Hello there, i have some serious trouble here, my previous sysadmin died a few weeks ago and now i have to oversee a few servers which were running fine till a few days ago. The ftp server suddenly stopped and i dont know what is wrong. Im also not that very experienced with this stuff. In the ISP Config the FTP Cliend is vsftpd. I tried to reboot the server, no result i tried to restart/stop/start vsftpd no result i searched via the internet and found nothing im a bit scared that if im doing something very stupid (like reinstalling vsftpd), all the accounts created by ispconfig would never be able to login to their ftp space again. And there are a lot of configs. I would really wish that one of you can help with this problem as i seen in a few posts ago i posted some results from some commands which should give you an overview of some basics: netstat -tap | grep ftp no output from this command ps aux | grep ftp root 15487 0.0 0.1 23440 1800 ? Ss 06:46 0:00 /usr/lib/openssh/sftp-server root 15609 0.0 0.0 2764 620 pts/0 R+ 06:50 0:00 grep ftp please help me, cause i really dont know what to do. thank you for your time reading through this. tomy
Did you check the vsftpd-logs in /var/log, if there's sth. why the daemon does not start? So there is absolutely no output if you run the start / stop script of vsftp?
Also be aware that the vsftpd is started in a ISPConfig server by the ISPConfig tcpserver. Please try to restart the ispconfig_server script too.
@ Ben the last written in the log was : Code: Sun Apr 22 02:08:43 2007 1 89.245.117.159 2173 /web/hk/img/buttons/top_startseite.jpg b _ i r web34_ma ftp 0 * c Sun Apr 22 02:08:43 2007 1 89.245.117.159 304 /web/hk/img/content_bg.jpg b _ i r web34_ma ftp 0 * c Sun Apr 22 02:08:43 2007 1 89.245.117.159 1138 /web/hk/img/header_bg.jpg b _ i r web34_ma ftp 0 * c Sun Apr 22 02:08:44 2007 1 89.245.117.159 54993 /web/hk/img/header.jpg b _ i r web34_ma ftp 0 * c Sun Apr 22 02:08:44 2007 1 89.245.117.159 1285 /web/hk/index.html a _ i r web34_ma ftp 0 * c Sun Apr 22 02:10:21 2007 1 89.245.117.159 1280 /web/hk/index.html a _ i r web34_ma ftp 0 * c this looks normal to me and yes, there is absolutly no outpot if i stop/start/restart @till how do i restart the ispconfig_server script? is this dangerous? i mean is there a possibility that something gets deletet? sorry for the question, but im really new to this
problem still exists i restarted ispconfig but still the same problem ps aux | grep ftp Code: 1516 0.0 0.0 2764 620 pts/1 R+ 02:29 0:00 grep ftp netstat -tap | grep ftp no output from this command and nothing in the log What can i do now? reinstall vsftpd? and if, how? Will the accounts from ispconfig still work if i reinstall it?
nothing -_- nothing in the syslog and messages log hinting at the ftp server or something related if the mods would like to take a look for themselves i will glady hand them over the login details, im totaly done, the people hosted on the server are going nuts. please help
hmm what about /home/admispconfig/ispconfig/ispconfig.log just to see what the script's doing? may you post the vsftpd.conf here? Eventually you should thinkg about saving the vsftpd*-configs, remove/erase/purge vsftpd and install it again...
