Anonymous FTP Not Working

Discussion in 'Installation/Configuration' started by robin99, Jan 27, 2007.

  1. robin99

    robin99 New Member

    I have enabled anonymous FTP on a domain. This domain is on its own i.p address. But i access ftp through internet explorer it still asks for a username and password.
    I am using ISPConfig Version: 2.2.9 installed on ubuntu 6.06.1 server
    I installed ubuntu and ISPConfig using the Perfect Setup Ubuntu 6.06 Guide
    As i can see from the config file below it has created the anonymous account correctly in proftpd. I think the problem is that there is no web7_anonftp in /etc/passwd but ISPConfig shoud create this account.

    Here is the proftpd config file "/etc/proftpd_ispconfig.conf"

    ###################################
    #
    # ISPConfig proftpd Configuration File
    # Version 1.0
    #
    ###################################
    DefaultAddress 127.0.0.1
    <VirtualHost 192.168.0.38>
    DefaultRoot ~
    AllowOverwrite on
    Umask 002
    <Anonymous /var/www/web7/ftp>
    User web7_anonftp
    Group web7_anonftp
    UserAlias anonymous web7_anonftp
    UserAlias guest web7_anonftp
    MaxClients 10
    <Directory *>
    <Limit WRITE>
    DenyAll
    </Limit>
    </Directory>
    <Directory /var/www/web7/ftp/incoming>
    Umask 002
    <Limit STOR>
    AllowAll
    </Limit>
    <Limit READ>
    DenyAll
    </Limit>
    </Directory>
    </Anonymous>
    </VirtualHost>

    When i look at /var/log/syslog after accessing ftp through internet explorer i see this:

    Jan 27 20:14:52 ubuntu1 proftpd[6268]: 192.168.0.38 (192.168.0.61[192.168.0.61]) - FTP session opened.
    Jan 27 20:14:52 ubuntu1 proftpd[6268]: 192.168.0.38 (192.168.0.61[192.168.0.61]) - mod_delay/0.4: delaying for 32 usecs
    Jan 27 20:14:52 ubuntu1 proftpd[6268]: 192.168.0.38 (192.168.0.61[192.168.0.61]) - no such user 'web7_anonftp'
    Jan 27 20:14:52 ubuntu1 proftpd[6268]: 192.168.0.38 (192.168.0.61[192.168.0.61]) - FTP session closed.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please diasable the anonftp cehckbox in ISPConfig, save it and wait 1-2 minutes, then enable it again. If it still wont work, please check the file /home/admispconfig/ispconfig/ispconfig.log for errors.
     
  3. robin99

    robin99 New Member

    Ok i think i have sorted it. i looked at that log file that you suggested and it had a lot of WARNING: could not groupadd and useradd and setquota for the web7_anonftp so i ran the commands from root and the one that didnt work was useradd. The problem with this command is that on of the options it uses is -M however i found that it needs to be -m for it to work.
    I edited line 1924 of /root/ispconfig/scripts/lib/config.lib.php and changed the -M to -m and now all seems to be working.
    Dont know if this is a bug or if it is just that ubuntu needs to useradd command to use a lowercase m.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Thanks for pointing this out. As far as I know, this function worked generally. I will check if a switch for the user command has changed in the latest versions of the useradd command.
     
  5. kidalabama

    kidalabama New Member

    i am using ISPConfig Version: 2.2.24 (c) ISPConfig 2008 but i have got same problem. which version the problem resolved?
     
  6. falko

    falko Super Moderator Howtoforge Staff

    Are there any warnings in /home/admispconfig/ispconfig/ispconfig.log?
     
  7. kidalabama

    kidalabama New Member

    ispconfig.log

    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 258: setquota -g web45 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 259: setquota -T -g web45 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 278: Connected successfully
    21.10.2008 - 19:54:06 => INFO - USER:
    web45_admin:x:10039:10045:xuserx:/var/www/web45:/bin/false
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 908: setquota -u web45_admin 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 909: setquota -T -u web45_admin 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web45/.forward
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 117: symlink /var/www/web45/Maildir
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~
    21.10.2008 - 19:54:06 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~
    21.10.2008 - 19:54:07 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: postmap hash:/etc/postfix/virtusertable
    21.10.2008 - 19:54:07 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1264: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf~
    21.10.2008 - 19:54:07 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_bind.lib.php, Line 295: cp -fr /etc/bind/pri.domain.com /etc/bind/pri.domain.com~
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php, Line 728: /etc/init.d/bind9 restart &> /dev/null
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2062: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~
    21.10.2008 - 19:54:09 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 2097: WARNING: could not groupadd -g 12008 web8_anonftp &> /dev/null
    21.10.2008 - 19:54:09 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 2098: WARNING: could not useradd -d /var/www/web8/ftp -g web8_anonftp -m -s /bin/false -u 12008 web8_anonftp &> /dev/null
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2108: setquota -u web8_anonftp 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2109: setquota -T -u web8_anonftp 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2110: setquota -g web8_anonftp 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:09 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 2111: setquota -T -g web8_anonftp 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:25 => INFO - Signalfile Set: insert
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 258: setquota -g web45 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 259: setquota -T -g web45 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 278: Connected successfully
    21.10.2008 - 19:54:30 => INFO - USER:
    web45_admin:x:10039:10045:xuserx:/var/www/web45:/bin/false
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 908: setquota -u web45_admin 0 0 0 0 -a &> /dev/null
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 909: setquota -T -u web45_admin 604800 604800 -a &> /dev/null
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 60: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web45/.forward
    21.10.2008 - 19:54:30 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 117: symlink /var/www/web45/Maildir
    21.10.2008 - 19:54:31 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~
    21.10.2008 - 19:54:31 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~
    21.10.2008 - 19:54:31 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: postmap hash:/etc/postfix/virtusertable
    21.10.2008 - 19:54:31 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1264: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf
     
