Ok so I've had proftpd installed on my server for a fair few years now along with apache, I also have mysql 5 running on another server which all the websites use. The ftp server was running under the permissions of websites:websites. I've changed it to run as cpanel:cpanel (I'm currently looking at developing a custom control panel - I have tried ISPconfig and many others but considering I have multiple servers running the multiple required services and I want the ability to add multiple webservers for example then centrally manage them none have worked well - and thus the want to do with virtual users with MySQL so I can more easily manage users.) I originally had proftpd installed on its own, i removed and purged that with apt, I then installed proftpd-mysql. Apart from that I then Added the bits to mysql mentioned in the guide (http://www.howtoforge.com/proftpd_mysql_virtual_hosting), but instead telling it to run as cpanel:cpanel. Also, I am running ubuntu 6.10 on my webserver and my database server. Here is my proftpd.conf file: Code: ServerName "::Uberhosting::" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayFirstChdir .message ListOptions "-l" DenyFilter \*.*/ # Port 21 is the standard FTP port. Port 21 # In some cases you have to specify passive ports range to by-pass # firewall limitations. Ephemeral ports can be used for that, but # feel free to use a more narrow range. # PassivePorts 49152 65534 # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User cpanel Group cpanel # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Uncomment this if you are using NIS or LDAP to retrieve passwords: # PersistentPasswd off # Be warned: use of this directive impacts CPU average load! # # Uncomment this if you like to see progress and transfer rate with ftpwho # in downloads. That is not needed for uploads rates. # UseSendFile off TransferLog /var/log/proftpd/xferlog SystemLog /var/log/proftpd/proftpd.log <IfModule mod_tls.c> TLSEngine off </IfModule> <IfModule mod_quota.c> QuotaEngine on </IfModule> <IfModule mod_ratio.c> Ratios on </IfModule> # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine on ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine on </IfModule> # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayFirstChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> # MySQL Config & Hardening # ------------------------ DefaultRoot ~ # Lets speed up login time by disabling ident and dns lookup UseReverseDNS off IdentLookups off # The passwords in MySQL are encrypted using CRYPT # SQLAuthTypes Plaintext Crypt # SQLAuthenticate users* groups* # used to connect to the database # databasename@host database_user user_password # SQLConnectInfo [email protected] cpanel xxxxxxxx # Here we tell ProFTPd the names of the database columns in the "usertable" # we want it to interact with. Match the names with those in the db # SQLUserInfo ftpuser userid passwd uid gid homedir shell # Here we tell ProFTPd the names of the database columns in the "grouptable" # we want it to interact with. Again the names match with those in the db # SQLGroupInfo ftpgroup groupname gid members # set min UID and GID - otherwise these are 999 each # SQLMinID 500 # create a user's home directory on demand if it doesn't exist # SQLHomedirOnDemand on # Update count every time user logs in # SQLLog PASS updatecount # SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser # Update modified everytime user uploads or deletes a file # SQLLog STOR,DELE modified #SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser # User quotas # =========== # QuotaEngine on # QuotaDirectoryTally on QuotaDisplayUnits Mb QuotaShowQuotas on SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies QuotaLimitTable sql:/get-quota-limit QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally RootLogin off RequireValidShell off I know I have all the mysql part commented out...just seeing if it would work without that and go back to system users, it doesn't IIRC. Also while i'm at it, where exactly would I need to add something to make it so that I could have a 'disabled' field and require that to be 0 in order to be able to login, possibly a link to documentation on the relevant MySQL directives? Here is the modules.conf file: Code: # # This file is used to manage DSO modules and features. # # This is the directory where DSO modules resides ModulePath /usr/lib/proftpd # Allow only user root to load and unload modules, but allow everyone # to see which modules have been loaded ModuleControlsACLs insmod,rmmod allow user root ModuleControlsACLs lsmod allow user * #LoadModule mod_ctrls_admin.c LoadModule mod_tls.c LoadModule mod_sql.c LoadModule mod_ldap.c LoadModule mod_sql_mysql.c LoadModule mod_sql_postgres.c LoadModule mod_quotatab.c LoadModule mod_quotatab_file.c LoadModule mod_quotatab_ldap.c LoadModule mod_quotatab_sql.c LoadModule mod_radius.c LoadModule mod_wrap.c LoadModule mod_rewrite.c # keep this module the last one LoadModule mod_ifsession.c Please look on to next post.
