# Proftpd with mysql auth, software quota, mod_shaper and SSL

## Paulten

Hello. 

Proftpd 1.2.10 with mysql authentication, software qouta, traffic shaper and SSL 

Thought maybe it was a good idea to post my notes here. 

I am afraid that it's not very well written, hope someone finds it usefull!

Version v0.3

EDIT 24/09 : SSL works. (firewall problem)

The first thing we do is patching proftpd-1.2.10 with mod_shaper, even though Gustavo Felisberto said it was broken in 1.2.10 I got it working just fine. 

 *Quote:*   

> proftpd-1.2.10.ebuild:
> 
> Mod shaper causes problems again  . Marking stable as the rest is rock solid.

 

After we patched it, by copying the module to the contrib folder and adding some text in proftpd.ebuild we set up mysql authentication. 

This is pretty straigh forward, I've dumped my database structure so a easy mysql < dump.sql does the trick. 

After that we set up mod_quotatab, known as softwarequota. My dump contains two databases called quotatallies and quotalimits, simply add a limit to qoutalimits and add some code in your proftpd.conf and your on. 

After that we set up mod_shaper, which is also very simple. 

Last but not least important we configure the ftpdeamon to use TLS/SSL. 

I'm using two modules from TJ Saunders's http://www.castaglia.org mod_shaper and mod_quotatab. 

Visit http://paul.tenfjord.net/proftpd/ for my proftpd.conf, mysqldump, proftpd.ebuild and other usefull stuff. 

Installing and patching proftpd-1.2.10

```

ch root # cd /usr/portage/net-ftp/proftpd/

ch proftpd # ebuild proftpd-1.2.10.ebuild unpack

```

We don't need to manually download quotatab patch as I described in my previoushttps://forums.gentoo.org/viewtopic.php?t=94722&highlight= howto.

Just include softquota in your USE FLAGS.  :Smile:  Nice

My USE FLAGS : 

```

ch proftpd # equery uses proftpd

[ Colour Code : set unset ]

[ Legend    : (U) Col 1 - Current USE flags        ]

[           : (I) Col 2 - Installed With USE flags ]

 U I [ Found these USE variables in : net-ftp/proftpd-1.2.10 ]

 - - hardened  : activate default security enhancements for toolchain (gcc, glibc, binutils)

 - - ipv6      : Adds support for IP version 6

 - - ldap      : Adds LDAP support (Lightweight Directory Access Protocol)

 + + mysql     : Adds mySQL support

 + + pam       : unknown

 - - postgres  : Adds support for the postgresql database

 + + softquota : Enable support for the mod_quotatab

 + + ssl       : Adds support for Secure Socket Layer connections

 + + tcpd      : Adds support for TCP wrappers

 - - selinux   : !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur

 - - debug     : Tells configure and the makefiles to build for debugging. Effects vary across packages, but generally it will at least add -g to CFLAGS. Remember to set FEATURES=nostrip too

```

```

ch root # cd

ch root # wget http://www.castaglia.org/proftpd/modules/proftpd-mod-shaper-0.5.3.tar.gz

ch root # tar xvfz proftpd-mod-shaper-0.5.3.tar.gz

ch root # cd mod_shaper/

ch mod_shaper # mv mod_shaper.c /var/tmp/portage/proftpd-1.2.10/work/proftpd-1.2.10/contrib/

ch mod_shaper # cd /usr/portage/net-ftp/proftpd

```

Then we have to edit the proftpd.ebuild file to add the module we just copied to our contrib folder.

```

ch proftpd # vim proftpd-1.2.10.ebuild

```

As said in mod_shapers installation doc, include --enable-ctrls --with-modules=mod_shaper in your configure options.

