SmoothLinux Blog

Vsftpd Multiple Instances One IP Address

16 November, 2014 | vsftpd

So I needed to run multiple instances of vsftpd on one ip address but different ports so I could have different authentication methods. This was done on Debian 7 wheezy.

So in this howto you will need a working vsftpd setup in Standalone mode. This will not work with xine to knowledge.

Step 1: Copying Vsftpd Configuration And Creating Directories

Copy the vsftpd.conf

cp /etc/vsftpd.conf /etc/vsftpd-instances2.conf

Copy the vsftpd init script

cp /etc/init.d/vsftpd /etc/init.d/vsftpd-instances2
mkdir /var/run/vsftpd-instances2 (Make sure the permission on this new directory matches /var/run/vsftpd)

Optional ( If your going to do different authentication you may need to do this steps as well)

Copy Pam Authentication file

cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd-instances2

Step 2: Vsftpd Configuration Changes

You will need to edit both /etc/vsftpd.conf and /etc/vsftpd-instances2.conf and add at lease the following options and make sure the listening ports are different:

listen_port=xxxx

If you would like to bind vsftpd to one IP address set this:

listen_address=xxx.xxx.xxx.xxx

If you did the optional step above then and created /etc/pam.d/vsftpd-vsftpd-instances2. You will need to edit /etc/vsftpd-instances2.conf and edit the following lines:

pam_service_name=vsftpd 
to
pam_service_name=vsftpd-instances2

Now Edit /etc/init.d/vsftpd-instances2. With the following changes: 

# Provides: vsftpd 
to
# Provides: vsftpd-instances2
Add this line: INSTANCES2="/etc/vsftpd-instances2.conf" 
above
DAEMON="/usr/sbin/vsftpd"
NAME="vsftpd" 
to
NAME="vsftpd-instances2"
LOGFILE="/var/log/vsftpd.log" 
to
LOGFILE="/var/log/vsftpd-instances2.log"
CHROOT="/var/run/vsftpd/empty" 
to
CHROOT="/var/run/vsftpd-instances2/empty"
if [ -e /etc/vsftpd.conf ] && ! egrep -iq "^ *listen(_ipv6)? *= *yes" /etc/vsftpd.conf 
to
if [ -e /etc/vsftpd-instances2.conf ] && ! egrep -iq "^ *listen(_ipv6)? *= *yes" /etc/vsftpd-instances2.conf
start-stop-daemon --start --background -m --oknodo --pidfile /var/run/vsftpd/vsftpd.pid --exec ${DAEMON}
to
start-stop-daemon --start --background -m --oknodo --pidfile /var/run/vsftpd-instances2/vsftpd.pid --exec ${DAEMON} -- ${INSTANCES2}
_PID="$(if [ -e /var/run/vsftpd/vsftpd.pid ]; then cat /var/run/vsftpd/vsftpd.pid; fi)"
to
_PID="$(if [ -e /var/run/vsftpd-instances2/vsftpd.pid ]; then cat /var/run/vsftpd-instances2/vsftpd.pid; fi)"
start-stop-daemon --stop --pidfile /var/run/vsftpd/vsftpd.pid --oknodo --exec ${DAEMON}
to
start-stop-daemon --stop --pidfile /var/run/vsftpd-instances2/vsftpd.pid --oknodo --exec ${DAEMON}
rm -f /var/run/vsftpd/vsftpd.pid
to
rm -f /var/run/vsftpd-instances2/vsftpd.pid
start-stop-daemon --stop --pidfile /var/run/vsftpd/vsftpd.pid --signal 1 --exec $DAEMON
to
start-stop-daemon --stop --pidfile /var/run/vsftpd-instances2/vsftpd.pid --signal 1 --exec $DAEMON -- ${INSTANCES2}

Step 3: How To Manually Testing Vsftpd And Verify Configuration Changes

Everything is in place now however there is a lot that can go wrong with this setup. So I would start off testing this by manually running vsftpd without the init scripts. To do this run vsftpd manually and point it to the configures you want to use as so:

vsftpd /etc/vsftpd-instances2

And then use netstat to verify that you have two different vsftpd pids up on the correct ports. If you do not see a vsftpd PID/Program Name something is wrong with your config. Also normally running vsftpd manually help debugging start up issues.

netstat -nltp | grep vsftpd

Output Example:


tcp 0 0 xxx.xxx.xxx.xxx:990 0.0.0.0:* LISTEN 2455/vsftpd
tcp 0 0 xxx.xxx.xxx.xxx:21 0.0.0.0:* LISTEN 2394/vsftpd

If you get both instance up and running manually the init script should work without any issues provided you made the correct edits.

Start the vsftpd instances using the init scripts:

service vsftpd start
service vsftpd-instances2 start

Lastly you will need to add vsftpd-instances2 to the boot script list so it will start up at boot:

update-rc.d vsftpd-instances2 defaults

Comments

comments powered by Disqus