/etc/pure-ftpd/conf/* does not work

[daohoangson]

It looks like the files inside /etc/pure-ftpd/conf are not being read by pure-ftpd. Below are my steps:

Screen 1

$> docker run --rm --name dev -p 21:21 -p 30000-30009:30000-30009 stilliard/pure-ftpd:hardened

Screen 2

$> docker exec -it dev bash
root@dev> pure-pw useradd bob -f /etc/pure-ftpd/passwd/pureftpd.passwd -m -u ftpuser -d /home/ftpusers/bob
root@dev> mkdir -p /home/ftpusers/bob
root@dev> touch /home/ftpusers/bob/foo
root@dev> touch /home/ftpusers/bob/.bar
root@dev> cat /etc/pure-ftpd/conf/DisplayDotFiles (no)

Screen 3

$> ftp 127.0.0.1
ftp> name=bob + password
ftp> ls -al

Expect: foo

Actual: foo and .bar both showed up

Am I missing something here? It shouldn't display .bar right?

Similarly, I tried removing -j from the CMD (with /etc/pure-ftpd/conf/CreateHomeDir=yes of course, I was using hardened image) and it doesn't create home directory anymore.

[stilliard]

Hi @daohoangson
Sorry for the late reply on this.

It might be that you need to restart the service after these changes from them to take affect.

[daohoangson]

I didn't make any changes to the conf files, it always behaves that ways right after being started.

[stilliard]

Ah I see, just tested and you're right. That is pretty weird, I'll do some digging on this to find out what's wrong. Thanks for reporting this!

[daohoangson]

I noticed a new tag recently but apparently there is no changes, have you found out anything @stilliard? Thank you.

[stilliard]

Hi @daohoangson ,
Sorry I haven't had chance to look into this much yet but I'll find some time over the weekend. It's my top priority for this project to hunt down this issue.

[dylanjsa]

Has there been any progress here, I can't change MaxClientsNumber, It's stuck at 5:

220-You are user number 4 of 5 allowed.

/bin/sh -c /run.sh -c 50 -C 10 -l puredb:/etc/pure-ftpd/pureftpd.pdb -E -j -R -P $PUBLICHOST -p 30000:30009

root@4b75dd1a8379:/etc/pure-ftpd/conf# cat MaxClientsNumber 
50

I have tried restarting too without any luck.

[stilliard]

Hi @dylanjsa , Checking into this It looks like pure-ftpd will limit the number based on the available ports, I've changed the default container to actually open just 5 but added a README section about increasing this. Hope this helps.

[stilliard]

@daohoangson , after much digging I believe I've found the cause, it looks like normally pure-ftpd-wrapper would setup these config options for us based on the conf directory but we don't use that due to how we startup pure-ftpd so currently these conf changes never get applied.
I think we either need to attempt support for pure-ftpd-wrapper startup mixed with command line flags for backwards compatibility, or drop the conf directory support and switch the hardened branch to use flags instead.

[stilliard]

For now I've switched the hardened branch to use flags instead of conf file, but i'm open to changing this to use something similar to the wrapper script Debian use by default or using that same script in some way maybe.
I'll close this for now though as the flags should replace the conf files.
Please let me know if there's any issues with this though, thanks.

[daohoangson]

That makes sense. We should stick to the default behavior as much as possible and reduce our maintenance efforts. Using flags is not that hard anyway. Thanks Andrew. On Aug 30, 2017 7:31 AM, "Andrew Stilliard" <[email protected]> wrote: For now I've switched the hardened branch to use flags instead of conf file, but i'm open to changing this to use something similar to the wrapper script Debian use by default or using that same script in some way maybe. I'll close this for now though as the flags should replace the conf files. Please let me know if there's any issues with this though, thanks. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#38 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAOm6HpIRFXR3ineiy7Q42I8C-asnRiJks5sdK14gaJpZM4NaHi6> .

[aogilvie]

Related to this. How to enable configs such as read or write dot files etc? These options are not available with the ./run command.

Are you saying these files in /etc/pure-ftpd/conf/* should be created in a custom Dockerfile before the container is run for the first time? Would that work?

[stilliard]

@aogilvie Please use pure-ftpd's flags instead of the conf files as we do not support these.
Please see https://github.com/stilliard/docker-pure-ftpd#all-pure-ftpd-flags-available

[aogilvie]

@stilliard I tried -e ADDED_FLAGS=-Dz without fruition.
I then started creating a new dockerfile. Built and ran the container. Checked the run command with inspect:

# docker inspect
                "/run.sh -c 30 -C 10 -l puredb:/etc/pure-ftpd/pureftpd.pdb -E -j -R -D -z -P $PUBLICHOST -p 30000:30009"

But using various FTP clients I cannot create dot files or folders (/.example). (login and creating other files are not an issue) I must be missing something...

update: seems to be the ftp webclient i was testing with had it's own limitation policy. Using nix ftp cli I was able to create dot files (after creating my own docker file and adding -D and -z params).

[stilliard]

Hey @aogilvie , just seen your update, glad you were able to get it working.
Think the reason the ADDED_FLAGS version didn't work before was that the hardened version of this image prohibits dotfiles by default, running with ADDED_FLAGS on the base image works though:

docker run -d --name ftpd_server -p 21:21 -p 30000-30009:30000-30009 -e "PUBLICHOST=localhost" -e "ADDED_FLAGS=-d -d -D -z" -e "FTP_USER_NAME=bob" -e "FTP_USER_PASS=mypass" -e "FTP_USER_HOME=/home/bob" stilliard/pure-ftpd

[aogilvie]

@stilliard ah... Yes I was using the hardened image. Doh. Cheers.