I added under econf :

```
     econf \

            --enable-ctrls \

```

And add a line:

```

modules="${modules}:mod_shaper"

```

Let's compile proftpd. 

```

ch proftpd # FEATURES="noauto" ebuild proftpd-1.2.10.ebuild compile"

ch proftpd # FEATURES="noauto" ebuild proftpd-1.2.10.ebuild install

ch proftpd # FEATURES="noauto" ebuild proftpd-1.2.10.ebuild qmerge

```

noauto prevents ebuild from overwriting the workdir. 

From man make.conf : noauto When utilizing ebuild(1), only run the function requested.

Check if the right modules are compiled in : 

```

ch proftpd # proftpd -l

Compiled-in modules:

        mod_core.c

        mod_xfer.c

        mod_auth_unix.c

        mod_auth_file.c

        mod_auth.c

        mod_ls.c

        mod_log.c

        mod_site.c

        mod_ctrls.c

        mod_ratio.c

        mod_readme.c

        mod_auth_pam.c

        mod_wrap.c

        mod_tls.c

        mod_sql.c

        mod_sql_mysql.c

        mod_quotatab.c

        mod_quotatab_sql.c

        mod_shaper.c

        mod_cap.c

```

So far so good. Lets create a mysql database and add a user.

Setting up mysql authentication

If your using a fresh installation of mysql, first create set a passwd for the root by following the output of the ebuild.

```

ch root # mysql -u root -p < proftp.sql

```

If you connect to mysql you should have something like : 

```

ch root # mysql -u root -p

mysql> use proftpd;

Database changed

mysql> show tables;

+-------------------+

| Tables_in_proftpd |

+-------------------+

| groups            |

| quotalimits       |

| quotatallies      |

| users             |

+-------------------+

4 rows in set (0.00 sec)

mysql> describe users;

...

// Grant permissions to the proftpd database :

mysql> GRANT ALL ON users TO proftpd@localhost IDENTIFIED BY 'password';

mysql> GRANT ALL ON groups TO proftpd@localhost IDENTIFIED BY 'password';

mysql> GRANT ALL ON quotatallies TO proftpd@localhost IDENTIFIED BY 'password';

mysql> GRANT ALL ON quotalimits TO proftpd@localhost IDENTIFIED BY 'password';

mysql> INSERT INTO users (uid) VALUES (9999);

mysql> INSERT INTO groups (gid) VALUES (9999);

mysql> DELETE FROM users WHERE uid=9999;

mysql> DELETE FROM groups WHERE gid=9999;

```

The last four lines is there to make the default uid and gid 10000. This might be a good idea since you do not want your ftp users to conflict with your system users.

Field explanations :

quotalimits

name - username

quota type - user, group, class, all (we use user)

quotas per session - true or false (we use false)

quota limit type - hard or soft (soft is what I use, if you're transferring a file which will override our quota, soft lets you transfer that file and then deny the next file. Hard deletes that file.)

upload limit in bytes - allowed bytes on disk (eg diskquota)

download limit in bytes - allowed bytes a user can download

transfer limit in bytes - allowed bytes a user can transfer in/out

upload limit in files - allowed number of uploaded files

download limit in files - allowed number of downloaded files

transfer limit in files - allowed number of files a user can transfer in/out

To create/add a user and a group (ofcourse use proftpd; first) :

```

mysql> insert INTO groups (groupid, gid) values ('vgroup', '10000');

mysql> INSERT INTO users (userid,name,homedir,gid,passwd,shell) values ('paul','Paul Tenfjord','/home/mysqlftp','10000',password('julenisse'),'/bin/zsh');

```

User "paul" is part of the group vgroup(10000)

Add this to your proftpd.conf : 

```

        SQLConnectInfo        proftpd@localhost proftpd password

        SQLAuthenticate       users groups

        SQLAuthTypes          Crypt Backend

        SQLUserInfo           users userid passwd uid gid homedir shell

        SQLGroupInfo          groups groupid gid members

```

Test :

```

paul@lappy paul $ ncftp -u paul -p dddd 192.168.0.23

NcFTP 3.1.7 (Jan 07, 2004) by Mike Gleason (http://www.NcFTP.com/contact/).

Connecting to 192.168.0.23...

ProFTPD 1.2.10 Server (ProFTPD) [192.168.0.23]

Logging in...

User paul logged in.

Logged in to 192.168.0.23.

ncftp / >

```

Ofcourse it works!  :Smile: 

If you have any troubles, add

```
SQLLogFile      /var/log/proftpd.sql
```

to your proftpd.conf, if you don't figure it out I can probably help you, send me a priv or create a new post in "networking and security".