netstat -tap shows proftpd is running... Code: tcp6 0 0 *:www *:* LISTEN 3482/apache2 tcp6 0 0 *:82 *:* LISTEN 3482/apache2 tcp6 0 0 *:ftp *:* LISTEN 4085/proftpd: (acce And... Code: root@trinity:~/src/mod_mysql_userdir-1.2# ps auxwwwf | grep "ftp" root 4786 0.0 0.1 2800 752 pts/0 S+ 22:56 0:00 \_ grep ftp cpanel 4085 0.0 0.3 9132 1528 ? Ss 20:51 0:00 proftpd: (accepting connections) So i'm pretty sure it's running... I checked syslog which shows nothing...probably since it only shows information once a user logs in IIRC, but proftpd.log shows nothing of use from what I can tell either, still.... Code: root@trinity:~/src/mod_mysql_userdir-1.2# cat /var/log/proftpd/proftpd.log Aug 03 10:16:15 trinity proftpd[28294] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 03 10:16:15 trinity proftpd[28294] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 03 10:41:16 trinity proftpd[3456] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 03 10:41:16 trinity proftpd[3456] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 03 17:16:08 trinity proftpd[3429] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 03 17:16:08 trinity proftpd[3429] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 04 07:37:02 trinity proftpd[4933] trinity (::ffff:211.234.98.162[::ffff:211.234.98.162]): error setting IPV6_V6ONLY: Protocol not available Aug 04 07:37:03 trinity proftpd[4933] trinity (::ffff:211.234.98.162[::ffff:211.234.98.162]): FTP session opened. Aug 04 07:37:03 trinity proftpd[4933] trinity (::ffff:211.234.98.162[::ffff:211.234.98.162]): FTP session closed. Aug 04 15:59:50 trinity proftpd[3437] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 04 15:59:50 trinity proftpd[3437] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 04 20:37:28 trinity proftpd[3437] trinity: ProFTPD killed (signal 15) Aug 04 20:37:28 trinity proftpd[3437] trinity: ProFTPD 1.3.0 standalone mode SHUTDOWN Aug 04 20:37:51 trinity proftpd[3957] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 04 20:37:51 trinity proftpd[3957] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 04 20:38:55 trinity proftpd[3974] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:01 trinity proftpd[3975] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:07 trinity proftpd[3985] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:13 trinity proftpd[3987] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:19 trinity proftpd[3989] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:25 trinity proftpd[3990] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:39:28 trinity proftpd[3992] trinity (::ffff:127.0.0.1[::ffff:127.0.0.1]): FTP session closed. Aug 04 20:51:20 trinity proftpd[4054] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:51:26 trinity proftpd[4055] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:51:32 trinity proftpd[4056] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:51:34 trinity proftpd[3957] trinity: ProFTPD killed (signal 15) Aug 04 20:51:34 trinity proftpd[3957] trinity: ProFTPD 1.3.0 standalone mode SHUTDOWN Aug 04 20:51:57 trinity proftpd[4085] trinity: error setting IPV6_V6ONLY: Protocol not available Aug 04 20:51:57 trinity proftpd[4085] trinity: ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP Aug 04 20:52:46 trinity proftpd[4118] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:52:52 trinity proftpd[4120] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:52:58 trinity proftpd[4121] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:53:04 trinity proftpd[4133] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:53:10 trinity proftpd[4134] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:53:16 trinity proftpd[4135] trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]): FTP session closed. Aug 04 20:54:12 trinity proftpd[4142] trinity (::ffff:127.0.0.1[::ffff:127.0.0.1]): FTP session closed. Aug 04 20:54:21 trinity proftpd[4144] trinity (::ffff:127.0.0.1[::ffff:127.0.0.1]): FTP session closed. Aug 04 21:58:56 trinity