There's really no need for an AuthShadowFile directive. The purpose of a
shadow file is separate sensitive information (passwords) from other
account information (association of UID/GID/username). Programs like
/bin/ls often reference the passwd file in order to display user/group
names rather than numbers; these programs don't really need that sensitive
information. Rather than relying on programs like /bin/ls to ignore the
sensitive information, libraries were developed to split the information
into /etc/passwd, /etc/shadow.
When proftpd uses an AuthUserFile, it's looking for all of the account
information, including the sensitive information. And since AuthUserFiles
are specific to proftpd, there's really no need to split any passwords out
of an AuthUserFile into an AuthShadowFile. And as the documentation
states, an AuthUserFile need not reside inside a chroot() filesystem,
which means that users can be effectively isolated from having access to
that AuthUserFile. At that point, the only consideration is making sure
that the permissions on the AuthUserFile are sufficient for the server to
have access, but not other users.
Really the difficulty involved is in the build process, and the
--enable-autoshadow and --enable-shadow/--disable-shadow configure-time
options. At present, these sort of force the server to either use the
shadow password routines (necessary for using the normal /etc/passwd,
/etc/shadow files), or to _not_ use them, and except to find the password
in /etc/passwd itself.
So I guess the question is: why exactly do you wish to keep your passwd
and shadow files' information separate?
I stood among them, but not of them; in a shroud of thoughts which were
not their thoughts.