Enabling the mod_quotatab (softwarequota)

Lets add quotatab entries :

```

mysql> INSERT INTO quotalimits VALUES('paul','user','false','soft','15000000','15000000','0','','0','0');

```

The tally entry will be created automatically 

Add to your proftpd.conf : 

```

QuotaEngine on

QuotaShowQuotas on

QuotaDisplayUnits Mb

QuotaLog /var/log/proftpd.quota

SQLLogFile /var/log/proftpd.sql

 

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"

 

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

 

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used =  files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies

 

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies

 

QuotaLimitTable sql:/get-quota-limit

QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

```

Lets try : 

Connect to the ftp server and : 

```

ncftp / > quote site QUOTA

The current quota for this session are [current/limit]:

Name: paul

Quota Type: User

Per Session: False

Limit Type: Soft

Uploaded Mb: 0.00/14.31

Downloaded Mb:       0.00/14.31

Transferred Mb:      unlimited

Uploaded files:      unlimited

Downloaded files:    unlimited

Transferred files:   unlimited

Please contact paul@kde .no if these entries are inaccurate

```

Not very hard was it?

Enabling the traffic shaper (mod_shaper)

Time for mod_shaper, even thou I read in proftpd's changelog that is was broken in 1.2.10..

Add to your proftpd.conf :

```

ShaperLog /var/log/proftpd/proftpd.shaper

ShaperEngine on

ShaperTable /etc/proftpd/shaper.tab

ShaperControlsACLs info allow user *

ShaperAll downrate 15 uprate 15

```

For testing purpose we set download rate to 15Kb/s and upload rate to 15Kb/s 

Start it and check your log.

From my shaper.log :

```

Sep 22 10:05:59 mod_shaper/0.5.3[2138]: initialized ShaperTable with rate 15.00 K            B/s (down), 15.00 KB/s (up), default priority 10, default shares 5 down, 5 up

Sep 22 10:05:59 mod_shaper/0.5.3[2138]: total session shares: 0 down, 0 up

Sep 22 10:05:59 mod_shaper/0.5.3[2138]: rate per share: inf down, inf up

```

Looks good  :Smile: 

And the output from ftpdctl shaper info :

```

ch root # ftpdctl shaper info

ftpdctl: Overall Rates: 15.00 KB/s down, 15.00 KB/s up

ftpdctl: Default Shares Per Session: 5 down, 5 up

ftpdctl: Default Priority: 10

ftpdctl: Number of Shaped Sessions: 0

```

When I download :

ETA:   7:40    0.02/  7.09 MB   15.74Kb/s

Very cool.

The documentation on castaglia.org for mod_shaper is superb http://www.castaglia.org/proftpd/modules/mod_shaper.html

Looks like it's not broken in 1.2.10 afterall.

We now have a working proftpd with auth from mysql, softwarequota via injection to sql tallies and shaper to limit upload/download  :Smile: 

Setting up SSL encryption

SSL is also usefull, and if you have ssl in your USE flags it's plug'nplay.