proftpd[4393] trinity (::ffff:127.0.0.1[::ffff:127.0.0.1]): FTP session closed. root@trinity:~/src/mod_mysql_userdir-1.2# My cpanel user has the uid of 1005 as far as I can tell anyways: Code: cpanel:x:1005:1001::/home/cpanel:/bin/sh and the gid is 1004...I think Code: cpanel:x:1004:cpanel Now I have the ftp tables inside my cpanel databse: Code: -- -- Table structure for table `ftpgroup` -- CREATE TABLE `ftpgroup` ( `groupname` varchar(16) NOT NULL default '', `gid` smallint(6) NOT NULL default '5500', `members` varchar(16) NOT NULL default '', KEY `groupname` (`groupname`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='ProFTP group table'; -- -- Dumping data for table `ftpgroup` -- INSERT INTO `ftpgroup` (`groupname`, `gid`, `members`) VALUES ('cpanel', 1004, 'cpanel'); -- -------------------------------------------------------- -- -- Table structure for table `ftpquotalimits` -- CREATE TABLE `ftpquotalimits` ( `name` varchar(30) default NULL, `quota_type` enum('user','group','class','all') NOT NULL default 'user', `per_session` enum('false','true') NOT NULL default 'false', `limit_type` enum('soft','hard') NOT NULL default 'soft', `bytes_in_avail` int(10) unsigned NOT NULL default '0', `bytes_out_avail` int(10) unsigned NOT NULL default '0', `bytes_xfer_avail` int(10) unsigned NOT NULL default '0', `files_in_avail` int(10) unsigned NOT NULL default '0', `files_out_avail` int(10) unsigned NOT NULL default '0', `files_xfer_avail` int(10) unsigned NOT NULL default '0' ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `ftpquotalimits` -- INSERT INTO `ftpquotalimits` (`name`, `quota_type`, `per_session`, `limit_type`, `bytes_in_avail`, `bytes_out_avail`, `bytes_xfer_avail`, `files_in_avail`, `files_out_avail`, `files_xfer_avail`) VALUES ('exampleuser', 'user', 'true', 'hard', 15728640, 0, 0, 0, 0, 0); -- -------------------------------------------------------- -- -- Table structure for table `ftpquotatallies` -- CREATE TABLE `ftpquotatallies` ( `name` varchar(30) NOT NULL default '', `quota_type` enum('user','group','class','all') NOT NULL default 'user', `bytes_in_used` int(10) unsigned NOT NULL default '0', `bytes_out_used` int(10) unsigned NOT NULL default '0', `bytes_xfer_used` int(10) unsigned NOT NULL default '0', `files_in_used` int(10) unsigned NOT NULL default '0', `files_out_used` int(10) unsigned NOT NULL default '0', `files_xfer_used` int(10) unsigned NOT NULL default '0' ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -- Dumping data for table `ftpquotatallies` -- -- -------------------------------------------------------- -- -- Table structure for table `ftpuser` -- CREATE TABLE `ftpuser` ( `id` int(10) unsigned NOT NULL auto_increment, `userid` varchar(32) NOT NULL default '', `passwd` varchar(32) NOT NULL default '', `uid` smallint(6) NOT NULL default '5500', `gid` smallint(6) NOT NULL default '5500', `homedir` varchar(255) NOT NULL default '', `shell` varchar(16) NOT NULL default '/sbin/nologin', `count` int(11) NOT NULL default '0', `accessed` datetime NOT NULL default '0000-00-00 00:00:00', `modified` datetime NOT NULL default '0000-00-00 00:00:00', PRIMARY KEY (`id`), UNIQUE KEY `userid` (`userid`) ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 COMMENT='ProFTP user table' AUTO_INCREMENT=2 ; -- -- Dumping data for table `ftpuser` -- INSERT INTO `ftpuser` (`id`, `userid`, `passwd`, `uid`, `gid`, `homedir`, `shell`, `count`, `accessed`, `modified`) VALUES (1, 'exampleuser', 'secret', 1005, 1004, '/home/www.example.com', '/sbin/nologin', 0, '0000-00-00 00:00:00', '0000-00-00 00:00:00'); Also Just wondering while i'm here what I would need to do to change it so that passwords are MD5 encrypted? I assume you just store the passwords in that way then change SQLAuthTypes. And finally to show you what exactly it does when I try to connect... Code: root@trinity:~/src/mod_mysql_userdir-1.2# ftp localhost Connected to localhost. 421 Service not available, remote server has closed connection ftp> Thanks in Advance.
