Code Forums - View Single Post

redhead · 12-15-2005, 04:50 AM

Thats going to be quite difficult, usualy ftp-servers grants ftp access to users who are members of ftp usergroup and already have a valid shell on the machine, in this case /bin/true (or /bin/false) in order to prevent them from having a valid login shell on the machine.
Since creating a new user with a predefined passwd requires interactive typing/parsing of the password to the passwd program, it is very difficult to provide it as a script, since passwd won't even accept it from a pipe.

I once created a user/adding/modification system in php, but all the specific passwd/useradd actions were wraped in a C program which would send a exit code and then I would let the PHP script decide what went wrong from the exit code generated by the C program, when it was called with shell_exec().

Since Pureftpd provides interaction with mySQL database, you might want to check the documentation and then realise you can easily control you'r users through a simple mySQL user database, if you're used to have php interact with mySQL, then it should be breeze from there on.

You might want to check up on cpanel, if it uses a SQL database, or if it uses /etc/passwd or another form, like virtual users, from the Cpanel documentation it seems to be a non-GPL software, so I can't see and they won't tell how it interacts with your system... But my guess is that since you have to login as root, then it will add/maintain any ftp account through useradd and /etc/passwd, which means you're in for some tough coding in order to make your addition work with Cpanel.

:edit:
From a quote found in their FAQ: There is no plaintext record, even for root, to view clients passwords. The only copies on the server will be in the password hashes in the /etc/proftpd/* files.
I guess they're hevily relying on direct access to the programs configuration files, in this case you're in for some trouble, usualy these files can only be written by root, so if you're planing something like a web-interface where non-root users can handle the ftp-access, you still have to figure out a way to run the requests SUID-root, which isn't easy.

You might want to check up on their forum in order to sort some of these questions out.. I didn't join to search for your specific request, given that I have no insigt to exactly what you want, and given that a membership there most likely will be more usefull for you than for me.

12-15-2005, 04:50 AM	#8 (permalink)
redhead Newbie Join Date: Jun 2002 Location: Denmark Posts: 1,726	Thats going to be quite difficult, usualy ftp-servers grants ftp access to users who are members of ftp usergroup and already have a valid shell on the machine, in this case /bin/true (or /bin/false) in order to prevent them from having a valid login shell on the machine. Since creating a new user with a predefined passwd requires interactive typing/parsing of the password to the passwd program, it is very difficult to provide it as a script, since passwd won't even accept it from a pipe. I once created a user/adding/modification system in php, but all the specific passwd/useradd actions were wraped in a C program which would send a exit code and then I would let the PHP script decide what went wrong from the exit code generated by the C program, when it was called with shell_exec(). Since Pureftpd provides interaction with mySQL database, you might want to check the documentation and then realise you can easily control you'r users through a simple mySQL user database, if you're used to have php interact with mySQL, then it should be breeze from there on. You might want to check up on cpanel, if it uses a SQL database, or if it uses /etc/passwd or another form, like virtual users, from the Cpanel documentation it seems to be a non-GPL software, so I can't see and they won't tell how it interacts with your system... But my guess is that since you have to login as root, then it will add/maintain any ftp account through useradd and /etc/passwd, which means you're in for some tough coding in order to make your addition work with Cpanel. :edit: From a quote found in their FAQ: There is no plaintext record, even for root, to view clients passwords. The only copies on the server will be in the password hashes in the /etc/proftpd/ files.* I guess they're hevily relying on direct access to the programs configuration files, in this case you're in for some trouble, usualy these files can only be written by root, so if you're planing something like a web-interface where non-root users can handle the ftp-access, you still have to figure out a way to run the requests SUID-root, which isn't easy. You might want to check up on their forum in order to sort some of these questions out.. I didn't join to search for your specific request, given that I have no insigt to exactly what you want, and given that a membership there most likely will be more usefull for you than for me. __________________ Don't worry Ma'am, We're university students, We know what We're doing. ----- If you pull the pin, Mr.Grenade would no longer be your friend. ----- 01000111 01101111 00100000 01000011 00100000 00100001 Last edited by redhead; 12-15-2005 at 05:55 AM.