HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   Anonymous FTP fails with 503 error (http://www.howtoforge.com/forums/showthread.php?t=11143)

RAMilewski 6th March 2007 09:16

Anonymous FTP fails with 503 error
 
I'm running ISPConfig 2.2.10 on an Ubuntu system. User FTP logins work fine, but anonymous FTP fails with a 503 (incorrect login) error.

I've poked through other threads here, but none of the fixes seem to work.

Any additional suggestion for how to debug this problem?

-- Richard

RAMilewski 6th March 2007 09:25

Sorry... I copied the error wrong. That's a 530 Incorrect login, not 503.

-- Richard

falko 7th March 2007 18:16

What's in /etc/proftpd.conf and /etc/proftpd_ispconfig.conf?
Any errors in your logs?

RAMilewski 8th March 2007 00:53

Proftpd.conf looks like this:

#
# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

ServerName Default
ServerType standalone
DeferWelcome off

MultilineRFC2228 on
DefaultServer on
ShowSymlinks on

TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"

DenyFilter \*.*/

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd off

# Uncomment this if you would use TLS module:
#TLSEngine on

# Uncomment this if you would use quota module:
#Quotas on

# Uncomment this if you would use ratio module:
#Ratios on

# Port 21 is the standard FTP port.
Port 21

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?pag...LSS-2004-10-02
# It is on by default.
#DelayEngine off

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>
<Global>
AccessGrantMsg "Welcome to the Greaves Group FTP Site"
RootLogin on
RequireValidShell off
UseFtpUsers on
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."
AuthAliasOnly off
WtmpLog on
</Global>
TimesGMT off
<Anonymous /var/ftp>
</Anonymous>
RequireValidShell off
UseFtpUsers on
RootLogin on


Include /etc/proftpd_ispconfig.conf



************************************************** *

proftpd_ispconfig.conf looks like this:


###################################
#
# ISPConfig proftpd Configuration File
# Version 1.0
#
###################################
DefaultAddress 127.0.0.1
<VirtualHost 64.142.97.114>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.115>
DefaultRoot ~
AllowOverwrite on
Umask 002
<Anonymous /home/www/web9/ftp>
User web9_anonftp
Group web9_anonftp
UserAlias anonymous web9_anonftp
UserAlias guest web9_anonftp
MaxClients 10
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /home/www/web9/ftp/incoming>
Umask 002
<Limit STOR>
AllowAll
</Limit>
<Limit READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost 64.142.97.116>
DefaultRoot ~
AllowOverwrite on
Umask 002
<Anonymous /home/www/web2/ftp>
User web2_anonftp
Group web2_anonftp
UserAlias anonymous web2_anonftp
UserAlias guest web2_anonftp
MaxClients 10
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /home/www/web2/ftp/incoming>
Umask 002
<Limit STOR>
AllowAll
</Limit>
<Limit READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost 64.142.97.117>
DefaultRoot ~
AllowOverwrite on
Umask 002
<Anonymous /home/www/web5/ftp>
User web5_anonftp
Group web5_anonftp
UserAlias anonymous web5_anonftp
UserAlias guest web5_anonftp
MaxClients 10
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /home/www/web5/ftp/incoming>
Umask 002
<Limit STOR>
AllowAll
</Limit>
<Limit READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost 64.142.97.118>
DefaultRoot ~
AllowOverwrite on
Umask 002
<Anonymous /home/www/web8/ftp>
User web8_anonftp
Group web8_anonftp
UserAlias anonymous web8_anonftp
UserAlias guest web8_anonftp
MaxClients 10
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /home/www/web8/ftp/incoming>
Umask 002
<Limit STOR>
AllowAll
</Limit>
<Limit READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost 64.142.97.119>
DefaultRoot ~
AllowOverwrite on
Umask 002
<Anonymous /home/www/web10/ftp>
User web10_anonftp
Group web10_anonftp
UserAlias anonymous web10_anonftp
UserAlias guest web10_anonftp
MaxClients 10
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
<Directory /home/www/web10/ftp/incoming>
Umask 002
<Limit STOR>
AllowAll
</Limit>
<Limit READ>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
<VirtualHost 64.142.97.120>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.121>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.122>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.123>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.124>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.125>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>
<VirtualHost 64.142.97.126>
DefaultRoot ~
AllowOverwrite on
Umask 002
</VirtualHost>

RAMilewski 8th March 2007 00:54

...and checking the Anonymous FTP box on the web10 site adds the following to ispconfig.log