Ok I tried seeing if the mysql module actually loads and it looks as though it doesnt... Code: root@trinity:/home# proftpd --list Compiled-in modules: mod_core.c mod_xfer.c mod_auth_unix.c mod_auth_file.c mod_auth.c mod_ls.c mod_log.c mod_site.c mod_delay.c mod_dso.c mod_auth_pam.c mod_readme.c mod_cap.c mod_ctrls.c But the modules.conf file has it listed and the files are in the right directory...and I would hope proftpd would error about incorrect directives if mysql wasn't activated. Code: root@trinity:/usr/lib/proftpd# ls mod_ctrls_admin.so mod_ifsession.so mod_quotatab_file.so mod_quotatab.so mod_radius.so mod_rewrite.so mod_sql_postgres.so mod_tls.so mod_facl.so mod_ldap.so mod_quotatab_ldap.so mod_quotatab_sql.so mod_ratio.so mod_sql_mysql.so mod_sql.so mod_wrap.so root@trinity:/usr/lib/proftpd# cat /etc/proftpd/modules.conf # # This file is used to manage DSO modules and features. # # This is the directory where DSO modules resides ModulePath /usr/lib/proftpd # Allow only user root to load and unload modules, but allow everyone # to see which modules have been loaded ModuleControlsACLs insmod,rmmod allow user root ModuleControlsACLs lsmod allow user * #LoadModule mod_ctrls_admin.c LoadModule mod_tls.c LoadModule mod_sql.c LoadModule mod_ldap.c LoadModule mod_sql_mysql.c LoadModule mod_sql_postgres.c LoadModule mod_quotatab.c LoadModule mod_quotatab_file.c LoadModule mod_quotatab_ldap.c LoadModule mod_quotatab_sql.c LoadModule mod_radius.c LoadModule mod_wrap.c LoadModule mod_rewrite.c # keep this module the last one LoadModule mod_ifsession.c As for your suggestion, I will try this now, but I have gotten this error for a long time now and it never seemed to do any harm...I hope that I can support IPv6 when I need to in the future anyways... Thanks.
UseIPv6 seems to be an unknown directive...i'll see if there if one for my OS, though I was pretty sure that was it for Ubuntu as well :/
Ok well the general consensus seems to be that the IPv6 warning will do nothing to affect your installation, but If you do want to get rid of it then the only way to do that in ubuntu is add the IPv6 address to /etc/hots. Personally I have no idea why this isn't working...it isn't really accepting connections at all....but the logging for proftpd at it's default really doesn't seem helpful, i'm going to try stepping it up. Thanks.
I stumbled across a debugging guide for Proftpd here: http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-Debugging.html And so far i've done this: Code: root@trinity:/etc/proftpd# proftpd -td5 Checking syntax of configuration file - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock' - parsing '/etc/proftpd/proftpd.conf' configuration - parsing '/etc/proftpd/modules.conf' configuration - mod_tls/2.1.1: using OpenSSL 0.9.8b 04 May 2006 - DenyFilter: compiling deny regex '\*.*/' - <IfModule>: using 'mod_tls.c' section at line 67 - <IfModule>: skipping 'mod_quota.c' section at line 71 - <IfModule>: skipping 'mod_ratio.c' section at line 75 - <IfModule>: using 'mod_delay.c' section at line 83 - <IfModule>: using 'mod_ctrls.c' section at line 87 - mod_ctrls/0.9.4: closing ctrls socket '/var/run/proftpd/proftpd.sock' (3) - <IfModule>: skipping 'mod_ctrls_admin.c' section at line 95 - SQLAuthenticate: use of * in SQLAuthenticate has been deprecated. Use AuthOrder for setting authoritativeness - SQLAuthenticate: use of * in SQLAuthenticate has been deprecated. Use AuthOrder for setting authoritativeness - IPv6 getaddrinfo 'trinity' error: Name or service not known trinity - trinity - Config for ::Uberhosting::: trinity - DeferWelcome trinity - DefaultServer trinity - ShowSymlinks trinity - TimeoutNoTransfer trinity - TimeoutStalled trinity - TimeoutIdle trinity - DisplayLogin trinity - DisplayFirstChdir trinity - ListOptions trinity - DenyFilter trinity - DebugLevel trinity - UserID trinity - UserName trinity - GroupID trinity - GroupName trinity - Umask trinity - DirUmask trinity - AllowOverwrite trinity - TransferLog trinity - TLSEngine trinity - DelayEngine trinity - DefaultRoot trinity - IdentLookups trinity - SQLAuthTypes trinity - SQLAuthenticate trinity - SQLConnectInfo trinity - SQLUserTable trinity - SQLUsernameField trinity - SQLPasswordField trinity - SQLUidField trinity - SQLGidField trinity - SQLHomedirField trinity - SQLShellField trinity - SQLGroupTable trinity - SQLGroupnameField trinity - SQLGroupGIDField trinity - SQLGroupMembersField trinity - SQLMinID trinity - SQLHomedirOnDemand trinity - SQLLog_PASS trinity - SQLNamedQuery_updatecount trinity - SQLLog_STOR trinity - SQLLog_DELE trinity - SQLNamedQuery_modified trinity - QuotaEngine trinity - QuotaDirectoryTally trinity - QuotaDisplayUnits trinity - QuotaShowQuotas trinity - SQLNamedQuery_get-quota-limit trinity - SQLNamedQuery_get-quota-tally trinity - SQLNamedQuery_update-quota-tally trinity - SQLNamedQuery_insert-quota-tally trinity - QuotaLimitTable trinity - QuotaTallyTable trinity - RootLogin trinity - RequireValidShell trinity - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock' Syntax check complete. The only one that worries me is SQLAuthenticate: use of * in SQLAuthenticate has been deprecated. Use AuthOrder for setting authoritativeness I still wouldnt think it to be fatal, also curious now why it skipped mod_quota if I am trying to use quotas...