  8. falko

    falko Super Moderator Howtoforge Staff

    What happens when you run
    Code:
    groupadd -g 12008 web8_anonftp
    useradd -d /var/www/web8/ftp -g web8_anonftp -m -s /bin/false -u 12008 web8_anonftp
    manually? Any error messages?
     
  9. kidalabama

    kidalabama New Member

    groupadd: group web8_anonftp exists
    useradd: user web8_anonftp exists
     
  10. falko

    falko Super Moderator Howtoforge Staff

    This means the commands are working, and because the group and user so already exist, you can ignore the warninig.

    The problem must be something else. What's in /etc/proftpd.conf and /etc/proftpd_ispconfig.conf?
     
  11. kidalabama

    kidalabama New Member

    in proftpd.conf

    Code:
    DefaultRoot ~
    
    Include /etc/proftpd_ispconfig.conf
    
    in proftpd_ispconfig.conf

    Code:
    ###################################
    #
    # ISPConfig proftpd Configuration File
    #         Version 1.0
    #
    ###################################
    DefaultAddress 127.0.0.1
    <VirtualHost 192.168.1.100>
            DefaultRoot             ~
            AllowOverwrite          on
            Umask                   002
            <Anonymous /var/www/web8/ftp>
              User                          web8_anonftp
              Group                         web8_anonftp
              UserAlias                     anonymous web8_anonftp
              UserAlias                     guest web8_anonftp
              MaxClients                    10
              <Directory *>
                <Limit WRITE>
                  DenyAll
                </Limit>
              </Directory>
              <Directory /var/www/web8/ftp/incoming>
                Umask                       002
                <Limit STOR>
                  AllowAll
                </Limit>
                <Limit READ>
                  DenyAll
                </Limit>
              </Directory>
            </Anonymous>
    </VirtualHost>
     
  12. falko

    falko Super Moderator Howtoforge Staff

    Code:
    DefaultRoot ~
    
    Include /etc/proftpd_ispconfig.conf
    That's your whole proftpd.conf?
     
  13. kidalabama

    kidalabama New Member

    yes true it is my whole /etc/proftpd.conf file.


    Code:
    DefaultRoot ~
    
    Include /etc/proftpd_ispconfig.conf
    but i have got other proftpd.conf file in the /etc/proftpd/ folder. but you said me in the /etc/ folder look.

    in the /etc/proftpd/proftpd.conf file

    Code:
    DefaultRoot ~
    IdentLookups off
    ServerIdent on "FTP Server ready."
    
    #
    # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
    # To really apply changes reload proftpd after modifications.
    # 
    
    # Includes DSO modules
    Include /etc/proftpd/modules.conf
    
    # Set off to disable IPv6 support which is annoying on IPv4 only boxes.
    UseIPv6				on
    
    ServerName			"Debian"
    ServerType			standalone
    DeferWelcome			off
    
    MultilineRFC2228		on
    DefaultServer			on
    ShowSymlinks			on
    
    TimeoutNoTransfer		600
    TimeoutStalled			600
    TimeoutIdle			1200
    
    DisplayLogin                    welcome.msg
    DisplayFirstChdir               .message
    ListOptions                	"-l"
    
    DenyFilter			\*.*/
    
    # Use this to jail all users in their homes 
    # DefaultRoot			~
    
    # Users require a valid shell listed in /etc/shells to login.
    # Use this directive to release that constrain.
    # RequireValidShell		off
    
    # Port 21 is the standard FTP port.
    Port				21
    
    # In some cases you have to specify passive ports range to by-pass
    # firewall limitations. Ephemeral ports can be used for that, but
    # feel free to use a more narrow range.
    # PassivePorts                  49152 65534
    
