Jump to content
Froxlor Forum
  • 0

[solved] ProFTPd login Problem

MisterT

Asked by MisterT,

Question

MisterT Newbie

MisterT

Posted
Posted

Moin Community,

 

Ich habe auf Debian Squeeze ein login Problem mit ProFTPd. ProFTPd meldet in den log files "no such user". Der FTP Benutzer ist aber in den FTP Benutzerkonten eingetragen als auch in der mysql Datenbank table "ftp_users".

Habe nachtr?glich versucht libnss zu konfigurieren (Nach Froxlor Panel -> Konfiguration -> Debian Squeeze), dass brachte aber auch kein Erfolg. PrFTPd is ebenfalls nach Froxlor Konfigurationspanel konfiguriert worden.

 

Ich habe vergeblich versucht den Fehler mit Debuglevel6 zu reproduzieren, doch ich bin mit mein latein am ende. Hoffe daher ihr k?nnt mir helfen.

Hier mal erstmal ein paar Sachen die ihr bestimmt braucht:

 

Debian Version: 6.0.1a (alle updates seit gestern)

Froxlor version: 0.9.20.1-1

 

ProFTPd config:

#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6                         on
# If set on you can experience a longer connection delay in many cases.
IdentLookups                    off

ServerName                      "Debian"
ServerType                      standalone
DeferWelcome                    off

MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayLogin                    welcome.msg
DisplayChdir                    .message true
ListOptions                     "-l"

DenyFilter                      \*.*/

# Use this to jail all users in their homes
#DefaultRoot                    ~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell             off

# Port 21 is the standard FTP port.
Port                            21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts                  49152 65534

# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress             1.2.3.4

# This is useful for masquerading address with dynamic IPs:
# refresh any configured MasqueradeAddress directives every 8 hours
<IfModule mod_dynmasq.c>
# DynMasqRefresh 28800
</IfModule>

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30
# Set the user and group that the server normally runs at.
User                            proftpd
Group                           nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                           022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                  on

# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
# PersistentPasswd              off

# This is required to use both PAM-based authentication and local passwords
# AuthOrder                     mod_auth_pam.c* mod_auth_unix.c

# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile                   off

TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log

<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>

<IfModule mod_ratio.c>
Ratios off
</IfModule>


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        off
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>

#
# Alternative authentication frameworks
#
#Include /etc/proftpd/ldap.conf
#Include /etc/proftpd/sql.conf

#
# This is used for FTPS connections
#
#Include /etc/proftpd/tls.conf

#
# Useful to keep VirtualHost/VirtualRoot directives separated
#
#Include /etc/proftpd/virtuals.con

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
#   User                                ftp
#   Group                               nogroup
#   # We want clients to be able to login with "anonymous" as well as "ftp"
#   UserAlias                   anonymous ftp
#   # Cosmetic changes, all files belongs to ftp user
#   DirFakeUser on ftp
#   DirFakeGroup on ftp
#
#   RequireValidShell           off
#
#   # Limit the maximum number of anonymous logins
#   MaxClients                  10
#
#   # We want 'welcome.msg' displayed at login, and '.message' displayed
#   # in each newly chdired directory.
#   DisplayLogin                        welcome.msg
#   DisplayChdir                .message
#
#   # Limit WRITE everywhere in the anonymous chroot
#   <Directory *>
#     <Limit WRITE>
#       DenyAll
#     </Limit>
#   </Directory>
#
#   # Uncomment this if you're brave.
#   # <Directory incoming>
#   #   # Umask 022 is a good standard umask to prevent new files and dirs
#   #   # (second parm) from being group and world writable.
#   #   Umask                           022  022
#   #            <Limit READ WRITE>
#   #            DenyAll
#   #            </Limit>
#   #            <Limit STOR>
#   #            AllowAll
#   #            </Limit>
#   # </Directory>
#
# </Anonymous>

 