Ok I got rid of the SQLAuthenticate error by changing that to on, and like the message suggested, using AuthOrder, like so: AuthOrder mod_sql.c mod_auth_file.c The log now actually logs when the session is requested too ( I am running it verbosely with proftpd -nd5 2>&1 >& debug.log) It now says: trinity :ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session requested from unknown class So i'm going to look that up. Thanks.
I ran proftpd with debug level 9 Hopefully this will help someone to help me figure this out. Code: - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock' - parsing '/etc/proftpd/proftpd.conf' configuration - FS: using system open() - FS: using system read() - dispatching directive 'Include' to module mod_core - FS: using system lstat() - parsing '/etc/proftpd/modules.conf' configuration - FS: using system open() - FS: using system read() - dispatching directive 'ModulePath' to module mod_dso - FS: using system stat() - dispatching directive 'ModuleControlsACLs' to module mod_dso - dispatching auth request "name2uid" to module mod_auth_file - dispatching auth request "name2uid" to module mod_auth_unix - dispatching auth request "name2uid" to module mod_auth_file - dispatching auth request "name2uid" to module mod_auth_unix - dispatching directive 'ModuleControlsACLs' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - mod_tls/2.1.1: using OpenSSL 0.9.8b 04 May 2006 - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - dispatching directive 'LoadModule' to module mod_dso - FS: using system read() - FS: using system close() - dispatching directive 'ServerName' to module mod_core - dispatching directive 'ServerType' to module mod_core - dispatching directive 'DeferWelcome' to module mod_core - dispatching directive 'MultilineRFC2228' to module mod_core - dispatching directive 'DefaultServer' to module mod_core - dispatching directive 'ShowSymlinks' to module mod_ls - dispatching directive 'TimeoutNoTransfer' to module mod_xfer - dispatching directive 'TimeoutStalled' to module mod_xfer - dispatching directive 'TimeoutIdle' to module mod_core - dispatching directive 'DisplayLogin' to module mod_core - dispatching directive 'DisplayFirstChdir' to module mod_core - dispatching directive 'ListOptions' to module mod_ls - dispatching directive 'DenyFilter' to module mod_core - DenyFilter: compiling deny regex '\*.*/' - dispatching directive 'Port' to module mod_core - dispatching directive 'DebugLevel' to module mod_core - FS: using system read() - dispatching directive 'MaxInstances' to module mod_core - dispatching directive 'User' to module mod_core - dispatching auth request "getpwnam" to module mod_radius - dispatching auth request "getpwnam" to module mod_ldap - dispatching auth request "getpwnam" to module mod_sql - dispatching auth request "getpwnam" to module mod_auth_file - dispatching auth request "getpwnam" to module mod_auth_unix - dispatching directive 'Group' to module mod_core - dispatching auth request "getgrnam" to module mod_radius - dispatching auth request "getgrnam" to module mod_ldap - dispatching auth request "getgrnam" to module mod_sql - dispatching auth request "getgrnam" to module mod_auth_file - dispatching auth request "getgrnam" to module mod_auth_unix - dispatching directive 'Umask' to module mod_core - dispatching directive 'AllowOverwrite' to module mod_xfer - dispatching directive 'TransferLog' to module mod_core - dispatching directive 'SystemLog' to module mod_log - dispatching directive '<IfModule>' to module mod_core - <IfModule>: using 'mod_tls.c' section at line 67 - dispatching directive 'TLSEngine' to module mod_tls - dispatching directive '</IfModule>' to module mod_core - dispatching directive '<IfModule>' to module mod_core - <IfModule>: skipping 'mod_quota.c' section at line 71 - FS: using system read() - dispatching directive '<IfModule>' to module mod_core - <IfModule>: skipping 'mod_ratio.c' section at line 75 - dispatching directive '<IfModule>' to module mod_core - <IfModule>: using 'mod_delay.c' section at line 83 - dispatching directive 'DelayEngine' to module mod_delay - dispatching directive '</IfModule>' to module mod_core - dispatching directive '<IfModule>' to module mod_core - <IfModule>: using 'mod_ctrls.c' section at line 87 - dispatching directive 'ControlsEngine' to module mod_ctrls - dispatching directive 'ControlsMaxClients' to module mod_ctrls - dispatching directive 'ControlsLog' to module mod_ctrls - dispatching directive 'ControlsInterval' to module mod_ctrls - dispatching directive 'ControlsSocket' to module mod_ctrls - mod_ctrls/0.9.4: closing ctrls socket '/var/run/proftpd/proftpd.sock' (3) - dispatching directive '</IfModule>' to module mod_core - dispatching directive '<IfModule>' to module