Topic: my last dash with esmith :- (

[Dean Thomas]

This is my last dash with e-smith if I can't get this to work I think I will have to find another product

I use esmith 5.1.2 to share the PPoE ADSL connection and host our own domain (using dyndns.org "CUSTOM DNS") this has been excellent and esmith really seems the best at doing this sort of stuff (we even use the esmith box as a dailin server for our staff).

But now the time has come where we want to be able to host more than one domain, which I am doing with ibay's and virtual domains. However, I have been beating my head against a brick wall trying to get the ibays to do what I want. I want the clients to be able to ftp into the ibays (which we can do) but we are unable to get "overwrite" permissions. I want http traffic to the ibay open for all (no password) but what ftp traffic to be closed via username and password with all permissions inside the "html" directory. I have asked several times about this but so far no one has been able to help. I see reading through the forums that others have tried but have also had no luck.

If no one can help me in this matter than my last hope in keeping the esmith box is to leave it how it is and run another linux box behind the esmith and forward the ports through to the new linux box. Can anyone see a problem with this?

[Jon Blakely]

Dean,

To allow overwrite permissions you will need to make a template fragment

# mkdir /etc/e-smith/templates-custom/etc/proftpd.conf
# pico /etc/e-smith/templates-custom/etc/proftpd.conf/05AllowOverwrite

and add the following 1 line

AllowOverwrite on

^X to exit
yes to save and exit

# /sbin/e-smith/expand-template /etc/proftpd.conf

and test.

A warning tho, this will allow all user etc overwrite ability.

Jon

[Dean Thomas]

Jon you are an LEGEND! What are you a LEGEND? "A LEGEND!"

thankyou very much

[Jon Blakely]

[Dean Thomas]

To allow overwrite permissions you will need to make a template fragment

# mkdir /etc/e-smith/templates-custom/etc/proftpd.conf
# pico /etc/e-smith/templates-custom/etc/proftpd.conf/05AllowOverwrite

and add the following 1 line

AllowOverwrite on

^X to exit
yes to save and exit

# /sbin/e-smith/expand-template /etc/proftpd.conf

and test.

A warning tho, this will allow all user etc overwrite ability.

Jon

Jon thanks so much for your help! But sadly I have one last hurdle to cross. Any of my clients can log into their ftp ibay's with any password. In fact if user1 for ibay1 used his user1 name he can now enter and change user2's ibay

I hope that made sense?????

[Dean Thomas]

so can anyone help me with this password problem?

Jon has thankfully helped me out and showed me how to create a custom template to allow overwrite permissions on my ftp. But now I need to fix the password word problem, anyone can log into my ibay with the correct username and ANY password!

[Tom Carroll]

I do not know the proftpd configuration, so I am shooting from the hip.

After you read over the proftpd configuration documentation, you may want to take a look at template fragments 10DefaultDenyWrite and 60AnonymousIBay in the /etc/e-smith/templates/etc/proftpd.conf directory.  If it looks like something you can use, just copy it to the /etc/e-smith/templates-custom/etc/proftpd.conf directory before modifying it.

I also looked at 00Documentation which stated that ibays can only be written by admin or local users.  Now I imagine the user must be from within the firewall to be considered local.  But, anything can be configured the way you want it using the template system.

Good luck, and if you should find a soultion can you please write up a how-to document for others to benefit?

Tom

[Dean Thomas]

Thanks Tom you have got me heading in the right direction. I noticed in the 60AnonymousIBay template the following lines

            $OUT .= "\n";
            $OUT .= "\n";
            $OUT .= "    User $key\n";
            $OUT .= "    Group $key\n";
            $OUT .= "    AnonRequirePassword " . ($pass ? "on" : "off") . "\n";

If I just change the AnonRequirePassword will that force the outside ibay users to use the correct password for ftp - while still allowing the http for that ibay not to require a password?????

[Tom Carroll]

Dean, as mentioned I am not too sure of this because I don't work with proftpd like you do.  I have a very basic system.  All I can say is with the templated configuration it is easy to 'play' with the configuration and experiment.  If it does not work, then you can delete the template...

Good luck!

Tom