Create your certs:

This is how I made mine:

```

ch root # cd /etc/proftpd/

ch proftpd # mkdir {ca,crl,certs}

# Private RSA key

ch root # openssl genrsa 1024 > crl/host.key

ch root # chmod 400 host.key

ch root # cd crl/

# Public cert

ch crl # openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > ../ca/host.cert

#Make .pem-file

ch crl # cat ../ca/host.cert host.key > ../certs/host.pem

ch crl # chmod 400 ../certs/host.pem

```

Add to your proftpd.conf : 

```

AccessGrantMsg                  "If your FTP client supports TLS/SSL use it"

TLSEngine                       on

TLSLog                          /var/log/proftpd/proftpdtls.log

TLSRequired                     off

TLSOptions                      NoCertRequest

TLSVerifyClient                 off

TLSProtocol                     TLSv1

TLSProtocol                     SSLv23

TLSRSACertificateFile           /etc/proftpd/ca/host.cert

TLSRSACertificateKeyFile        /etc/proftpd/crl/host.key

TLSRSACertificateFile           /etc/proftpd/certs/host.pem

```

Feedback please! what can be better?

EDIT(14.00) I wrote a simple perl script to add users : 

http://paul.tenfjord.net/proftpd/proftpd.pl

Paul Tenfjord

----------

## forsen

hi! 

first of all, I would like to thank you for a great documtation! It was very useful to me.

I am running proftpd 1.2.10 on my gateway. The proftpd is running both for the internet and the localnetwork. Is it possible to make mod_shaper not to effect connections from the localnetwork? (or not to effect some users?) I limited the traffic to 30kb/s (very necessary because i am using IP telephony on my internetconnection). But I want to be able to download full speed inside my local network! 

I hope you understand my problem, i know my english isn't very good   :Embarassed: 

Thanks anyway for that great documentation   :Very Happy: 

----------

## Paulten

Hello. 

http://www.castaglia.org/proftpd/modules/mod_ifsession.html

Maybe this is what you are looking for.

# Give friends, and local users, better transfer rates

<IfClass local, friends>

TransferRate RETR 8192

</IfClass>

I too have a IP-telephone on my network, so that was the reason why I wrote this howto  :Smile: 

It's possible to disable ShaperEngine on certain users too. As explanied on his howto :

http://www.castaglia.org/proftpd/modules/mod_shaper.html :

<IfModule mod_shaper.c>

    <IfUser lucky>

      ShaperEngine off

    </IfUser>

  </IfModule>

Good luck, when I have time I'll add some more advanced features to the mod_shaper configuration. 

Paul

----------

## flow666

Hi,

Where do I find that proftp.sql file?

locate hasn't found it, Googling for it brouhgt no results.

Isn't it included in the Package any longer?

flow

----------

## Paulten

http://paul.tenfjord.net/proftpd/

----------

## ColeSlaw

I'm having problems getting this server set up correctly.  Here's what happens when I try to test a user...

ncftp -u user -p password 192.168.0.183

```
NcFTP 3.1.8 (Jul 27, 2004) by Mike Gleason (http://www.NcFTP.com/contact/).

Remote host has closed the connection.

Remote host has closed the connection.

Sleeping 20 seconds...
```

Here is the output of "tail /var/log/messages

```
Nov 28 11:42:41 janjansen proftpd[4080]: localhost (192.168.0.183[192.168.0.183]) - FTP session closed.

Nov 28 11:43:28 janjansen proftpd[4085]: localhost (192.168.0.183[192.168.0.183]) - FTP session closed.

Nov 28 11:43:49 janjansen proftpd[4090]: localhost (192.168.0.183[192.168.0.183]) - FTP session closed.
```