Meine Proftpd modules.conf:

#
# This file is used to manage DSO modules and features.
#

# This is the directory where DSO modules reside

ModulePath /usr/lib/proftpd

# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded

ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *

LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c

# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this
LoadModule mod_sql.c

# Install proftpd-mod-ldap to use this
#LoadModule mod_ldap.c

#
# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required
# to have SQL authorization working. You can also comment out the
# unused module here, in alternative.
#

# Install proftpd-mod-mysql to use this
LoadModule mod_sql_mysql.c

# Install proftpd-mod-pgsql to use this
#LoadModule mod_sql_postgres.c

LoadModule mod_radius.c
LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c

# Install proftpd-mod-ldap to use this
#LoadModule mod_quotatab_ldap.c

# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
LoadModule mod_quotatab_sql.c
LoadModule mod_quotatab_radius.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c
LoadModule mod_load.c
LoadModule mod_ban.c
LoadModule mod_wrap2.c
LoadModule mod_wrap2_file.c
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
#LoadModule mod_wrap2_sql.c
LoadModule mod_dynmasq.c

# keep this module the last one
LoadModule mod_ifsession.c

 

Meine Proftpd sql.conf:

<IfModule mod_sql.c>
DefaultRoot ~
RequireValidShell off
AuthOrder mod_sql.c

SQLBackend mysql
SQLEngine on
SQLAuthenticate on

SQLAuthTypes Crypt
SQLAuthenticate users* groups*
SQLConnectInfo froxlor@127.0.0.1 froxlor MYSQL_PASSWORD_FROXLOR_USER
SQLUserInfo ftp_users username password uid gid homedir shell
SQLGroupInfo ftp_groups groupname gid members
SQLUserWhereClause "login_enabled = 'y'"

SQLLog PASS login
SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users

SQLLog RETR download
SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users

SQLLog STOR upload
SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users

QuotaEngine on
QuotaShowQuotas on
QuotaDisplayUnits Mb
QuotaLock /var/lock/ftpd.quotatab.lock
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies

</IfModule>

 

Und hier mal ein Debug logfile: (nach "/usr/sbin/proftpd -n -d 9 -c /etc/proftpd/proftpd.conf" )

