_; + my $file = "/etc/proftpd.conf"; + my $status; + print "now in change options\n"; + if ($var == 1) { $status = "on" } else { $status = "off" } + if ( any { /^$var_in_conf/ } cat_($file)) { + substInFile { s/$var_in_conf.*/$var_in_conf $status/ } $file; + } else { + append_to_file($file, "$var_in_conf $status\n") + } +} + sub do_it { $::testing and return; my $wiz_ftp_internal = $o->{var}{wiz_ftp_external} ? 1 : true $o->{var}{wiz_ftp_internal}; @@ -230,7 +276,36 @@ sub do_it { } } $file; } - if (services::is_service_running('proftpd')) { + + # options + # wiz_root_login wiz_server_admin wiz_default_root wiz_ftp_resume wiz_ftp_fxp + if ($o->{var}{wiz_server_admin}) { + if (any { /^ServerAdmin/ } cat_($file)) { + substInFile { s/ServerAdmin.*/ServerAdmin $o->{var}{wiz_server_admin}/ } $file + } else { + append_to_file($file, "ServerAdmin $o->{var}{wiz_server_admin}") + } + } else { substInFile { s/ServerAdmin.*// } $file } + + change_options($o->{var}{wiz_root_login}, "RootLogin"); + change_options($o->{var}{wiz_ftp_fxp}, "AllowForeignAddress"); + # in ftp resume there is two options (store or retrieve) + change_options($o->{var}{wiz_ftp_resume}, "AllowStoreRestart"); + change_options($o->{var}{wiz_ftp_resume}, "AllowRetrieveRestart"); + + my $data; + if ($o->{var}{wiz_default_root} == 1) { + $data = "DefaultRoot ~" + } else { + $data = "" + } + if ( any { /^DefaultRoot/ } cat_($file)) { + substInFile { s/DefaultRoot.*/$data/ } $file; + } else { + append_to_file($file, "$data\n"); + } + + if (services::is_service_running('proftpd')) { services::restart('proftpd') } else { services::start('proftpd') diff --git a/ftp_wizard/scripts/proftpd.conf.default b/ftp_wizard/scripts/proftpd.conf.default index 1325e599..0dc72bb1 100644 --- a/ftp_wizard/scripts/proftpd.conf.default +++ b/ftp_wizard/scripts/proftpd.conf.default @@ -1,21 +1,46 @@ -# This is a basic ProFTPD configuration file (rename it to -# 'proftpd.conf' for actual use. It establishes a single server -# and a single anonymous login. It assumes that you have a user/group -# "nobody" and "ftp" for normal operation and anon. +# +# This is a default ProFTPD configuration file. +# -ServerName "ProFTPD Default Installation" -ServerType standalone -DefaultServer on +# Run proftpd has a standalone server (not via inetd or xinetd) +ServerType standalone +DefaultServer on -# Allow FTP resuming. -# Remember to set to off if you have an incoming ftp for upload. -AllowStoreRestart on +# chroot Home user directory +DefaultRoot ~ -# Port 21 is the standard FTP port. -Port 21 # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. -Umask 022 +Umask 022 + +# Name of the server +ServerName "HOSTNAME FTP Server" +# Don't Show proftpd version +ServerIdent off +DeferWelcome on +DisplayConnect /etc/banner-proftpd + +# Administrator email address +ServerAdmin ADMIN + +# Deny root Login +RootLogin off + +# Deny MSG +AccessDenyMsg " !-!! ACCESS DENY !!-! SEEMS YOU HAVE NO RIGHT THERE !!" + +# Accept Message +AccessGrantMsg " -- Guest access granted for %u --" + +# Perform identity lookup +IdentLookups off +# preform reverse lookup +UseReverseDNS off + +# Port 21 is the standard FTP port. +Port 21 +# use GMT (off=localtime) +TimesGMT off # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections @@ -23,23 +48,52 @@ Umask 022 # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) -MaxInstances 30 +MaxInstances 30 +# Max login attempt before disconnected +MaxLoginAttempts 3 +# max client simultaneous +MaxClients 10 "Sorry, the maximum number of allowed users are already connected (%m)" +# Login time out (seconds) +TimeoutLogin 300 +# idle timeout (seconds) +TimeoutNoTransfer 400 # Set the user and group that the server normally runs at. -User nobody -Group nogroup +User nobody +Group nogroup +DirFakeUser off nobody +DirFakeGroup off nobody + +# Default transfer mode (bin|ascii) +DefaultTransferMode binary + +# FXP transfert +AllowForeignAddress on + +# Allow FTP resuming. +# Remember to set to off if you have an incoming ftp for upload. +AllowStoreRestart on +AllowRetrieveRestart on + +# Automatically delete aborted uploads +DeleteAbortedStores off + +# Download Bandwitdh KB/sec +#TransferRate RETR 100 +# Upload Bandwitdh KB/sec +#TransferRate STOR,APPE 100 + +# Some logging formats +SystemLog /var/log/proftpd.log +TransferLog /var/log/xferlog +Extendedlog /var/log/ftp.log +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +LogFormat write "%h %l %u %t \"%r\" %s %b" -# Normally, we want files to be overwriteable. - AllowOverwrite on + AllowOverwrite on # Needed for NIS. -PersistentPasswd off - -# Default root can be used to put users in a chroot environment. -# As an example if you have a user foo and you want to put foo in /home/foo -# chroot environment you would do this: -# -# DefaultRoot /home/foo foo - +PersistentPasswd off -- cgit v1.2.1