Proftpd/mysql on Etch fails PAM after upgrade

Discussion in 'HOWTO-Related Questions' started by slapaf, Oct 28, 2008.

  1. slapaf

    slapaf New Member

    Hi
    I followed the Proftpd/mysql -etch and everything worked fine. Then a few days ago I noticed it had stoppped working. Only thing I can think of doing on the server is apt-get upgrade.

    Here is proftpd.log
    Code:
    Oct 28 13:47:54 sds.dk proftpd[2473] sds.dk (87.51.7.99[87.51.7.99]): FTP session opened.
    Oct 28 13:47:57 sds.dk proftpd[2473] sds.dk (87.51.7.99[87.51.7.99]): PAM(shop): User not known to the underlying authentication module.
    Oct 28 13:47:57 sds.dk proftpd[2473] sds.dk (87.51.7.99[87.51.7.99]): USER shop: Login successful.
    Oct 28 13:47:57 sds.dk proftpd[2473] sds.dk (87.51.7.99[87.51.7.99]): Preparing to chroot to directory '/var/www/shop'
    Here is auth.log

    Code:
    Oct 28 13:47:54 sds proftpd: (pam_unix) check pass; user unknown
    Oct 28 13:47:54 sds proftpd: (pam_unix) authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=87.51.7.99
    Here is proftpd.conf:
    Code:
    #
    # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    #
    
    # Includes DSO modules
    Include /etc/proftpd/modules.conf
    
    # Set off to disable IPv6 support which is annoying on IPv4 only boxes.
    UseIPv6                         off
    
    ServerName                      "Debian"
    ServerType                      standalone
    DeferWelcome                    off
    
    MultilineRFC2228                on
    DefaultServer                   on
    ShowSymlinks                    on
    
    TimeoutNoTransfer               600
    TimeoutStalled                  600
    TimeoutIdle                     1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                     "-l"
    
    DenyFilter                      \*.*/
    
    tcpNoDelay                      on
    IdentLookups                    off
    UseReverseDNS                   off
    
    
    # Port 21 is the standard FTP port.
    Port                            21
    
    # In some cases you have to specify passive ports range to by-pass
    # firewall limitations. Ephemeral ports can be used for that, but
    # feel free to use a more narrow range.
    # PassivePorts                    49152 65534
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances                    30
    
    # Set the user and group that the server normally runs at.
    #User                           proftpd
    #Group                          nogroup
    User                            ftpuser
    Group                           ftpgroup
    
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask                           022  022
    # Normally, we want files to be overwriteable.
    AllowOverwrite                  on
    
    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    # PersistentPasswd              off
    
    # Be warned: use of this directive impacts CPU average load!
    #
    # Uncomment this if you like to see progress and transfer rate with ftpwho
    # in downloads. That is not needed for uploads rates.
    # UseSendFile                   off
    
    TransferLog /var/log/proftpd/xferlog
    SystemLog   /var/log/proftpd/proftpd.log
    
    <IfModule mod_tls.c>
    #TLSEngine off
    </IfModule>
    
    <IfModule mod_quota.c>
    #QuotaEngine on
    </IfModule>
    
    <IfModule mod_ratio.c>
    #Ratios on
    </IfModule>
    
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default.
    <IfModule mod_delay.c>
    #DelayEngine off
    </IfModule>
    
    <IfModule mod_ctrls.c>
    ControlsEngine        on
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
    </IfModule>
    
    <IfModule mod_ctrls_admin.c>
    AdminControlsEngine on
    </IfModule>
    
    DefaultRoot ~
    
    Include /etc/proftpd/mysql.conf
    RootLogin off
    RequireValidShell off
    Here is mysql.conf (included in proftpd.conf)
    Code:
    # Force the use of mysql backend
    SQLBackend                      mysql
    
    # The passwords in MySQL are using its own PASSWORD function
    SQLAuthTypes                    Backend
    SQLAuthenticate                 users* groups*
    
    # details to connect to mysql db
    # dbname@host dbuser dbpass
    SQLConnectInfo                  proftpddb@localhost proftpduser xxxxxx
    
    # Let proFTPd know the name of the columns in the user table
    # Mind that this need to match the name in you table
    SQLUserInfo                     ftpuser userid passwd uid gid homedir shell
    
    # Let proFTPd know the name of the columns in the group table
    # we want it to interact with. Again the names match with those in the db
    SQLGroupInfo                    ftpgroup groupname gid members
    
    # proftpd will dynamicaly create if the homedir does not yet exist
    SQLHomedirOnDemand              on
    
    # update counter when a user logs in
    SQLLog                          PASS updatecount
    SQLNamedQuery                   updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser
    
    # change modified time anytime a user delete a file or upload one
    SQLLog                          STOR,DELE modified
    SQLNamedQuery                   modified UPDATE "modified=now() WHERE userid='%u'" ftpuser
    

    I tried reinstall proftpd-mysql but it didn't help. I also tried remove ftpuser and add again but no luck...

    Any ideas of what is wrong ??
     
  2. marchost

    marchost New Member HowtoForge Supporter

    If you think its related to the updates, check what have been updated. In Ubuntu the apt log file is under /var/log/apt/ (should be similar under debian)

    Whats in /etc/proftpd/modules.conf
     
  3. slapaf

    slapaf New Member

    This is modules.conf:

    Code:
    #
    # This file is used to manage DSO modules and features.
    #
    
    # This is the directory where DSO modules reside
    
    ModulePath /usr/lib/proftpd
    
    # Allow only user root to load and unload modules, but allow everyone
    # to see which modules have been loaded
    
    #ModuleControlsACLs insmod,rmmod allow user root
    #ModuleControlsACLs lsmod allow user *
    
    LoadModule mod_ctrls_admin.c
    #LoadModule mod_tls.c
    LoadModule mod_sql.c
    #LoadModule mod_ldap.c
    LoadModule mod_sql_mysql.c
    #LoadModule mod_sql_postgres.c
    #LoadModule mod_quotatab.c
    #LoadModule mod_quotatab_file.c
    #LoadModule mod_quotatab_ldap.c
    #LoadModule mod_quotatab_sql.c
    #LoadModule mod_radius.c
    #LoadModule mod_wrap.c
    LoadModule mod_rewrite.c
    
    # keep this module the last one
    LoadModule mod_ifsession.c
    
    Looks like alot was updated: apache,logcheck,clamav,mailx,libpq-dev etc.

    It seems that login might be succesfull
    Code:
    USER shop: Login successful.
    
    but its hanging on "preparing to chroot..."

    I tried to giv 0777 permissions on directory but it didn't help.

    What could keep it from chrooting ?
     
  4. marchost

    marchost New Member HowtoForge Supporter

    What happend when you comment this line in proftpd.conf :

    DefaultRoot ~

    If you still cant login, what does the log file says?

    I dont know if its related but I dont see this line in /etc/proftpd/mysql.conf :

    SQLMinID 500
     
  5. slapaf

    slapaf New Member

    Tried to comment DefaultRoot and add SQLMinID=500, same result.

    I then tried a fresh install of proftpd-mysql and it still doesn't work :confused:
     
  6. falko

    falko Super Moderator Howtoforge Staff

    Did you try both active and passive mode?
     
  7. slapaf

    slapaf New Member

    Nope.

    I just finished yet another reinstall after complete purge of proftpd, users, dirs...and now it works again.

    I still get
    Code:
    PAM(shop): User not known to the underlying authentication module.
    
    but it seems it doesn't affect login. I just wrongly assumed that it was the reason.

    It still worries me why it was refusing to chroot and why I didn't get any errors in log.

    Thanks for trying to help though! :)
     

Share This Page