 - using TCP receive buffer size of 87380 bytes
- using TCP send buffer size of 16384 bytes
- ROOT PRIVS at mod_core.c:304
- loading 'mod_ctrls_admin.c'
- loading 'mod_tls.c'
- mod_tls/2.4.1: using OpenSSL 0.9.8o 01 Jun 2010
- loading 'mod_sql.c'
- loading 'mod_sql_mysql.c'
- loading 'mod_radius.c'
- loading 'mod_quotatab.c'
- loading 'mod_quotatab_file.c'
- loading 'mod_quotatab_sql.c'
- loading 'mod_quotatab_radius.c'
- loading 'mod_wrap.c'
- loading 'mod_rewrite.c'
- loading 'mod_load.c'
- loading 'mod_ban.c'
- loading 'mod_wrap2.c'
- loading 'mod_wrap2_file.c'
- loading 'mod_dynmasq.c'
- loading 'mod_ifsession.c'
- RELINQUISH PRIVS at mod_core.c:326
- DenyFilter: compiling regex '\*.*/'
- <IfModule>: using 'mod_dynmasq.c' section at line 54
- ROOT PRIVS at mod_log.c:537
- RELINQUISH PRIVS at mod_log.c:542
- <IfModule>: using 'mod_quotatab.c' section at line 91
- <IfModule>: skipping 'mod_ratio.c' section at line 95
- <IfModule>: using 'mod_delay.c' section at line 103
- <IfModule>: using 'mod_ctrls.c' section at line 107
- ROOT PRIVS at mod_ctrls.c:110
- RELINQUISH PRIVS at mod_ctrls.c:112
- <IfModule>: using 'mod_ctrls_admin.c' section at line 115
mistert.us.to -
mistert.us.to - Config for Debian:
mistert.us.to - IdentLookups
mistert.us.to - DeferWelcome
mistert.us.to - DefaultServer
mistert.us.to - ShowSymlinks
mistert.us.to - TimeoutNoTransfer
mistert.us.to - TimeoutStalled
mistert.us.to - TimeoutIdle
mistert.us.to - DisplayLogin
mistert.us.to - DisplayChdir
mistert.us.to - ListOptions
mistert.us.to - DenyFilter
mistert.us.to - UserID
mistert.us.to - UserName
mistert.us.to - GroupID
mistert.us.to - GroupName
mistert.us.to - Umask
mistert.us.to - DirUmask
mistert.us.to - AllowOverwrite
mistert.us.to - TransferLog
mistert.us.to - QuotaEngine
mistert.us.to - DelayEngine
mistert.us.to - ROOT PRIVS at mod_delay.c:354
mistert.us.to - RELINQUISH PRIVS at mod_delay.c:359
mistert.us.to - mod_lang/0.9: binding to text domain 'proftpd' using locale path '/usr/share/locale'
mistert.us.to - mod_lang/0.9: using locale files in '/usr/share/locale'
mistert.us.to - mod_lang/0.9: skipping possible language 'it': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'ru': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'zh_CN': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'ja_JP': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'fr_FR': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'bg_BG': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'en_US': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'zh_TW': not supported by setlocale(3); see `locale -a'
mistert.us.to - mod_lang/0.9: skipping possible language 'ko_KR': not supported by setlocale(3); see `locale -a'
mistert.us.to - SETUP PRIVS at main.c:3127
mistert.us.to - ROOT PRIVS at main.c:2151
mistert.us.to - RELINQUISH PRIVS at main.c:2158
mistert.us.to - ROOT PRIVS at main.c:2486
mistert.us.to - opening scoreboard '/var/run/proftpd.scoreboard'
mistert.us.to - RELINQUISH PRIVS at main.c:2512
mistert.us.to - ROOT PRIVS at mod_ctrls_admin.c:1180
mistert.us.to - opening scoreboard '/var/run/proftpd.scoreboard'
mistert.us.to - RELINQUISH PRIVS at mod_ctrls_admin.c:1182
mistert.us.to - ROOT PRIVS at inet.c:348
mistert.us.to - RELINQUISH PRIVS at inet.c:411
mistert.us.to - ProFTPD 1.3.3a (maint) (built Mon Mar 7 2011 09:26:42 UTC) standalone mode STARTUP
mistert.us.to - ROOT PRIVS at pidfile.c:48
mistert.us.to - RELINQUISH PRIVS at pidfile.c:50
mistert.us.to - ROOT PRIVS at main.c:1238
mistert.us.to - RELINQUISH PRIVS at main.c:1242
mistert.us.to - no matching vhost found for ::ffff:46.4.73.168#21, using 'Debian' listening on wildcard address
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - ROOT PRIVS at main.c:1086
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - SETUP PRIVS at main.c:1091
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - session requested from client in unknown class
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - performing module session initializations
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - mod_sql/4.2.5: defaulting to 'mysql' backend
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - mod_cap/1.0: adding CAP_AUDIT_WRITE capability
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - mod_ident/1.0: ident lookup disabled
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - ROOT PRIVS at mod_delay.c:1447
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - RELINQUISH PRIVS at mod_delay.c:1452
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - ROOT PRIVS at mod_auth.c:133
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - opening scoreboard '/var/run/proftpd.scoreboard'
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - RELINQUISH PRIVS at mod_auth.c:135
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - connected - local  : ::ffff:SERVER_IP_ADRESS:21
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - connected - remote : ::ffff:MY_IP_ADRESS:49683
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - FTP session opened.
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_rewrite
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_tls
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_core
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_core
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_delay
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'USER mpehr' to mod_auth
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching CMD command 'USER mpehr' to mod_auth
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD command 'USER mpehr' to mod_sql
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD command 'USER mpehr' to mod_delay
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching LOG_CMD command 'USER mpehr' to mod_sql
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching LOG_CMD command 'USER mpehr' to mod_log
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_rewrite
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_ban
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_radius
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_sql
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching CMD command 'PASS (hidden)' to mod_auth
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - USER mpehr: no such user found from MY_IP_ADRESS [::ffff:78.94.88.115] to ::ffff:46.4.73.168:21
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_sql
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_wrap2
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_radius
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_sql
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
mistert.us.to (ip-78-94-88-115.unitymediagroup.de[::ffff:78.94.88.115]) - FTP session closed.
mistert.us.to - scrubbing scoreboard
mistert.us.to - ROOT PRIVS at scoreboard.c:1077
mistert.us.to - RELINQUISH PRIVS at scoreboard.c:1079
mistert.us.to - ROOT PRIVS at scoreboard.c:1117
mistert.us.to - RELINQUISH PRIVS at scoreboard.c:1151

