httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ritcey, Benjamin" <>
Subject RE: Mass virtual hosting - how to handle ftp?
Date Sun, 05 Dec 1999 21:29:51 GMT
Also, ProFTPd now has LDAP support (as of 1.2.0pre9) -- however, I'll note
that development of the server is somewhat in flux right now, as the
maintainer has changed (and has not, yet).

On the plus side, it's config file is modeled after Apache's =) has the latest (pre9) version -- as I said, is out of date at the moment.

On an somewhat related note, I've been sorta fantasizing about APR &
hacked-MPMs being used as the basis for ProFTPd 2.0 -- how reasonable would
that be?  I'm assuming very...


-----Original Message-----
From: Peter W []
Sent: Friday, December 03, 1999 7:19 AM
Subject: Re: Mass virtual hosting - how to handle ftp?

At 11:41am Dec 3, 1999, Dirk-Willem van Gulik wrote:

> On Thu, 2 Dec 1999, Graham Leggett wrote:
> > We have been looking at the mass virtual hosting module for Apache to
> > create an environment where we can have lots of userids inside an LDAP
> > database

> > The hard part is the fact that we also need to provide these users with
> > ftp access to their directories... and we definitely don't want to
> > create posix accounts

> I've done several custom hack's for customers based on the wu-ftpd and
> effectivly chroot() the user to his section. 
> The backends we used withere either berkely DB (shared with apache and
> mod_rewrite), Netscape's LDAP and, in one case, mSQL.

> We are only talking a couple of lines of
> code.

I note that Red Hat 6.1 ships with an LDAP PAM module, and the PAM configs
suggest that its ftpd is PAM-aware, so... maybe you should look at the
source; the ftpd should be portable, and PAM is pretty well supported now
(at least on the Unix-like OS'es I play with; I don't recall if you
specified which flavor you intend to use). I suspect you may need to
modify the LDAP user object schema, as the LDAP PAM module may expect some
POSIX-like attributes. But as long as no other services consider the LDAP
server / that subtree a legitimate source of real POSIX accounts, you
should be OK.

Good luck,


View raw message