07.03.2007 - 15:42:55 => INFO - USER:
web10_austinhq:x:10028:10010:Austin HQ Distribution List:/home/www/web10/user/web10_austinhq:/dev/null
07.03.2007 - 15:42:55 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: postmap hash:/etc/postfix/virtusertable
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1230: cp -fr /etc/apache2/vhosts/Vhosts_ispconfig.conf /etc/apache2/vhosts/Vhosts_ispconfig.conf~
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1891: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~
07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12009 web9_anonftp &> /dev/null
07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web9/ftp -g web9_anonftp -m -s /bin/false -u 12009 web9_anonftp &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web9_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web9_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web9_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web9_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12002 web2_anonftp &> /dev/null
07.03.2007 - 15:42:56 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web2/ftp -g web2_anonftp -m -s /bin/false -u 12002 web2_anonftp &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web2_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web2_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web2_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:56 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web2_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12005 web5_anonftp &> /dev/null
07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web5/ftp -g web5_anonftp -m -s /bin/false -u 12005 web5_anonftp &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web5_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web5_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web5_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web5_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: WARNING: could not groupadd -g 12008 web8_anonftp &> /dev/null
07.03.2007 - 15:42:57 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: WARNING: could not useradd -d /home/www/web8/ftp -g web8_anonftp -m -s /bin/false -u 12008 web8_anonftp &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web8_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web8_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web8_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web8_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1926: groupadd -g 12010 web10_anonftp &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1927: useradd -d /home/www/web10/ftp -g web10_anonftp -m -s /bin/false -u 12010 web10_anonftp &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -u web10_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1938: setquota -T -u web10_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1939: setquota -g web10_anonftp 0 0 0 0 -a &> /dev/null
07.03.2007 - 15:42:57 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1940: setquota -T -g web10_anonftp 604800 604800 -a &> /dev/null
07.03.2007 - 15:42:59 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_system.lib.php, Line 706: /etc/init.d/proftpd restart &> /dev/null

falko 8th March 2007 19:16

What's in /etc/passwd and /etc/group?

RAMilewski 8th March 2007 20:33

Hmmm... lots of stuff, but the relevant lines seem to be:

in group:

users:x:100:web8_twg,web8_brenda,web8_chris,web8_m elissa,web8_partners,web8_info,web8_roger,web8_adm in,web8_chris2,web2_twg,web2_n6mod,web2_jhayes,web 10_barry,web10_sharla,web10_brenda,web10_melissa,w eb10_ed,web10_michele,web10_janeadmispconfig:x:100 1:admispconfig
web1:x:10001:admispconfig
web1_anonftp:x:12001:
web2:x:10002:admispconfig,web2_ram
web2_anonftp:x:12002:
web4:x:10004:admispconfig
web4_anonftp:x:12004:
web5:x:10005:admispconfig,web5_dreamweaver
web5_anonftp:x:12005:
web8:x:10008:admispconfig,web8_ram
web8_anonftp:x:12008:admispconfig,web8_anonftp
web9:x:10009:admispconfig,ram,web9_admin
web9_anonftp:x:12009:
web10:x:10010:admispconfig,web10_admin
web12:x:10012:admispconfig
web13:x:10013:admispconfig,web13_admin
freerad:x:115:
ssl-cert:x:116:postgres
web10_anonftp:x:12010:

...........................................and in passwd:

admispconfig:x:1001:1001:Administrator ISPConfig:/home/admispconfig:/bin/bash
web1_anonftp:x:12001:12001::/home/www/web1/ftp:/bin/false
web2_anonftp:x:12002:12002::/home/www/web2/ftp:/bin/false
web4_anonftp:x:12004:12004::/home/www/web4/ftp:/bin/false
web5_anonftp:x:12005:12005::/home/www/web5/ftp:/bin/false
web8_anonftp:x:12008:12008::/home/www/web8/ftp:/bin/false
web9_anonftp:x:12009:12009::/home/www/web9/ftp:/bin/false
web5_dreamweaver:x:10004:10005:Bug Track:/home/www/web5:/bin/bash
web13_admin:x:10027:10013:Richard:/home/www/web13:/bin/false
freerad:x:109:115::/etc/freeradius:/bin/false
web9_admin:x:10029:10009:Administrator:/home/www/web9:/bin/bash
web8_ram:x:10009:10008:Richard A. Milewski:/home/www/web8:/bin/bash
web8_twg:x:10010:10008:Thomas W. Greaves:/home/www/web8/user/web8_twg:/bin/false
web8_brenda:x:10014:10008:Brenda Raker:/home/www/web8/user/web8_brenda:/bin/false
web8_chris:x:10015:10008:Christine Whelan:/home/www/web8/user/web8_chris:/bin/false
web8_melissa:x:10016:10008:Melissa Mccullough:/home/www/web8/user/web8_melissa:/bin/false
web8_partners:x:10017:10008:Partners:/home/www/web8/user/web8_partners:/bin/false
web8_info:x:10018:10008:Catchall Accounts:/home/www/web8/user/web8_info:/bin/false
web8_roger:x:10019:10008:Roger Samdahl:/home/www/web8/user/web8_roger:/bin/false
web8_admin:x:10020:10008:NOC Accounts:/home/www/web8/user/web8_admin:/bin/bash
web8_chris2:x:10026:10008:Chris Whelan:/home/www/web8/user/web8_chris2:/bin/false
web2_twg:x:10012:10002:Thomas W. Greaves:/home/www/web2/user/web2_twg:/bin/false
web2_ram:x:10008:10002:Richard A. Milewski:/home/www/web2:/bin/bash
web2_n6mod:x:10007:10002:Aleksandr:/home/www/web2/user/web2_n6mod:/bin/bash
web2_jhayes:x:10013:10002:Jeanne Hayes:/home/www/web2/user/web2_jhayes:/bin/false
web10_admin:x:10022:10010:Administrator:/home/www/web10:/bin/bash
web10_barry:x:10023:10010:Barry Berman:/home/www/web10/user/web10_barry:/bin/false
web10_sharla:x:10025:10010:Sharla Woodrow:/home/www/web10/user/web10_sharla:/bin/false
web10_brenda:x:10031:10010:Brenda Raker:/home/www/web10/user/web10_brenda:/bin/false
web10_melissa:x:10032:10010:Melissa McCullough:/home/www/web10/user/web10_melissa:/bin/false
web10_ed:x:10033:10010:Ed Cranston:/home/www/web10/user/web10_ed:/bin/false
web10_michele:x:10034:10010:Michele Drake:/home/www/web10/user/web10_michele:/bin/false
web10_jane:x:10035:10010:Jane Stahler:/home/www/web10/user/web10_jane:/bin/false
web10_tom:x:10021:10010:Tom Fitzgerald:/home/www/web10/user/web10_tom:/dev/null
web10_david:x:10024:10010:David Walling:/home/www/web10/user/web10_david:/dev/null
web10_austinhq:x:10028:10010:Austin HQ Distribution List:/home/www/web10/user/web10_austinhq:/dev/null
web10_anonftp:x:12010:12010::/home/www/web10/ftp:/bin/false



....is there something in particular I should look for?

-- RAM

falko 9th March 2007 17:30

I wanted to see if all anonymous FTP users and groups are existing - they are, so that's not the problem... :confused:

joshenry 13th April 2007 19:37

I hate to bring a thread back from the dead but I've been reading through these threads that have anonymous ftp access problems and I don't see a fix for it.

I also am having this same problem, getting:

From SmartFTP:

[11:21:55] 220 FTP Server ready.
[11:21:55] USER anonymous
[11:21:55] 331 Password required for anonymous.
[11:21:55] PASS (hidden)
[11:21:55] 530 Login incorrect.
[11:21:55] Active Help: http://www.smartftp.com/support/kb/index.php/51
[11:21:55] Cannot login waiting to retry (30s)...
[11:26:55] 421 No Transfer Timeout (300 seconds): closing control connection.
[11:26:55] Server closed connection

From /var/log/messages:

Apr 13 11:20:42 proftpd[11346]: localhost.localdomain (::ffff:68.149.237.71[::ffff:68.149.237.71]) - no such user 'anonymous'

Code:

# This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName                      "ProFTPD server"
ServerIdent                    on "FTP Server ready."
ServerAdmin                    root@localhost
ServerType                      standalone
#ServerType                    inetd
DefaultServer                  on
AccessGrantMsg                  "User %u logged in."
#DisplayConnect                /etc/ftpissue
#DisplayLogin                  /etc/ftpmotd
#DisplayGoAway                  /etc/ftpgoaway
DeferWelcome                    off

# Use this to excude users from the chroot
DefaultRoot                    ~ !adm

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig                  proftpd
AuthOrder                      mod_auth_pam.c* mod_auth_unix.c

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups                    off
UseReverseDNS                  off

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                          022

# Default to show dot files in directory listings
ListOptions                    "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228              off

#RootLogin                      off
#LoginPasswordPrompt            on
#MaxLoginAttempts              3
#MaxClientsPerHost              none
#AllowForeignAddress            off    # For FXP

# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart            on
AllowStoreRestart              on

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    20

# Set the user and group that the server normally runs at.
User                            nobody
Group                          nobody

# Disable sendfile by default since it breaks displaying the download speeds in
# ftptop and ftpwho
UseSendfile                    no

# This is where we want to put the pid file
ScoreboardFile                  /var/run/proftpd.score

# Normally, we want users to do a few things.
<Global>
  AllowOverwrite                yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>
</Global>

# Define the log formats
LogFormat                      default "%h %l %u %t \"%r\" %s %b"
LogFormat                      auth    "%v [%P] %h %t \"%r\" %s"

