Virtual Hosting With Proftpd And MySQL (Incl. Quota)

Very nice tutorial, everything works fine. Thanks for that.

Is there a possibility to use apache's mod_userdir with the virtual users? It only works here, if the user is present in /etc/passwd so long.

 

As far as I know, Apache cannot read from MySQL databases...

 

i've done everythin with this howto but when i type

Code:

ftp localhost

i got such response:

Code:

root@rei:/home/dawid# ftp localhost
Connected to localhost.localdomain.
421 Service not available, remote server has closed connection
ftp> quit

and here is my proftpd.log:

Code:

root@rei:/var/log/proftpd# tail proftpd.log
May 23 20:31:24 xxxxxxxxxxxxxx proftpd[4004] xxxxxxxxxxxxxx: ProFTPD 1.3.0 standalone mode SHUTDOWN
May 23 20:38:53 xxxxxxxxxxxxxx proftpd[2755] xxxxxxxxxxxxxx: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
May 24 01:33:50 xxxxxxxxxxxxxx proftpd[2755] xxxxxxxxxxxxxx: ProFTPD killed (signal 15)
May 24 01:33:50 xxxxxxxxxxxxxx proftpd[2755] xxxxxxxxxxxxxx: ProFTPD 1.3.0 standalone mode SHUTDOWN
May 25 07:27:36 xxxxxxxxxxxxxx proftpd[2706] xxxxxxxxxxxxxx: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
May 25 08:17:55 xxxxxxxxxxxxxx proftpd[2706] xxxxxxxxxxxxxx: ProFTPD killed (signal 15)
May 25 08:17:55 xxxxxxxxxxxxxx proftpd[2706] xxxxxxxxxxxxxx: ProFTPD 1.3.0 standalone mode SHUTDOWN
May 25 08:17:58 xxxxxxxxxxxxxx proftpd[2935] xxxxxxxxxxxxxx: ProFTPD 1.3.0 (stable) (built mar gen 2 10:57:47 CET 2007) standalone mode STARTUP
May 25 10:26:35 xxxxxxxxxxxxxx proftpd[2935] xxxxxxxxxxxxxx: ProFTPD killed (signal 15)
May 25 10:26:35 xxxxxxxxxxxxxx proftpd[2935] xxxxxxxxxxxxxx: ProFTPD 1.3.0 standalone mode SHUTDOWN

 

What's the output of

Code:

netstat -tap

? What's in /etc/hosts?

 

I got the same problem.

this is my hosts file

Code:

vz6:/var/log# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost

# The following lines are desirable for IPv6 capable hosts
# (added automatically by netbase upgrade)

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

and this is my proftpd.conf:

Code:

# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
# 

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6                         off

ServerName                      "Debian"
ServerType                      standalone
DeferWelcome                    off

MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                     "-l"

DenyFilter                      \*.*/

# Port 21 is the standard FTP port.
Port                            21


MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            ftpuser
Group                           ftpgroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                           022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                  on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd              off

# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile                   off

TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default. 
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        on
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>


## Configurazione per virtualhost

DefaultRoot ~


# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes            Plaintext Crypt
SQLAuthenticate         users* groups*


# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo  ftp@localhost proftpd password


# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo     ftpuser userid passwd uid gid homedir shell

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo    ftpgroup groupname gid members

# set min UID and GID - otherwise these are 999 each
SQLMinID        500

# create a user's home directory on demand if it doesn't exist
SQLHomedirOnDemand on

# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser

# Update modified everytime user uploads or deletes a file
SQLLog  STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser

# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies

QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally

RootLogin off
RequireValidShell off

any help?
Thanks

 

Can you add a line for your hostname to /etc/hosts (like

Code:

192.168.0.100 server1.example.com server1

)?
What's the output of

Code:

netstat -tap

?

 

Code:

vz6:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
tcp        0      0 *:ftp                   *:*                     LISTEN     1951/proftpd: (acce 
tcp        0      0 *:smtp                  *:*                     LISTEN     1398/smtpd          
tcp        0      0 localhost.localdo:10024 *:*                     LISTEN     21947/smtpd         
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     -                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:1221 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp p54BDA476.dip0.t-:64731 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 84.126.213.136.dyn:4975 CLOSE_WAIT -                   
tcp        0      0 localhost.localdo:60629 localhost.localdo:mysql ESTABLISHED8141/proxymap       
tcp        0      0 localhost.localdo:60630 localhost.localdo:mysql ESTABLISHED8141/proxymap       
tcp        1      0 reverse.69.12.222.:smtp dsl-189-132-247-46:4591 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 219.83.23.69:4031       CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp executives-unlimit:4911 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp CPE-65-27-32-14.kc:3985 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 59.152.161.66:2516      CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl-189-132-247-46:2294 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 20119188003.user.v:1082 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:4837 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp p54BDA476.dip0.t-:61425 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp CPE-65-27-32-14.kc:3503 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.1:ftp host33-158-dynami:50992 TIME_WAIT  -                   
tcp        0      0 reverse.69.12.222.:smtp dsl-189-163-151-12:1982 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp 84.126.213.136.dyn:6226 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 20119188003.user.v:3620 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp p54BDA476.dip0.t-:63890 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 84.122.192.149.dyn:1068 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp executives-unlimit:3449 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 201.47.44.162.adsl:1971 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp a83-132-203-183.cp:1259 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:4504 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp mail2.edisontel.c:54952 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp dsl-189-148-11-226:2141 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp 20119188003.user.v:2677 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:4265 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp dsl-189-132-247-46:4241 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl-189-132-247-46:1429 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 20119188003.user.v:4504 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp smtp-out2.libero.:34174 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl88-244-48075.tt:1884 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl-189-132-247-46:3439 CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp host-205-241-35-1:60550 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp 59.152.161.66:3158      CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp executives-unlimit:1929 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp CPE-65-27-32-14.kc:4911 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp smtp-out2.libero.:51018 CLOSE_WAIT 1398/smtpd          
tcp        1      0 reverse.69.12.222.:smtp pool-72-76-99-72.:50539 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 87.119.86.227:4406      CLOSE_WAIT -                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:2309 ESTABLISHED-                   
tcp        0      0 reverse.69.12.222.:smtp catv-5984887d.catv:2309 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp smtp-out2.libero.:42549 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl-189-163-151-12:4444 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 20119188003.user.v:3011 CLOSE_WAIT -                   
tcp        1      0 localhost.localdo:10024 localhost.localdo:43516 CLOSE_WAIT -                   
tcp        0      0 localhost.localdo:mysql localhost.localdo:60630 ESTABLISHED-                   
tcp        1      0 localhost.localdo:10024 localhost.localdo:43517 CLOSE_WAIT -                   
tcp        0      0 localhost.localdo:mysql localhost.localdo:60629 ESTABLISHED-                   
tcp        1      0 reverse.69.12.222.:smtp 201.47.44.162.adsl:2867 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp 87.119.86.227:4436      CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp chello062178038076:4745 CLOSE_WAIT -                   
tcp        1      0 reverse.69.12.222.:smtp dsl88-244-48075.tt:1334 CLOSE_WAIT -                   
tcp6       0      0 *:www                   *:*                     LISTEN     21630/apache2       
tcp6       0      0 *:ssh                   *:*                     LISTEN     30370/sshd          
tcp6       0      0 *:imaps                 *:*                     LISTEN     9488/couriertcpd    
tcp6       0      0 *:pop3s                 *:*                     LISTEN     24133/couriertcpd   
tcp6       0      0 *:pop3                  *:*                     LISTEN     24035/couriertcpd   
tcp6       0      0 *:imap2                 *:*                     LISTEN     9414/couriertcpd    
tcp6       0   2736 reverse.69.12.222.1:ssh host33-158-dynami:50982 ESTABLISHED26524/0 

 

And thi is my /etc/hosts

Code:

root@rei:/etc/proftpd# cat /etc/hosts
127.0.0.1       localhost.localdomain localhost
#192.168.0.128  rei.ayanami.eu  rei
83.144.100.57   rei.ayanami.eu  rei

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

proftpd.conf (password nulled )

Code:

root@rei:/etc/proftpd# cat proftpd.conf
Include				/etc/proftpd/modules.conf
UseIPv6				off

ServerName			"Ayanami FTP Server"
ServerType			Standalone
ServerAdmin			root@host

# Hide as much as possible to outside users
ServerIdent			on	"Welcome to the Ayanami.eu FTP server. Please login..."
DeferWelcome			on
DefaultServer			on

AllowStoreRestart		on

Port				21

MultilineRFC2228		on
ShowSymlinks			on

TimeoutNoTransfer		600
TimeoutStalled			600
TimeoutIdle			1200

DisplayLogin			welcome.msg
DisplayFirstChdir		.message
ListOptions			"-l"

Umask				022 022
MaxInstances			30

User				ftpuser
Group				ftpgroup
AllowOverwrite			on

DenyFilter			\*.*/
DefaultRoot			~

<IfModule mod_tls.c>
TLSEngine 			off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine			on
</IfModule>

<IfModule mod_ratio.c>
Ratios				on
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
#
<IfModule mod_delay.c>
DelayEngine 			on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine 			on
ControlsMaxClients    		2
ControlsLog           		/var/log/proftpd/controls.log
ControlsInterval      		5
ControlsSocket        		/var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine 		on
</IfModule>