mod_core - <IfModule>: skipping 'mod_ctrls_admin.c' section at line 95 - FS: using system read() - dispatching directive 'AuthOrder' to module mod_core - dispatching directive 'DefaultRoot' to module mod_auth - dispatching directive 'UseReverseDNS' to module mod_core - dispatching directive 'IdentLookups' to module mod_core - FS: using system read() - dispatching directive 'SQLAuthTypes' to module mod_sql - dispatching directive 'SQLAuthenticate' to module mod_sql - dispatching directive 'SQLConnectInfo' to module mod_sql - dispatching directive 'SQLUserInfo' to module mod_sql - dispatching directive 'SQLGroupInfo' to module mod_sql - dispatching directive 'SQLMinID' to module mod_sql - dispatching directive 'SQLHomedirOnDemand' to module mod_sql - dispatching directive 'SQLLog' to module mod_sql - dispatching directive 'SQLNamedQuery' to module mod_sql - dispatching directive 'SQLLog' to module mod_sql - FS: using system read() - dispatching directive 'SQLNamedQuery' to module mod_sql - dispatching directive 'QuotaEngine' to module mod_quotatab - dispatching directive 'QuotaDirectoryTally' to module mod_quotatab - dispatching directive 'QuotaDisplayUnits' to module mod_quotatab - dispatching directive 'QuotaShowQuotas' to module mod_quotatab - dispatching directive 'SQLNamedQuery' to module mod_sql - dispatching directive 'SQLNamedQuery' to module mod_sql - dispatching directive 'SQLNamedQuery' to module mod_sql - FS: using system read() - dispatching directive 'SQLNamedQuery' to module mod_sql - dispatching directive 'QuotaLimitTable' to module mod_quotatab - dispatching directive 'QuotaTallyTable' to module mod_quotatab - dispatching directive 'RootLogin' to module mod_auth - dispatching directive 'RequireValidShell' to module mod_auth - FS: using system read() - FS: using system close() - IPv6 getaddrinfo 'trinity' error: Name or service not known trinity - trinity - Config for ::Uberhosting::: trinity - DeferWelcome trinity - DefaultServer trinity - ShowSymlinks trinity - TimeoutNoTransfer trinity - TimeoutStalled trinity - TimeoutIdle trinity - DisplayLogin trinity - DisplayFirstChdir trinity - ListOptions trinity - DenyFilter trinity - DebugLevel trinity - UserID trinity - UserName trinity - GroupID trinity - GroupName trinity - Umask trinity - DirUmask trinity - AllowOverwrite trinity - TransferLog trinity - TLSEngine trinity - DelayEngine trinity - AuthOrder trinity - DefaultRoot trinity - IdentLookups trinity - SQLAuthTypes trinity - SQLAuthenticate trinity - SQLConnectInfo trinity - SQLUserTable trinity - SQLUsernameField trinity - SQLPasswordField trinity - SQLUidField trinity - SQLGidField trinity - SQLHomedirField trinity - SQLShellField trinity - SQLGroupTable trinity - SQLGroupnameField trinity - SQLGroupGIDField trinity - SQLGroupMembersField trinity - SQLMinID trinity - SQLHomedirOnDemand trinity - SQLLog_PASS trinity - SQLNamedQuery_updatecount trinity - SQLLog_STOR trinity - SQLLog_DELE trinity - SQLNamedQuery_modified trinity - QuotaEngine trinity - QuotaDirectoryTally trinity - QuotaDisplayUnits trinity - QuotaShowQuotas trinity - SQLNamedQuery_get-quota-limit trinity - SQLNamedQuery_get-quota-tally trinity - SQLNamedQuery_update-quota-tally trinity - SQLNamedQuery_insert-quota-tally trinity - QuotaLimitTable trinity - QuotaTallyTable trinity - RootLogin trinity - RequireValidShell trinity - ROOT PRIVS at mod_delay.c:292 trinity - FS: using system open() trinity - RELINQUISH PRIVS at mod_delay.c:294 trinity - FS: using system fstat() trinity - FS: using system close()
More... Code: trinity - ROOT PRIVS at mod_ctrls.c:1610 trinity - mod_ctrls/0.9.4: binding ctrls socket to '/var/run/proftpd/proftpd.sock' trinity - RELINQUISH PRIVS at mod_ctrls.c:1612 trinity - dispatching auth request "getgroups" to module mod_radius trinity - dispatching auth request "getgroups" to module mod_ldap trinity - dispatching auth request "getgroups" to module mod_sql trinity - dispatching auth request "getgroups" to module mod_auth_file trinity - dispatching auth request "getgroups" to module mod_auth_unix trinity - SETUP PRIVS at main.c:2897 trinity - ROOT PRIVS at main.c:1991 trinity - RELINQUISH PRIVS at main.c:1998 trinity - ROOT PRIVS at main.c:2346 trinity - opening scoreboard '/var/run/proftpd/proftpd.scoreboard' trinity - RELINQUISH PRIVS at main.c:2372 trinity - ROOT PRIVS at mod_ctrls.c:1173 trinity - RELINQUISH PRIVS at mod_ctrls.c:1177 trinity - error setting IPV6_V6ONLY: Protocol not available trinity - ROOT PRIVS at inet.c:323 trinity - RELINQUISH PRIVS at inet.c:381 trinity - ProFTPD 1.3.0 (stable) (built Sat Jul 22 12:08:18 UTC 2006) standalone mode STARTUP trinity - ROOT PRIVS at main.c:2209 trinity - RELINQUISH PRIVS at main.c:2211 trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - scrubbing