Please have a look at the logfile that Ben suggested. Are the users that are unable to login listed in /etc/passwd? If you want Falko or me to have a look at your server, please contact us at info [at] projektfarm [dot] com
Here is a short list from ispconfig.log after restarting ispconfig, users and urls were replaced with XXX Code: 05.05.2007 - 23:59:15 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 119: rm -f /home/admispconfig/mailstats/web178_XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXXXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 119: rm -f /home/admispconfig/mailstats/web178_XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 132: rm -f /var/log/mail.log.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 132: rm -f /var/log/mail.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 132: rm -f /var/log/mail.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/mail_logs.php, Line 132: rm -f /var/log/mail.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 96: cat /dev/null > /var/log/vsftpd.log.www.XXXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 121: rm -f /var/log/vsftpd.log.www.XXX 05.05.2007 - 23:59:16 => INFO - /root/ispconfig/scripts/shell/ftp_logs.php, Line 124: rm -f /var/log/vsftpd.log.05-05-07_23-59-02 here is the conf: Code: # Example config file /etc/vsftpd.conf # # The default compiled in settings are very paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # # Allow anonymous FTP? anonymous_enable=YES # # Uncomment this to allow local users to log in. local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=002 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. #anon_mkdir_write_enable=YES # anon_umask=002 # ftp_username=web72_anonftp # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # Activate logging of uploads/downloads. xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # You may override where the log file goes if you like. The default is shown # below. xferlog_file=/var/log/vsftpd.log # # If you want, you can have your log file in standard ftpd xferlog format xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that turning on ascii_download_enable enables malicious remote parties # to consume your I/O resources, by issuing the command "SIZE /big/file" in # ASCII mode. # These ASCII options are split into upload and download because you may wish # to enable ASCII uploads (to prevent uploaded scripts etc. from breaking), # without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be # on the client anyway.. ascii_upload_enable=YES ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned-emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot-list # chroot_local_user=YES # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES pam_service_name=vsftpd thank you for your help @till i will send you an email with the logindata as well as an sample ftp login thank you
The problems seems to be a incompatibility of the ispconfig tcpserver with the latest glibc versions. The tcpserver is needed for vsftpd because of the limited anonymous functionality in vsftpd. The patch from the following thread seems not to work anymore with the latest glibc, but you may try it anyway: http://www.howtoforge.com/forums/showthread.php?t=446&highlight=GLIBC_2.0 I recommend to install proftpd as described in the perfect setup guides instead of vsftpd.
Hi and thanks for your help so far im trying to install proftp but heres the error: IPv6 getaddrinfo xxx error: Name or service not known i searched for the IPV6 entry, but theres nothing in it. what do i have to change? heres the conf Code: # # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes reload proftpd after modifications. # # Includes DSO modules Include /etc/proftpd/modules.conf ServerName "Debian" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ # Port 21 is the standard FTP port. Port 21 # In some cases you have to specify passive ports range to by-pass # firewall limitations. Ephemeral ports can be used for that, but # feel free to use a more narrow range. # PassivePorts 49152 65534 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User proftpd Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Uncomment this if you are using NIS or LDAP to retrieve passwords: # PersistentPasswd off # Be warned: use of this directive impacts CPU average load! # # Uncomment this if you like to see progress and transfer rate with ftpwho # in downloads. That is not needed for uploads rates. # UseSendFile off TransferLog /var/log/proftpd/xferlog SystemLog /var/log/proftpd/proftpd.log <IfModule mod_tls.c> TLSEngine off </IfModule> <IfModule mod_quota.c> QuotaEngine on </IfModule> <IfModule mod_ratio.c> Ratios on </IfModule> # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine on ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine on </IfModule> # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous>
Sounds bad, that what I experienced right now as well :-\ Will there be a patch soon? Because I am not really willing to switch back to proftp, cause it did not work that stable for me as vsftpd did and I do not need the anonymous login thing... EDIT: The "patch" from the link above worked fine for me (with Debian sarge) So the question remains, will this "patch" be implemented in the startscript so that it is not overwritten after an upgrade?
I'am getting the following error on a fresh debian Etch install: /home/admispconfig/ispconfig/tools/tcpserver/ispconfig_tcpserver: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory Ben: Can you please check if you have a older libc version installed beside libc6? This might explain why it works for you. I'am not sure if I shall activate it, it might break installations on other and or older linux installations. For a explanation on the general problem, please have a look here: http://www.howtoforge.com/forums/showpost.php?p=70886&postcount=8 If we do not find a solution for it, we might have to disable vsftpd support for new installations (not updates of course).
Well in that case it should better not be implemented, especially for the fact, that sb. was reporting that for him that "patch" did not help. What's the best way to find out if there is an older libc installed beside? The only one I can find in /lib is 2.3.6
