ProFTPD module `mod_ctrls_admin`

This module is contained in the mod_ctrls_admin.c file for ProFTPD 1.2.x/1.3.x, and is not compiled by default. Installation instructions are discussed here.

This module implements administrative control actions for the ftpdctl program.

The most current version of mod_ctrls_admin is distributed with the ProFTPD source.

Author

Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.

Control Actions

debug
dns
down
dump
get
kick
restart
scoreboard
shutdown
status
trace
up

Directives

AdminControlsACLs

Syntax: AdminControlsACLs actions|all allow|deny user|group list
Default: None
Context: server config
Module: mod_ctrls_admin
Compatibility: 1.2.10rc1 and later

The AdminControlsACLs directive configures access lists of users or groups who are allowed (or denied) the ability to use the actions implemented by mod_ctrls_admin. The default behavior is to deny everyone unless an ACL allowing access has been explicitly configured.

If "allow" is used, then list, a comma-delimited list of users or groups, can use the given actions; all others are denied. If "deny" is used, then the list of users or groups cannot use actions all others are allowed. Multiple AdminControlsACLs directives may be used to configure ACLs for different control actions, and for both users and groups.

AdminControlsEngine

Syntax: AdminControlsEngine on|off|actions
Default: None
Context: server config
Module: mod_ctrls_admin
Compatibility: 1.2.10rc1 and later

The AdminControlsEnginedirective enables or disables the mod_ctrls_admin module, and thus the handling of its implemented control actions.

If only certain of the module's control actions are wanted, provide a list of those actions, rather than the normal "on" or "off". Any of mod_ctrls_admin's control actions that do not appear in actions will be unregistered; by default, all of the module's control actions are registered.

Control Actions

`debug`

Syntax: ftpdctl debug [level number]|memory|config
Purpose: Obtain debug information from the running daemon

Obtaining debug output from the server greatly helps in diagnosing problems. The trick is in getting this debug output from the server. The debug control action can be used to gather such information.

First, this control action can increase the debug logging verbosity of the daemon on-the-fly, to obtain the needed output, and then to return the daemon to a more silent state of logging.

Example:

  ftpdctl debug level 9

raises the verbosity of the daemon to its maximum level. Once enough output has been collected, use:

  ftpdctl debug level 0

to return the daemon to its default debug output level.

Alternatively, for developers, this control action can be used to display the current memory allocation of the daemon:

  ftpdctl debug memory

Memory allocations for session processes are currently not available via this control action.

A dump of the in-memory configuration structure can also be obtained via this control action:

  ftpdctl debug config

`dns`

Syntax: ftpdctl dns on|off
Purpose: Enable/disable UseReverseDNS configuration

The dns control action can be used to enable or disable the UseReverseDNS configuration at run time:

  # Enable resolution of IP addresses to DNS names
  ftpdctl dns on

  # Disable resolution of IP addresses to DNS names
  ftpdctl dns off

`down`

Syntax: ftpdctl down ip-address|dns-name[#port]|"all"
Purpose: Turn down a virtual server

The down control action can be used to "turn down" an individual virtual server, so that clients cannot connect to it. Once a virtual server has been "downed", the "up" control action can be used to bring that virtual server back up.

If a port number is not specified, it defaults to 21.

Note that using "down all" effectively puts the daemon in an "administrative" shutdown state, where the daemon is still running but no servers are available for servicing incoming connection requests. Current sessions are not affected.

`dump`

Syntax: ftpdctl dump classes|config|memory
Purpose: Dump internal information from the running daemon

The dump control action dumps various information from the internal subsystems. It is intended mainly for use by developers and curious system administrators. This control action can be used to display the current memory allocation of the daemon:

  ftpdctl dump memory

Memory allocations for session processes are currently not available via this control action.

A dump of the in-memory configuration structure can also be obtained via this control action:

  ftpdctl dump config

To list the in-meory representation of all configured Classes, use:

  ftpdctl dump classes

`get`

Syntax: ftpdctl get "config"|"directives"
Purpose: Obtain configuration information

The get control action can be used obtain various sorts of configuration information from the daemon. At present, this control action only supports the "config" and "directives" parameters.

The "config" parameter causes ftpdctl to display a configuration dump, similar to what is displayed by a syntax check (i.e. using the -t proftpd command-line option).