scoreboard trinity - ROOT PRIVS at mod_core.c:131 trinity - RELINQUISH PRIVS at mod_core.c:133 trinity - ROOT PRIVS at mod_core.c:161 trinity - RELINQUISH PRIVS at mod_core.c:192 trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - ROOT PRIVS at main.c:1176 trinity - RELINQUISH PRIVS at main.c:1180 trinity - no matching vhost found for ::ffff:192.168.1.200#21, using DefaultServer '::Uberhosting::' trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at main.c:1025 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - SETUP PRIVS at main.c:1030 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session requested from unknown class trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - performing module session initializations trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2329 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2336 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2345 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2352 trinity - FS: using system lstat() trinity - FS: using system lstat() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_delay.c:828 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system open() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_delay.c:830 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system write() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system close() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session closed. trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - ROOT PRIVS at main.c:1176 trinity - RELINQUISH PRIVS at main.c:1180 trinity - no matching vhost found for ::ffff:192.168.1.200#21, using DefaultServer '::Uberhosting::' trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at main.c:1025 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - SETUP PRIVS at main.c:1030 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session requested from unknown class trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - performing module session initializations trinity - FS: using system lstat() trinity - FS: using system lstat() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_delay.c:828 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system open() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_delay.c:830 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system write() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system close() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session closed. trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - ROOT PRIVS at main.c:1176 trinity - FS: using system lstat() trinity - RELINQUISH PRIVS at main.c:1180 trinity - no matching vhost found for ::ffff:192.168.1.200#21, using DefaultServer '::Uberhosting::' trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at main.c:1025 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - SETUP PRIVS at main.c:1030 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session requested from unknown class trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - performing module session initializations trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2329 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2336 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2345 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2352 trinity - FS: using system lstat() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_delay.c:828 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system open() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_delay.c:830 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system write() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system close() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session closed. trinity - FS: using system lstat() trinity - scrubbing scoreboard trinity - ROOT PRIVS at mod_core.c:131 trinity - RELINQUISH PRIVS at mod_core.c:133 trinity - ROOT PRIVS at mod_core.c:161 trinity - RELINQUISH PRIVS at mod_core.c:192 trinity - FS: using system lstat() trinity - FS: using system lstat() trinity - ROOT PRIVS at main.c:1176 trinity - RELINQUISH PRIVS at main.c:1180 trinity - no matching vhost found for ::ffff:192.168.1.200#21, using DefaultServer '::Uberhosting::' trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at main.c:1025 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - SETUP PRIVS at main.c:1030 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session requested from unknown class trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - performing module session initializations trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2329 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2336 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_quotatab.c:2345 