Occasionally, one might want to run ProFTPD on a system where root privs are not available to you as a user. It is still possible to setup a functioning FTP server without root privileges. There are a few catches and special considerations for this, however.
Here are the configuration directives that you will need to use in order
to run the server without root privileges:
/etc/passwdfor account information, and in
/etc/shadowfor the password. Comparing stored passwords requires root privileges, which this nonroot-running daemon will not have. You can get around this requirement by supplying your own passwd (and possibly group) files via the
AuthGroupFiledirectives. Make sure the permissions on your custom files allow for the daemon to read them (but hopefully not other users).
AuthUserFile /path/to/custom/ftpd.passwd AuthGroupFile /path/to/custom/ftpd.group
wtmpfiles requires root privileges. While it is not strictly necessary for this directive to be set to off, failure to do so will result in server log messages like:
host.domain.net (localhost[127.0.0.1]) - wtmpx /var/adm/wtmpx: Permission denied
Groupdirectives requires, of course, root privileges. It is best to configure
Userto be your username, and
Groupto be the name of your primary group (which is usually the first group listed by the
User bob Group bob
Note that other configuration directives will be affected by the lack of
DefaultRoot will not work, nor will
<Anonymous> sections, nor
Basically any operation that requires root privileges will be disabled.
If using the
SystemLog directive, make sure the file to which the
server is to log can be written to by the configured daemon
The daemon should now start successfully. Complaints about not being able to switch UIDs and such will be logged, but the daemon should still function properly.