Here is my proftpd.conf file

```
ServerName         "Brodine ProFTPD Server"

ServerType         standalone

DefaultServer         on

ServerAdmin      email@nobody.com

ServerIdent      on    "Brodine FTP"

DeferWelcome      off

Port            21

Umask            022

MaxInstances      5

AllowStoreRestart on

AllowRetrieveRestart on

DefaultRoot ~

RequireValidShell on

AuthPAM      off

User            nobody

Group            nogroup

TransferLog /var/log/proftpd/proftpd.xferlog

AllowStoreRestart on

AllowRetrieveRestart on

LogFormat default "%h %l %u %t \"%r\" %s %b"

LogFormat auth "%v [%P] %h %t \"%r\" %s"

LogFormat write "%h %l %u %t \"%r\" %s %b"

# Log file/dir access

ExtendedLog /var/log/proftpd/proftpd.access_log WRITE,READ write

# Record all logins

ExtendedLog /var/log/proftpd/proftpd.auth_log AUTH auth

# Paranoia logging level....

ExtendedLog /var/log/proftpd/proftpd.paranoid_log ALL default

<Directory /ftp/2/*>

  AllowOverwrite                on

<Limit ALL>

        AllowGroup vusers

        DenyAll

</Limit>

                

<Limit READ DIRS>

        AllowGroup readonly

#       DenyAll

</Limit>

        

</Directory>

<Limit LOGIN>

        AllowGroup vusers

       AllowGroup readonly

        DenyAll

</Limit>

                

<Global>

AllowForeignAddress     on

</Global>

SQLConnectInfo        proftpd@localhost root password

SQLAuthenticate       users groups

SQLAuthTypes          Crypt Backend

SQLUserInfo           users userid passwd uid gid homedir shell

SQLGroupInfo          groups groupid gid members

SQLLogFile   /var/log/proftpd/proftpd.sql

QuotaEngine on 

QuotaShowQuotas on 

QuotaDisplayUnits Mb 

QuotaLog /var/log/proftpd.quota 

SQLLogFile /var/log/proftpd/proftpd.sql 

 

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'" 

 

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" 

 

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used =  files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies 

 

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies 

 

QuotaLimitTable sql:/get-quota-limit 

QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally 

ShaperLog /var/log/proftpd/proftpd.shaper

ShaperEngine on

ShaperTable /etc/proftpd/shaper.tab

ShaperControlsACLs info allow user *

ShaperAll downrate 15 uprate 15

AccessGrantMsg                  "If your FTP client supports TLS/SSL please use it! -IntraHouse"

TLSEngine                       on

TLSLog                          /var/log/proftpd/proftpdtls.log

TLSRequired                     off

TLSOptions                      NoCertRequest

TLSVerifyClient                 off

TLSProtocol                     TLSv1

TLSProtocol                     SSLv23

TLSRSACertificateFile       /etc/proftpd/ca/host.cert

TLSRSACertificateKeyFile    /etc/proftpd/crl/host.key

TLSRSACertificateFile           /etc/proftpd/certs/host.pem
```

Does anybody know what is happening?  This is getting pretty frustrating here...

----------

## Paulten

Check the Mysql Log, does it run a query against the database?

Try running the query manually.

Show me the mysql log file.

----------

## Vyeperman

I'm getting this error on the compile part of your Document, I checked line 488 on the ebuild, didn't see anything suspicious. but it looks like the problem is no configure script? Not sure but I would like to get this solved asap, Thanks.

```
# FEATURES="noauto" ebuild proftpd-1.2.10.ebuild compile

>>> md5 files   ;-) proftpd-1.2.10-r1.ebuild

>>> md5 files   ;-) proftpd-1.2.10-r3.ebuild

>>> md5 files   ;-) proftpd-1.2.10.ebuild

>>> md5 files   ;-) proftpd-1.2.10-r2.ebuild

>>> md5 files   ;-) ChangeLog

>>> md5 files   ;-) metadata.xml

>>> md5 files   ;-) proftpd-1.2.9-r2.ebuild

>>> md5 files   ;-) files/proftpd-1.2.9-makefile.patch

>>> md5 files   ;-) files/proftpd.rc6

>>> md5 files   ;-) files/proftpd.conf

>>> md5 files   ;-) files/mod_sql_postgres.c.patch

>>> md5 files   ;-) files/proftpd.xinetd

>>> md5 files   ;-) files/digest-proftpd-1.2.10

>>> md5 files   ;-) files/proftpd-1.2.9-privescal-fix.patch

>>> md5 files   ;-) files/digest-proftpd-1.2.10-r1

>>> md5 files   ;-) files/digest-proftpd-1.2.10-r2

>>> md5 files   ;-) files/digest-proftpd-1.2.10-r3

>>> md5 files   ;-) files/digest-proftpd-1.2.9-r2

>>> md5 files   ;-) files/1.2.9_rc3-reversedns.diff

>>> md5 files   ;-) files/ftp.pamd

>>> md5 src_uri ;-) proftpd-1.2.10.tar.bz2

!!! We apparently haven't unpacked... This is probably not what you

!!! want to be doing... You are using FEATURES=noauto so I'll assume

!!! that you know what you are doing... You have 5 seconds to abort...

 * ssl

!!! ERROR: net-ftp/proftpd-1.2.10 failed.

!!! Function econf, Line 488, Exitcode 1

!!! no configure script found

!!! If you need support, post the topmost build error, NOT this status message.
```

