Is there a way to enable the module 'mod_exec' only with a certain proftdp user?
I've compiled proftp with --with-modules=mod_exec:mod_ifsession and then configured in this way...
<IfModule mod_exec.c>
<IfUser stefano>
ExecEngine on
ExecLog /opt/proftpd-master/logs/proftpd.semics.mod_exec.log
ExecOptions logStderr logStdout
ExecBeforeCommand STOR,RETR /path/to/handler.sh EVENT=BeforeCommand FILE='%f'
ExecOnCommand STOR,RETR /path/to/handler.sh EVENT=OnCommand FILE='%f'
</IfUser>
</IfModule>
or this:
<IfUser stefano>
<IfModule mod_exec.c>
ExecEngine on
ExecLog /opt/proftpd-master/logs/proftpd.semics.mod_exec.log
ExecOptions logStderr logStdout
ExecBeforeCommand STOR,RETR /path/to/handler.sh EVENT=BeforeCommand FILE='%f'
ExecOnCommand STOR,RETR /path/to/handler.sh EVENT=OnCommand FILE='%f'
</IfModule>
</IfUser>
without success. Seems that mod_exec works only if configured outside the conditional statement.
My goal is to enable mod_exec only for user 'stefano' and/or to have several mod_exec configuration accordingly with each user configured.
Any suggestion?
mod_exec.c must be enabled by default and then inside it is possible to configure different actions for different users:
<IfModule mod_exec.c>
ExecEngine on
ExecLog /opt/proftpd-master/logs/proftpd_mod_exec.log
ExecOptions logStderr logStdout
<IfUser stefano>
ExecBeforeCommand STOR,RETR /path/to/script.sh EVENT=BeforeCommand FILE='%f'
ExecOnCommand STOR,RETR /path/to/script.sh EVENT=OnCommand FILE='%f'
</IfUser>
</IfModule>
Thanks to TJ Saunders. I hope this helps.