################################################################################
# Logging options
#
TransferLog			/var/log/proftpd.xferlog

# Some logging formats
#
LogFormat			default	"%h %l %u %t \"%r\" %s %b"
LogFormat			auth	"%v [%P] %h %t \"%r\" %s"
LogFormat			write	"%h %l %u %t \"%r\" %s %b"

# Log file/dir access
ExtendedLog			/var/log/proftpd/access.log	WRITE,READ	write

# Record all logins
ExtendedLog			/var/log/proftpd/auth.log	AUTH		auth

# Paranoia logging level....
ExtendedLog			/var/log/proftpd/paranoid.log	ALL		default

SyslogLevel			debug
SystemLog			/var/log/proftpd/proftpd.log
#
################################################################################

# The passwords in MySQL are encrypted using CRYPT
#
SQLAuthTypes			Plaintext Crypt
SQLAuthenticate			users* groups*

# used to connect to the database
# databasename@host database_user user_password
#
SQLConnectInfo			server_data@localhost proftpd xxxxxxxx

# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
#
SQLUserInfo			ftpuser userid passwd uid gid homedir shell

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
#
SQLGroupInfo			ftpgroup groupname gid members

# set min UID and GID - otherwise these are 999 each
#
SQLMinID			500

# create a user's home directory on demand if it doesn't exist
#
SQLHomedirOnDemand		on

# Update count every time user logs in
#
SQLLog				PASS updatecount
SQLNamedQuery			updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser

# Update modified everytime user uploads or deletes a file
#
SQLLog				STOR,DELE modified
SQLNamedQuery			modified UPDATE "modified=now() WHERE userid='%u'" ftpuser

# User quotas
# ===========
#
QuotaEngine 			on
QuotaDirectoryTally		on
QuotaDisplayUnits		Mb
QuotaShowQuotas			on
SQLNamedQuery			get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits  WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery			get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery			update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies
SQLNamedQuery			insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies

QuotaLimitTable			sql:/get-quota-limit
QuotaTallyTable			sql:/get-quota-tally/update-quota-tally/insert-quota-tally

RootLogin			off
RequireValidShell		off

SQLNamedQuery			gettally SELECT "ROUND((bytes_in_used/1048576),2) FROM ftpquotatallies WHERE name='%u'"
SQLNamedQuery			getlimit SELECT "ROUND((bytes_in_avail/1048576),2) FROM ftpquotalimits WHERE name='%u'"
SQLNamedQuery			getfree SELECT "ROUND(((ftpquotalimits.bytes_in_avail-ftpquotatallies.bytes_in_used)/1048576),2) FROM ftpquotalimits,ftpquotatallies WHERE ftpquotalimits.name = '%u' AND ftpquotatallies.name = '%u'"

SQLShowInfo			LIST "226" "Used %{gettally}MB from %{getlimit}MB. You have %{getfree}MB available space."

and output of netstat -tap

Code:

root@rei:/etc/proftpd# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:3496                  *:*                     LISTEN     2669/rpc.statd
tcp        0      0 localhost.localdo:10024 *:*                     LISTEN     2167/amavisd (maste
tcp        0      0 localhost.localdo:10025 *:*                     LISTEN     2590/master
tcp        0      0 *:mysql                 *:*                     LISTEN     2238/mysqld
tcp        0      0 *:sunrpc                *:*                     LISTEN     1832/portmap
tcp        0      0 *:auth                  *:*                     LISTEN     2532/inetd
tcp        0      0 *:ftp                   *:*                     LISTEN     3287/proftpd: (acce
tcp        0      0 192.168.0.128:domain    *:*                     LISTEN     2108/named
tcp        0      0 192.168.100.1:domain    *:*                     LISTEN     2108/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN     2108/named
tcp        0      0 *:smtp                  *:*                     LISTEN     2590/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     2108/named
tcp6       0      0 *:imaps                 *:*                     LISTEN     2499/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     2516/couriertcpd
tcp6       0      0 *:pop3                  *:*                     LISTEN     2504/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     2487/couriertcpd
tcp6       0      0 *:www                   *:*                     LISTEN     3749/apache2
tcp6       0      0 *:81                    *:*                     LISTEN     3749/apache2
tcp6       0      0 *:domain                *:*                     LISTEN     2108/named
tcp6       0      0 *:ssh                   *:*                     LISTEN     2619/sshd
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     2108/named
tcp6       0      0 *:https                 *:*                     LISTEN     3749/apache2
tcp6       0    296 ::ffff:192.168.0.12:ssh ::ffff:192.168.0.1:1746 ESTABLISHED3772/sshd: dawid [p

 

Hi all,
I've a problem with my proftp/mysql interaction: i have 3 users defined in the 2 tables of the database, but only one of these works when I'm trying to connect with my ftp server. What can I do? Should I post some config files?