ebuild:

```

# cat proftpd-1.2.10-r1.ebuild 

# Copyright 1999-2005 Gentoo Foundation

# Distributed under the terms of the GNU General Public License v2

# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.10-r1.ebuild,v 1.8 2005/01/09 11:26:27 swegener Exp $

inherit flag-o-matic eutils

#Mod shaper is giving problems on some machines

IUSE="hardened ipv6 ldap mysql pam postgres shaper softquota ssl tcpd selinux"

#IUSE="hardened ipv6 ldap mysql pam postgres softquota ssl tcpd selinux"

MY_P=${P/_/}

S=${WORKDIR}/${MY_P}

DESCRIPTION="An advanced and very configurable FTP server"

SRC_URI="ftp://ftp.proftpd.org/distrib/source/${MY_P}.tar.bz2

                shaper? ( http://www.castaglia.org/${PN}/modules/${PN}-mod-shaper-0.5.5.tar.gz )

                http://www.castaglia.org/${PN}/modules/${PN}-mod-delay-0.4.tar.gz"

HOMEPAGE="http://www.proftpd.org/"

SLOT="0"

LICENSE="GPL-2"

KEYWORDS="x86 sparc hppa alpha ppc ~mips amd64"

DEPEND="pam? ( >=sys-libs/pam-0.75 )

        mysql? ( >=dev-db/mysql-3.23.26 )

        ldap? ( >=net-nds/openldap-1.2.11 )

        postgres? ( >=dev-db/postgresql-7.3 )

        ssl? ( >=dev-libs/openssl-0.9.6f )

        tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )"

RDEPEND="selinux? ( sec-policy/selinux-ftpd )"

src_unpack() {

        unpack ${MY_P}.tar.bz2

        cd ${S}

        unpack ${PN}-mod-delay-0.4.tar.gz

        mv mod_delay/mod_delay.c contrib

        if use shaper; then

                unpack ${PN}-mod-shaper-0.5.5.tar.gz

                mv mod_shaper/mod_shaper.c contrib/

        fi

}

src_compile() {

        local modules myconf

        modules="mod_ratio:mod_readme:mod_delay"

        use pam && modules="${modules}:mod_auth_pam"

        use tcpd && modules="${modules}:mod_wrap"

        use shaper && modules="${modules}:mod_shaper"

        if use ldap; then

                einfo ldap

                modules="${modules}:mod_ldap"

                append-ldflags "-lresolv"

        fi

        if use ssl; then

                einfo ssl

                # enable mod_tls

                modules="${modules}:mod_tls"

        fi

        if use mysql && use postgres

        then

                ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules."

                ewarn "Presently this ebuild defaults to mysql. If you would like to"

                ewarn "change the default behaviour, merge ProFTPD with;"

                ewarn "USE=\"-mysql postgres\" emerge proftpd"

                epause 5

        fi

        if use mysql; then

                modules="${modules}:mod_sql:mod_sql_mysql"

                myconf="--with-includes=/usr/include/mysql"

        elif use postgres; then

                modules="${modules}:mod_sql:mod_sql_postgres"

                myconf="--with-includes=/usr/include/postgresql"

        fi

        if use softquota; then

                modules="${modules}:mod_quotatab"

                if use mysql || use postgres; then

                        modules="${modules}:mod_quotatab_sql"

                elif use ldap; then

                        modules="${modules}:mod_quotatab_file:mod_quotatab_ldap"

                else