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_quotatab.c:2352 trinity - FS: using system lstat() trinity - FS: using system lstat() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - ROOT PRIVS at mod_delay.c:828 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system open() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - RELINQUISH PRIVS at mod_delay.c:830 trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system write() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FS: using system close() trinity (::ffff:192.168.0.1[::ffff:192.168.0.1]) - FTP session closed. trinity - FS: using system lstat() trinity - ProFTPD terminating (signal 2) trinity - ROOT PRIVS at main.c:1872 trinity - ROOT PRIVS at mod_delay.c:828 trinity - FS: using system open() trinity - RELINQUISH PRIVS at mod_delay.c:830 trinity - FS: using system write() trinity - FS: using system close() trinity - RELINQUISH PRIVS at main.c:1893 trinity - ProFTPD 1.3.0 standalone mode SHUTDOWN trinity - ROOT PRIVS at main.c:1900 trinity - deleting existing scoreboard '/var/run/proftpd/proftpd.scoreboard' trinity - RELINQUISH PRIVS at main.c:1902 Thanks again...so much downtime is killing me
Here it is: Code: root@trinity:/home# cat /etc/hosts 127.0.0.1 localhost 192.168.1.200 trinity 192.168.1.201 mysql neo # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts
Modify it like this: Code: 127.0.0.1 localhost 192.168.1.200 trinity 192.168.1.201 mysql neo # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback [B][COLOR="Red"]trinity[/COLOR][/B] fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts
Ok well it starts up much quicker and doesn't give the IPv6 error but it still boots me when I try and connect to the FTP server Thanks.
I read somehwere about using virtualhosts like apache virtualhosts I guess, but with proftpd where you can set things per user. Do you know anything about these or think it may help? And...I didn't want to give up on this challenge but it has to be one of the weirdest problems i've ever faced, could you recommend a similar ftp server that at least matches proftpd in security and ability that is better known to work with mysql on ubuntu? Thanks. ...Disapointed i'm sort of giving up, but I can't handle much more downtime
I'd use PureFTPd then: http://www.howtoforge.com/debian_etch_virtual_hosting_pureftpd_mysql_quota But did you try this guide with ProFTPd? http://www.howtoforge.com/proftpd_mysql_virtual_hosting_debian_etch
Pure-FTPD, MySQL "Error 421 Can't connect. Service not available, etc... I realize that this thread is for ProFTP and I don't mean to start anything by adding to it, but as a complete newbie to Fedora 7 I ran into a similar error message and searched the internet high and low for a solution and didn't find the one I needed (probably because it should be obvious), but since I spent numerous looking for why I was getting error 421 when I logged in I hope that this warning will help others avoid a DOH moment... When you turn on the feature of Pure-FTP to bind users to the home directory of the mapped FTPDUSER, it will not auto-create a folder outside of the "home" directory nor will it autocreate anything until you actually include the user name in the path of every* virtual user's directory (Oy). So, if you are new, a bit slow on the uptake or just plain in too big of a hurry to pay attention and you are getting an error 421 stating that the service has stopped and the login failed, check your home directory paths that user name MUST be in there somewhere.
I might try this guide, though i've already seen, the guide uses an IPv6 directive which is not supported in what I have installed...which is not an issue but it's obvious things will be different. Do you think it would be reasonably safe/possible to install the etch proftpd-mysql package on my ubuntu 6.10 box? Thanks.
Well I was not aware of this, thankyou, the test user I created was "exampleuser" with the home directory "/home/wwww.example.com", I have changed it to www.exampleuser.com. Though I'm not sure that this could be the issue for I don't get a chance to authenticate at all...I am booted right away, when FileZilla says "Waiting for Welcome Message". Thanks.
Hahaha! I can't bloody believe it...the guide said to install libmysqlclient12-dev, following the etch guide Falko supplied I installed libmysqlclient15-dev which had not been installed. After doing this it actually worked! It's real odd that it didn't work with the package supplied in the original guide I guess proftpd needed something the older package didn't have....nice of it to tell me though . Thanks a bunch everyone, and I think maybe an edit should be made to that guide? Or at the very least a note for ubuntu 6.10 users? Thanks again.