Thank you for help,
SkY`

 

check You /var/log/proftpd/proftpd.log if there is any info about it...

 

I checked.
From the "client" I do this:

Code:

sky@Lara:~$ ftp 192.168.1.2
Connected to 192.168.1.2.
220 ProFTPD 1.3.0 Server (Debian) [192.168.1.2]
Name (192.168.1.2:sky): master
331 Password required for master.
Password:
530 Login incorrect.
Login failed.

And the log records:

 

This line explains everything:

Code:

May 31 23:40:07 xxx.xxx.xxx proftpd[19528] xxx.xxx.xxx (192.168.1.4[192.168.1.4]): USER master (Login failed): No such user
found.

it looks like you dont have user called "master" or you have it but in the db it contains whitespaces...

 

Yes, but there is an user named 'master' in both the 'ftpquotalimits' and 'ftpuser' tables...

 

Login doesn't work

I configured my proftpd/mysql as described in the howto but now have the problem that ftp logins do not work.
As long as the Shell is set to "/sbin/nologin", login does not work. In debian etch /sbin/nologin does not exist, but /usr/sbin/nologin, changing the shell in mysql doesn't have an effect, changing it to /bin/false also not.
Only when I change the shell to /bin/bash the login works.

What am I doing wrong?

Regards,
a²

 

It seems that your Proftpd expects system users, not virtual users. Please make sure that your setup is exactly like the one from the tutorial (check for typos, etc.).

 

Dear Falko,

thanks for your reply. I couldn't find typos, I copied the config from the howto into my files. See my conf:

Code:

[root@jupiter ~]# cat /etc/proftpd/proftpd.conf
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6                         off

ServerName                      "Debian"
ServerType                      standalone
DeferWelcome                    off

MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                     "-l"

DenyFilter                      \*.*/

# Port 21 is the standard FTP port.
Port                            21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts                    49152 65534

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            proftpd
Group                           nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask                           022  022
# Normally, we want files to be overwriteable.
AllowOverwrite                  on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd              off

# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile                   off

TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>


# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine        on
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
#   User                                ftp
#   Group                               nogroup
#   # We want clients to be able to login with "anonymous" as well as "ftp"
#   UserAlias                   anonymous ftp
#   # Cosmetic changes, all files belongs to ftp user
#   DirFakeUser on ftp
#   DirFakeGroup on ftp
#
#   RequireValidShell           off
#
#   # Limit the maximum number of anonymous logins
#   MaxClients                  10
#
#   # We want 'welcome.msg' displayed at login, and '.message' displayed
#   # in each newly chdired directory.
#   DisplayLogin                        welcome.msg
#   DisplayFirstChdir           .message
#
#   # Limit WRITE everywhere in the anonymous chroot
#   <Directory *>
#     <Limit WRITE>
#       DenyAll
#     </Limit>
#   </Directory>
#
#   # Uncomment this if you're brave.
#   # <Directory incoming>
#   #   # Umask 022 is a good standard umask to prevent new files and dirs
#   #   # (second parm) from being group and world writable.
#   #   Umask                           022  022
#   #            <Limit READ WRITE>
#   #            DenyAll
#   #            </Limit>
#   #            <Limit STOR>
#   #            AllowAll
#   #            </Limit>
#   # </Directory>
#
# </Anonymous>

DefaultRoot ~
# The passwords in MySQL are encrypted using CRYPT
SQLAuthTypes            Plaintext Crypt
SQLAuthenticate         users groups


# used to connect to the database
# databasename@host database_user user_password
SQLConnectInfo  ftp@localhost proftpd 3CL3BM7cVfuAzrJn


# Here we tell ProFTPd the names of the database columns in the "usertable"
# we want it to interact with. Match the names with those in the db
SQLUserInfo     ftpuser userid passwd uid gid homedir shell

# Here we tell ProFTPd the names of the database columns in the "grouptable"
# we want it to interact with. Again the names match with those in the db
SQLGroupInfo    ftpgroup groupname gid members

# set min UID and GID - otherwise these are 999 each
SQLMinID        500

# create a user's home directory on demand if it doesn't exist
SQLHomedirOnDemand on

# Update count every time user logs in
SQLLog PASS updatecount
SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser

# Update modified everytime user uploads or deletes a file
SQLLog  STOR,DELE modified
SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser

# User quotas
# ===========
QuotaEngine on
QuotaDirectoryTally on
QuotaDisplayUnits Mb
QuotaShowQuotas on

SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_                                 avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_                                 out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"

SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_                                 xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_                                 used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies

SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies

QuotaLimitTable sql:/get-quota-limit

Thanks,
a²

 

And the MySQL username and password are correct?
Does the virtual user exist also as a system user?