 

So hoffe, das reich euch :D Weiss aktuell nicht, was ich euch sonst noch haette posten solleN ! ;)

?brigens das Paket debian Paket "proftpd-mod-mysql" ist nat?rlich installiert :)

 

Danke schonmal f?r die bem?hungen

 

Gr??e

4 answers to this question

Recommended Posts

Chb Rookie

Chb

Posted
Posted
#Include /etc/proftpd/sql.conf

Ist es wirklich gewollt, dass diese Zeile auskommentiert ist? Hast du die Einstellungen f?r ProFTPd aus Froxlor ?bernommen?

MisterT Newbie

MisterT

Posted
  • Author
Posted

jop das is die config 1:1 aus der froxlor konfiguration, den alten inhalt komplett gel?scht und die aus froxlor rein geschmissen ;)

 

aber gut das du's ansprichst, hab ich garnicht gesehen. Werde ich sofort testen und berichten, ob es daran lag ^^

 

EDIT: Nope, hab dein besagtes Include mal auskommentiert und gleicher fehler, das debug log sieht exagt genauso aus, wie ich es oben gepostet habe.

Sch?tze das der Include befehl noch woanders hinterlegt ist, das man den nicht ben?tigt.

 

Sonst noch jemand ne Idee ? Bin hier solangsam am verzweifeln :D

Chb Rookie

Chb

Posted
Posted

Auf die Gefahr hin, gesteinigt zu werden: Danach ProFTPd neugestartet?

Kann nur sagen, dass ich auf einem Testserver eine andere Config habe... Mag aber an Debian Lenny liegen.

 

Zum Vergleich:

proftpd.conf

#

# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.

# To really apply changes reload proftpd after modifications.

#

 

# Includes DSO modules

Include /etc/proftpd/modules.conf

 

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.

UseIPv6 on

 

ServerName "FTP Server"

ServerType standalone

DeferWelcome off

 

MultilineRFC2228 on

DefaultServer on

ShowSymlinks on

 

TimeoutNoTransfer 600

TimeoutStalled 600

TimeoutIdle 1200

 

DisplayLogin welcome.msg

DisplayChdir .message true

ListOptions "-l"

 

DenyFilter \*.*/

 

# Use this to jail all users in their homes

# DefaultRoot ~

 

# Users require a valid shell listed in /etc/shells to login.

# Use this directive to release that constrain.

# RequireValidShell off

 

# Port 21 is the standard FTP port.

Port 21

 

# In some cases you have to specify passive ports range to by-pass

# firewall limitations. Ephemeral ports can be used for that, but

# feel free to use a more narrow range.

# PassivePorts 49152 65534

 

# If your host was NATted, this option is useful in order to

# allow passive tranfers to work. You have to use your public

# address and opening the passive ports used on your firewall as well.

# MasqueradeAddress 1.2.3.4

 

