Ubuntu + Apache2 + vsftpd + virtual hosts

  • Posted by Adam Niedzwiedzki on 02 September 2013, 20:30 pm

After a fresh install of Ubuntu complete the following.

sudo su
passwd root
exit
exit

-> login as root

dpkg-reconfigure tzdata
dpkg -P apparmor apparmor-utils
apt-get update
apt-get upgrade
reboot

-> login as root

apt-get dist-upgrade
reboot

-> login as root

apt-get autoremove
apt-get install ssh openssh-server openntpd
exit

-> ssh as root

apt-get install apache2
apt-get install php5 php-pear php5-mysql php5-gd

-> Setup of MTA send ONLY

apt-get install exim4-daemon-light mailutils
dpkg-reconfigure exim4-config

-> Select "internet site;" -> Ok -> Enter/Accept default entry as the FQDN -> Enter "127.0.0.1" to listen on -> Enter/Accept default in recipient domains -> Leave relay domains and relay machines blank -> Select No to keep DNS queries to a minimum -> Select "Maildir" for locally delivered email -> Select No to split file configuration -> Setup vsftpd

apt-get install vsftpd libpam-pwdfile

Edit vsftpd.conf

mv /etc/vsftpd.conf /etc/vsftpd.conf.bak
vi /etc/vsftpd.conf

Add the following

listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
nopriv_user=vsftpd
virtual_use_local_privs=YES
guest_enable=YES
user_sub_token=$USER
local_root=/var/www/$USER
chroot_local_user=YES
hide_ids=YES
guest_username=vsftpd
pasv_promiscuous=YES

Register the virtual users

mkdir /etc/vsftpd
htpasswd -cd /etc/vsftpd/ftpd.passwd user1
htpasswd -d /etc/vsftpd/ftpd.passwd user2
mv /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
vi /etc/pam.d/vsftpd

Add the following

auth required pam_pwdfile.so pwdfile /etc/vsftpd/ftpd.passwd
account required pam_permit.so

Create the local vsftpd user without shell access

 useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd

Restart vsftpd

service vsftpd restart

Now we create the users directories

mkdir /var/www/user1
chmod -w /var/www/user1
mkdir /var/www/user1/www
chmod -R 755 /var/www/user1/www
chown -R www-data: /var/www/user1

The main one to not forget is the removal of write access to the users root directory /var/www/user1


Please Register.


If you wish to add comments.
Cheers
Adam