# ONLY authenticate with pam, but sql provides the user information lookup.
AuthOrder mod_auth_pam.c* mod_sql.c

AuthPAM on
# configures which file in /etc/pam.d is used for proftpd access check
AuthPAMConfig ftp-upload

# /etc/pam.d looks like this:
#auth required /home/user/projects/pam_firstcomefirstserve/pam_firstcomefirstserve.so /home/user/projects/pam_firstcomefirstserve/proftpd_test_2/auth.db /srv/testupload 65534 65534
#account required pam_permit.so
#password required pam_permit.so
#session required pam_permit.so

# pam_firstcomefirstserve.so manages the passwords, and creates home directories with the specified uid/gid.

# PAM doesn't look up user information, so SQL is configured for that.

SQLAuthenticate users
SQLBackend sqlite
#It can be any sqlite database since we don't use any data.
SQLConnectInfo /home/user/projects/pam_firstcomefirstserve/proftpd_test_2/auth.db
SQLEngine auth
SQLUserInfo custom:/get-user-by-name
# Even though we return password 'hunter2', login with this password fails because the * AuthOrder means that PAM auth has to succeed.
SQLNamedQuery get-user-by-name select "'%U','hunter2',65534,65534,'/srv/testupload/%U','/bin/sh'"

# Restrict users to their home directories. This is the only thing that stops users accessing each others' files.
DefaultRoot ~

#Trace auth:10 auth.pam:10
#TraceLog /dev/tty