# This is useful for masquerading address with dynamic IPs:

# refresh any configured MasqueradeAddress directives every 8 hours

<IfModule mod_dynmasq.c>

# DynMasqRefresh 28800

</IfModule>

 

# To prevent DoS attacks, set the maximum number of child processes

# to 30. If you need to allow more than 30 concurrent connections

# at once, simply increase this value. Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd)

MaxInstances 30

 

# Set the user and group that the server normally runs at.

User proftpd

Group nogroup

 

# Umask 022 is a good standard umask to prevent new files and dirs

# (second parm) from being group and world writable.

Umask 022 022

# Normally, we want files to be overwriteable.

AllowOverwrite on

 

# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:

# PersistentPasswd off

 

# This is required to use both PAM-based authentication and local passwords

# AuthOrder mod_auth_pam.c* mod_auth_unix.c

 

# Be warned: use of this directive impacts CPU average load!

# Uncomment this if you like to see progress and transfer rate with ftpwho

# in downloads. That is not needed for uploads rates.

#

# UseSendFile off

 

TransferLog /var/log/proftpd/xferlog

SystemLog /var/log/proftpd/proftpd.log

 

<IfModule mod_quotatab.c>

QuotaEngine on

</IfModule>

 

<IfModule mod_ratio.c>

Ratios off

</IfModule>

 

 

# Delay engine reduces impact of the so-called Timing Attack described in

# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02

# It is on by default.

<IfModule mod_delay.c>

DelayEngine off

</IfModule>

 

<IfModule mod_ctrls.c>

ControlsEngine off

ControlsMaxClients 2

ControlsLog /var/log/proftpd/controls.log

ControlsInterval 5

ControlsSocket /var/run/proftpd/proftpd.sock

</IfModule>

 

<IfModule mod_ctrls_admin.c>

AdminControlsEngine off

</IfModule>

 

#

# Alternative authentication frameworks

#

#Include /etc/proftpd/ldap.conf

Include /etc/proftpd/sql.conf

 

#

# This is used for FTPS connections

#

#Include /etc/proftpd/tls.conf

 

sql.conf:

<IfModule mod_sql.c>

DefaultRoot ~

RequireValidShell off

AuthOrder mod_sql.c

 

SQLBackend mysql

SQLEngine on

SQLAuthenticate on

 

SQLAuthTypes Crypt

SQLAuthenticate users* groups*

SQLConnectInfo datenbank@127.0.0.1 benutzer kennwort

SQLUserInfo ftp_users username password uid gid homedir shell

SQLGroupInfo ftp_groups groupname gid members

SQLUserWhereClause "login_enabled = 'y'"

 

SQLLog PASS login

SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users

 

SQLLog RETR download

SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users

 

SQLLog STOR upload

SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users

 

QuotaEngine on

QuotaShowQuotas on

QuotaDisplayUnits Mb

QuotaLock /var/lock/ftpd.quotatab.lock

QuotaLimitTable sql:/get-quota-limit

QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'"

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies

 

</IfModule>

MisterT Newbie

MisterT

Posted
  • Author
Posted

Alles klar, hab den Fehler gefunden, deine config hat mir den anstoss gegeben ^^

 

Und zwar lag es wirklich an der kommentierten Include zeile, wie du zu anfang sagtest. Allerdings hat das da nicht funktioniert, weil Passwoerter nicht richtig in die Mysql datenbank geschrieben worden sind, daher hat proftpd direkt gesagt, dass kein user vorhanden sei.

Habe also das Passwort problem in der Datenbank behoben und wie du sagtest die Include sql.conf zeile da, die du meintest auskommentiert und siehe da...

Nun funtkioniert es auch mit meiner config ;)

 

Danke f?r die hilfe @Chb :)

 

Sch?nes Wochenende euch noch!

Archived

This topic is now archived and is closed to further replies.

Go to question listing


×
×
  • Create New...