# TLS
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
#TLSEngine                      on
#TLSRequired                    on
#TLSRSACertificateFile          /etc/pki/tls/certs/proftpd.pem
#TLSRSACertificateKeyFile      /etc/pki/tls/certs/proftpd.pem
#TLSCipherSuite                ALL:!ADH:!DES
#TLSOptions                    NoCertRequest
#TLSVerifyClient                off
##TLSRenegotiate                ctrl 3600 data 512000 required off timeout 300
#TLSLog                        /var/log/proftpd/tls.log

# SQL authentication Dynamic Shared Object (DSO) loading
# See README.DSO and howto/DSO.html for more details.
#<IfModule mod_dso.c>
#  LoadModule mod_sql.c
#  LoadModule mod_sql_mysql.c
#  LoadModule mod_sql_postgres.c
#</IfModule>

# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
#  User                        ftp
#  Group                                ftp
#  AccessGrantMsg              "Anonymous login ok, restrictions apply."
#
#  # We want clients to be able to login with "anonymous" as well as "ftp"
#  UserAlias                    anonymous ftp
#
#  # Limit the maximum number of anonymous logins
#  MaxClients                  10 "Sorry, max %m users -- try again later"
#
#  # Put the user into /pub right after login
#  #DefaultChdir                        /pub
#
#  # We want 'welcome.msg' displayed at login, '.message' displayed in
#  # each newly chdired directory and tell users to read README* files.
#  DisplayLogin                /welcome.msg
#  DisplayFirstChdir            .message
#  DisplayReadme                        README*
#
#  # Some more cosmetic and not vital stuff
#  DirFakeUser                  on ftp
#  DirFakeGroup                on ftp
#
#  # Limit WRITE everywhere in the anonymous chroot
#  <Limit WRITE SITE_CHMOD>
#    DenyAll
#  </Limit>
#
#  # An upload directory that allows storing files but not retrieving
#  # or creating directories.
#  <Directory uploads/*>
#    AllowOverwrite            no
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>
#
#  # Don't write anonymous accesses to the system wtmp file (good idea!)
#  WtmpLog                      off
#
#  # Logging for the anonymous transfers
#  ExtendedLog          /var/log/proftpd/access.log WRITE,READ default
#  ExtendedLog          /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>

 # Restrict the range of ports from which the server will select when sent the
# PASV command from a client. Use IANA-registered ephemeral port range of
# 49152-65534
PassivePorts 49152 65534

DefaultRoot ~

Include /etc/proftpd_ispconfig.conf

Here is the /etc/proftpd_ispconfig.conf file:

Code:

###################################
#
# ISPConfig proftpd Configuration File
#        Version 1.0
#
###################################
DefaultAddress 127.0.0.1
<VirtualHost 10.10.10.20>
        DefaultRoot            ~
        AllowOverwrite          on
        Umask                  002
        <Anonymous /var/www/web11/ftp>
          User                          web11_anonftp
          Group                        web11_anonftp
          UserAlias                    anonymous web11_anonftp
          UserAlias                    guest web11_anonftp
          MaxClients                    10
          <Directory *>
            <Limit WRITE>
              DenyAll
            </Limit>
          </Directory>
          <Directory /var/www/web11/ftp/incoming>
            Umask                      002
            <Limit STOR>
              AllowAll
            </Limit>
            <Limit READ>
              DenyAll
            </Limit>
          </Directory>
        </Anonymous>
</VirtualHost>

Here is the ispconfig.log file:

Code:

13.04.2007 - 11:12:53 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1923: groupadd -g 12011 web11_anonftp &> /dev/null
13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1924: useradd -d /var/www/web11/ftp -g web11_anonftp -m -s /bin/false -u 12011 web11_anonftp &> /d
ev/null
13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1934: setquota -u web11_anonftp 512000 513024 0 0 -a &> /dev/null
13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1935: setquota -T -u web11_anonftp 604800 604800 -a &> /dev/null
13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1936: setquota -g web11_anonftp 512000 513024 0 0 -a &> /dev/null
13.04.2007 - 11:12:54 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1937: setquota -T -g web11_anonftp 604800 604800 -a &> /dev/null


Everything looks like it should work but I have no clue why it's not working. I can FTP with a user in ISPConfig and SmartFTP no problem, it's just the anonymous ftp user that has the problems.

Thanks!

falko 14th April 2007 14:09

Quote:

Originally Posted by joshenry
Apr 13 11:20:42 proftpd[11346]: localhost.localdomain (::ffff:68.149.237.71[::ffff:68.149.237.71]) - no such user 'anonymous'

I'm not sure where that error comes from because the user anonymous is mapped to web11_anonftp in /etc/proftpd_ispconfig.conf:

Code:

          UserAlias                    anonymous web11_anonftp
Does web11_anonftp exist in /etc/passwd?


All times are GMT +2. The time now is 12:25.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.