1. Forum
  2. MicroNet
  3. MIN COMP

  • Re: proftpd logout

    From Warpslide@618:400/23 to All on Tue Jan 14 17:28:58 2025
    On 11 Jan 2025, Warpslide said the following...

    I opted for proftpd as well and use its "virtual user" functionality.

    [...]

    I still need to find a way to create a semaphore file when someone logs out of proftd. There is an "ExecOnExit" but these are limited to the user's chrooted path.

    In case someone else finds this useful, I asked ChatCPT to help me with a script to run some commands when specified users log out of the proftpd server. It seems to work well enough but hasn't been battle tested as of yet:


    [-- begin monitor_ftp_log.sh --]
    #!/bin/bash

    # Path to the log file
    LOG_FILE="/var/log/proftpd/proftpd.log"

    # Declare an associative array to store user login info (PID -> User)
    declare -A user_sessions

    # List of specific users to monitor
    MONITORED_USERS=("node23" "node99")

    # Action to be performed when the session is closed
    perform_action() {
    local user="$1"
    case "$user" in
    "node23") inbox="/home/ubuntu/fido/filebox/micronet_z618n400n23p1/in" ;;
    "node99") inbox="/home/ubuntu/fido/filebox/micronet_z618n400n99/in" ;;
    esac
    [ ! -z "$(ls "${inbox}")" ] && mv -n ${inbox}/*.* /home/ubuntu/fido/inbound && /home/ubuntu/fido/mailin.sh
    }

    # Function to check if a user is in the monitored list
    is_monitored_user() {
    local user="$1"
    for monitored_user in "${MONITORED_USERS[@]}"; do
    if [[ "$user" == "$monitored_user" ]]; then
    return 0 # User is in the list
    fi
    done
    return 1 # User is not in the list
    }

    # Monitor the log file
    tail -F "$LOG_FILE" | while read -r line; do

    # Check for successful login lines (USER <username>: Login successful)
    if [[ "$line" =~ USER\ ([a-zA-Z0-9]+):\ Login\ successful\. ]]; then
    user="${BASH_REMATCH[1]}" # Extract the username

    # Extract PID from the first set of square brackets []
    pid=$(echo "$line" | awk -F'[][]' '{print $2}')

    # Only monitor specific users
    if is_monitored_user "$user"; then
    # Store the user and PID in the associative array
    user_sessions["$pid"]="$user"
    fi
    fi

    # Check for FTP session closed (FTP session closed with PID in the first set of [])
    if [[ "$line" =~ \[([0-9]+)\].*FTP\ session\ closed\. ]]; then
    pid="${BASH_REMATCH[1]}" # Extract the process ID (PID)

    # Check if this PID exists in the user_sessions array
    if [[ -n "${user_sessions[$pid]}" ]]; then
    user="${user_sessions[$pid]}"

    # Only perform action for monitored users
    if is_monitored_user "$user"; then
    perform_action "$user" # Perform action for the associated user
    fi
    unset user_sessions["$pid"] # Remove the entry after the action
    fi
    fi
    done
    [-- end monitor_ftp_log.sh --]


    You can also find a copy at:
    https://nrbbs.net/monitor_ftp_log.sh.txt


    Jay

    ... What if soy milk is just regular milk introducing itself in spanish?

    --- Mystic BBS v1.12 A49 2024/05/29 (Linux/64)
    * Origin: Northern Realms (618:400/23)