The "directives" parameter causes ftpdctl to display a sorted list of all supported configuration directives, as well as the module which handles the corresponding directive.

`kick`

Syntax: ftpdctl kick [class name]|[host dns-name|ip-address][user name]
Purpose: Kick a currently connected class, host or user from the daemon

The kick control action can be used to disconnect a currently connected class, host or user from the daemon.

Examples:

  ftpdctl kick user bob dave

will kick all sessions that have logged in as user "bob" or user "dave".

  ftpdctl kick host luser.host.net

will kick all sessions that have connected from host "luser.host.net".

  ftpdctl kick class eval intranet

will kick all sessions that belong to classes "eval" and "intranet".

`restart`

Syntax: ftpdctl restart
Purpose: Restart the daemon

The restart control action causes the daemon to re-read its configuration file, just as if a SIGHUP had been used. This is convenient for administrators, as it does not (necessarily) require root privileges, nor knowledge of the daemon's PID, to restart the daemon.

`scoreboard`

Syntax: ftpdctl scoreboard scrub
Purpose: Scrubs the ScoreboardFile for dead processes

The scoreboard control action can be used to force the ScoreboardFile to be "scrubbed" for dead session processes which may not have exited cleanly.

  ftpdctl scoreboard scrub

  # The verb "clean" is synonymous with "scrub"
  ftpdctl scoreboard clean

`shutdown`

Syntax: ftpdctl shutdown ["graceful" seconds]
Purpose: Stop the daemon

The shutdown control action shuts the daemon down. This is convenient for administrators, as it does not (necessarily) require root privileges, nor knowledge of the daemon's PID, to stop the daemon.

The optional "graceful" parameter allows for a graceful shutdown, in which proftpd will wait for the given number of seconds for all current sessions to end, before shutting down.

Example:

  ftpdctl shutdown graceful 30

will cause proftpd to wait for 30 seconds for all current sessions to end before shutting down completely.

`status`

Syntax: ftpdctl status ip-address|dns-name[#port]|"all"
Purpose: Display the status of virtual servers

The status control action can be used to show the status of a particular virtual server, whether it is up or down.

If a port number is not specified, it defaults to 21.

If "status all" is used, the status of all virtual servers will be displayed.

`trace`

Syntax: ftpdctl trace channel:level|"info"
Purpose: Configure trace channel log levels

The trace control action can be used to dynamically change the log levels of trace log levels.

Example:

  ftpdctl trace delay:10

will set the log verbosity level of the delay trace log channel to 10.

Additionally, the trace control action can be used to display the list of current trace channels and their log levels, e.g.:

  # ftpdctl trace info
  ftpdctl: Channel    Level 
  ftpdctl: ---------- ------
  ftpdctl:        pam 10    
  ftpdctl:     netacl 10    
  ftpdctl:   response 10    
  ftpdctl:       auth 10    
  ftpdctl:       utf8 10    
  ftpdctl:       inet 10    
  ftpdctl:    binding 10    
  ftpdctl:        dns 10    
  ftpdctl:        dso 10    
  ftpdctl:     parser 10    
  ftpdctl:       pool 10    
  ftpdctl:      ctrls 10    
  ftpdctl:       data 10    
  ftpdctl:      netio 10    
  ftpdctl:     config 10    
  ftpdctl:      ident 10    
  ftpdctl:    command 10    
  ftpdctl:      delay 10    
  ftpdctl:      timer 10    
  ftpdctl:        var 10    
  ftpdctl:      event 10    
  ftpdctl:       fsio 10    
  ftpdctl:       site 10

`up`

Syntax: ftpdctl up ip-address|dns-name[#port]
Purpose: Turn up a "downed" virtual server

The up control action can be used to "turn up" any virtual server that has been "downed" by the "down" control action. Note that using the "restart" control action is sufficient to enable, with one command, all virtual servers that have been downed.

If a port number is not specified, it defaults to 21.

Installation

This module requires that controls support be enabled in proftpd via the --enable-ctrls configure option. Follow the normal steps for using third-party modules in ProFTPD:

  ./configure --enable-ctrls --with-modules=mod_ctrls_admin
  make
  make install

Last Updated: $Date: 2006/12/15 23:10:01 $

ProFTPD module mod_ctrls_admin

Author

Directives

Control Actions

Directives

Control Actions

ProFTPD module `mod_ctrls_admin`