    # If your host was NATted, this option is useful in order to
    # allow passive tranfers to work. You have to use your public
    # address and opening the passive ports used on your firewall as well.
    # MasqueradeAddress		1.2.3.4
    
    # To prevent DoS attacks, set the maximum number of child processes
    # to 30.  If you need to allow more than 30 concurrent connections
    # at once, simply increase this value.  Note that this ONLY works
    # in standalone mode, in inetd mode you should use an inetd server
    # that allows you to limit maximum number of processes per service
    # (such as xinetd)
    MaxInstances			30
    
    # Set the user and group that the server normally runs at.
    User				proftpd
    Group				nogroup
    
    # Umask 022 is a good standard umask to prevent new files and dirs
    # (second parm) from being group and world writable.
    Umask				022  022
    # Normally, we want files to be overwriteable.
    AllowOverwrite			on
    
    # Uncomment this if you are using NIS or LDAP to retrieve passwords:
    # PersistentPasswd		off
    
    # Be warned: use of this directive impacts CPU average load!
    # Uncomment this if you like to see progress and transfer rate with ftpwho
    # in downloads. That is not needed for uploads rates.
    #
    # UseSendFile			off
    
    # Choose a SQL backend among MySQL or PostgreSQL.
    # Both modules are loaded in default configuration, so you have to specify the backend 
    # or comment out the unused module in /etc/proftpd/modules.conf.
    # Use 'mysql' or 'postgres' as possible values.
    #
    #<IfModule mod_sql.c>
    # SQLBackend			mysql
    #</IfModule>
    
    TransferLog /var/log/proftpd/xferlog
    SystemLog   /var/log/proftpd/proftpd.log
    
    <IfModule mod_tls.c>
    TLSEngine off
    </IfModule>
    
    <IfModule mod_quota.c>
    QuotaEngine on
    </IfModule>
    
    <IfModule mod_ratio.c>
    Ratios on
    </IfModule>
    
    
    # Delay engine reduces impact of the so-called Timing Attack described in
    # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
    # It is on by default. 
    <IfModule mod_delay.c>
    DelayEngine on
    </IfModule>
    
    <IfModule mod_ctrls.c>
    ControlsEngine        on
    ControlsMaxClients    2
    ControlsLog           /var/log/proftpd/controls.log
    ControlsInterval      5
    ControlsSocket        /var/run/proftpd/proftpd.sock
    </IfModule>
    
    <IfModule mod_ctrls_admin.c>
    AdminControlsEngine on
    </IfModule>
    
    # A basic anonymous configuration, no upload directories.
    
    # <Anonymous ~ftp>
    #   User				ftp
    #   Group				nogroup
    #   # We want clients to be able to login with "anonymous" as well as "ftp"
    #   UserAlias			anonymous ftp
    #   # Cosmetic changes, all files belongs to ftp user
    #   DirFakeUser	on ftp
    #   DirFakeGroup on ftp
    # 
    #   RequireValidShell		off
    # 
    #   # Limit the maximum number of anonymous logins
    #   MaxClients			10
    # 
    #   # We want 'welcome.msg' displayed at login, and '.message' displayed
    #   # in each newly chdired directory.
    #   DisplayLogin			welcome.msg
    #   DisplayFirstChdir		.message
    # 
    #   # Limit WRITE everywhere in the anonymous chroot
    #   <Directory *>
    #     <Limit WRITE>
    #       DenyAll
    #     </Limit>
    #   </Directory>
    # 
    #   # Uncomment this if you're brave.
    #   # <Directory incoming>
    #   #   # Umask 022 is a good standard umask to prevent new files and dirs
    #   #   # (second parm) from being group and world writable.
    #   #   Umask				022  022
    #   #            <Limit READ WRITE>
    #   #            DenyAll
    #   #            </Limit>
    #   #            <Limit STOR>
    #   #            AllowAll
    #   #            </Limit>
    #   # </Directory>
    # 
    # </Anonymous>
    
     
    Last edited: Oct 25, 2008
  14. kidalabama

    kidalabama New Member

    excuse me i controlled this document http://www.howtoforge.com/perfect-server-ubuntu8.04-lts and /etc/proftpd.conf is not link to /etc/proftpd/proftpd.conf . and i deleted file /etc/proftpd.conf and created link ln -s /etc/proftpd/proftpd.conf /etc/proftpd.conf.
    but now what i must doing ? i dont know. i apologize from you.
     
  15. falko

    falko Super Moderator Howtoforge Staff

    Make sure that

    Code:
    Include /etc/proftpd_ispconfig.conf
    is included at the end of /etc/proftpd/proftpd.conf.

    Then restart Proftpd:
    Code:
    /etc/init.d/proftpd restart
     
  16. kidalabama

    kidalabama New Member

    i apologize.
    i added code and ftp server and anonymouse is working very good. thank you very much.
     

Share This Page