# Virtual Domains in VS-ftpd

## honey bee

Hello!

Can any one help me with this,

1. How to create virtual domains in VS-ftpd?

2. How to configure these domains?

I have VS-ftpd running as a standalone daemon .  :Confused: 

----------

## YD

AFAIK, FTP doesn't support virtual domains. You can setup user-based ftp root paths. You just need to enable chrooting local users and setup correct home path for them. 

vsftpd doesn't support IP-based "virtualization", but you can start multiple daemons.

----------

## UberLord

Assuming that you build vsftpd with tcpd support then you can bind create a global vsftpd config that covers all domains. Then you need to create a public IP per domain and then append the domain vsftpd config to the current one like so.

/etc/hosts.allow

vsftpd@10.73.5.3: ALL: setenv VSFTPD_LOAD_CONF /etc/vsftpd/marples.name.conf

That shows that FTP to 10.73.5.3 will load the extra config for marples.name (basically enforces TLS)

----------

## honey bee

Thank u    :Smile:  , for the replies, but i think i didn't conveyed my problem properly that's why i am not getting the exact solution to the problem.  :Sad: 

I am new to Linux environment.I have installed Fedora Core 2  and VS-ftpd is installed as its default  ftp daemon.

VS-ftpd is running as a standalone daemon.

Now,i want to create virtual sites for this VS-ftpd which will have their authentic users who can access these sites.I want to know whether it's possible or not and if it's possible :

1. How to create these sites?

2. How to set configuration file for each of these sites? 

3. How to create users for each of these sites?  

Thank u once again for your concern.

----------

## UberLord

My reply was complete and answerd you  :Smile: 

 *honey bee wrote:*   

> 1. How to create these sites?

 

You need to have a unique IP per site on the server

domain foo = 192.168.0.1

domain bar = 192.168.0.2

 *Quote:*   

> 2. How to set configuration file for each of these sites?

 

vsftpd@192.168.0.1: ALL: setenv VSFTPD_LOAD_CONF /etc/vsftpd/foo.conf 

vsftpd@192.168.0.2: ALL: setenv VSFTPD_LOAD_CONF /etc/vsftpd/bar.conf 

 *Quote:*   

> 3. How to create users for each of these sites?

 

The only way of doing this is to allow/bar each user to the domain using the userlist variables in the domain confile file (foo.conf, bar.conf)

foo.conf

```
userlist_deny = YES

userlist_enable = YES

userlist_file = /etc/vsftpd/foo.userlist
```

foo.userlist

```
foo

fred
```

bar.conf

```
userlist_deny = YES

userlist_enable = YES

userlist_file = /etc/vsftpd/bar.userlist
```

bar.userlist

```
bar

fred
```

This setup only allows user foo in the foo domain, bar in the bar domain and fred can login to both.

However, all 3 users have to be valid for vsftpd.

----------

## YD

UberLord, that's a crazy way. I have enough apache vhosts which are accessable through ftp (ftps).

(Unrelated options are omitted)

```

...

anonymous_enable=NO

ascii_download_enable=NO

ascii_upload_enable=NO

async_abor_enable=YES

background=YES

check_shell=NO

chmod_enable=YES

chroot_local_user=YES

dirlist_enable=YES

download_enable=YES

force_dot_files=YES

listen=YES

local_enable=YES

passwd_chroot_enable=YES

pasv_enable=YES

use_sendfile=YES

userlist_deny=NO

userlist_enable=YES

write_enable=YES

listen_port=21

local_umask=027

local_max_rate=51200

max_per_ip=2

trans_chunk_size=8192

banner_file=/etc/vsftpd/banner

listen_address=0.0.0.0

user_config_dir=/etc/vsftpd/usercfg

userlist_file=/etc/vsftpd/ftpusers

...

```

I've got allowed users in /etc/vsftpd/ftpusers. Every user have their entry in /etc/passwd with shell /bin/false and homdir = ftp root dir. 

Users don't even know about each other.

vsftpd is compiled without pam and tcpd (almost useless features on public vserver).

----------

## UberLord

OK, so how do you allow one user into one vhost/domain and not into another using that setup?

----------

## YD

1. If there are 2 different projects it's easier to use vservers.

2. Probably usernames will be still unique in such way, so what's the problem which domain to log from?

3. In general, I have nothing against your way, which (as I understood) was the idea of primary developers.

P.S. Never mind...

----------

## honey bee

Hello!

Sorry for the late reply and thanx a lot!  :Smile:  ...both of u.......for helping me.

----------