                        modules="${modules}:mod_quotatab_file"

                fi

        fi

        # New modules for 1.2.9

        # Not sure how these should be enabled yet as no use variables

        # apply currently.  Uncomment if you want to use them though.

        # -raker 06/16/2003

        #

        # modules="${modules}:mod_ifsession"

        # modules="${modules}:mod_radius"

        # modules="${modules}:mod_rewrite"

        # bug #30359

        use hardened && echo > lib/libcap/cap_sys.c

        has_pic && echo > lib/libcap/cap_sys.c

        econf \

                --sbindir=/usr/sbin \

                --localstatedir=/var/run \

                --sysconfdir=/etc/proftpd \

                --enable-shadow \

                --disable-sendfile \

                --enable-autoshadow \

                --enable-ctrls \

                modules="${modules}:mod_shaper" \

                --with-modules=${modules} \

                ${myconf} $( use_enable ipv6 ) || die "bad ./configure"

        emake || die "compile problem"

}

src_install() {

        # Note rundir needs to be specified to avoid sandbox violation

        # on initial install. See Make.rules

        make DESTDIR=${D} install || die

        keepdir /home/ftp

        keepdir /var/run/proftpd

        dodoc contrib/README.mod_sql ${FILESDIR}/proftpd.conf \

                COPYING CREDITS ChangeLog NEWS README* \

                doc/{license.txt,GetConf}

        dohtml doc/*.html

        dohtml mod_delay/mod_delay.html

        use shaper && dohtml mod_shaper/mod_shaper.html

        docinto rfc

        dodoc doc/rfc/*.txt

        mv ${D}/etc/proftpd/proftpd.conf ${D}/etc/proftpd/proftpd.conf.distrib

        insinto /etc/proftpd

        newins ${FILESDIR}/proftpd.conf proftpd.conf.sample

        if use pam; then

                insinto /etc/pam.d

                newins ${S}/contrib/dist/rpm/ftp.pamd ftp

        fi

        insinto /etc/xinetd.d

        newins ${FILESDIR}/proftpd.xinetd proftpd

        exeinto /etc/init.d ; newexe ${FILESDIR}/proftpd.rc6 proftpd

}

pkg_postinst() {

        groupadd proftpd &>/dev/null

        id proftpd &>/dev/null || \

                useradd -g proftpd -d /home/ftp -s /bin/false proftpd

        einfo

        einfo 'You can find the config files in /etc/proftpd'

        einfo

        einfo 'For info on the mod_delay please read mod_delay.html in the doc dir'

}
```

----------

## Paulten

What is on line 488? Function econf, probably it's complaing about the two patches you added in the ebuild file (ctrls and mod_shaper)

Delete the folder proftpd-xx in /var/tmp/portage/ and start over again with "ebuild proftpd-1.2.10.ebuild unpack" and continue the howto..

 *Quote:*   

>    ch root # cd /usr/portage/net-ftp/proftpd/ 
> 
>  ch proftpd # ebuild proftpd-1.2.10.ebuild unpack 
> 
> ```
> ...

 

----------

## conexion2000

Why when I entered a line:

```
mysql> INSERT INTO quotalimits VALUES('kamson','user','false','soft','150000000','150000000','0','','0','0');
```

to the sql database, I've received:

```
Query OK, 1 row affected, 1 warning (0.00 sec)

```

Why is there a warnig? How it affects whole database?

Please help

----------

