HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   Users can't acces their folders with Web-FTP (http://www.howtoforge.com/forums/showthread.php?t=16802)

kvdd 31st October 2007 21:39

Users can't acces their folders with Web-FTP
 
What I have done:

- Create a user called Klant1 and give them the normal rights, no Shell Acces, limited space and so on. This is not working!
- Create a user called Klant3 and give them all the rights including Shell Acces and anonymous acces. Not working too!
- Find this and this topic on this forum, but that is not exacly my problem (the first) and the second didn't solve the problem.

I have looked in my proftpd.conf, but everything is looking good in my eyes:
Code:

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                        "ProFTPD Default Installation"
ServerType                        standalone
DefaultServer                        on

#Added for security reasons:
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."

# Port 21 is the standard FTP port.
Port                                21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                                022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                        30

# Set the user and group under which the server will run.
User                                nobody
Group                                nobody

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite                on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
  User                                ftp
  Group                                ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                        anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                        10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                        welcome.msg
  DisplayFirstChdir                .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>


Include /etc/proftpd_ispconfig.conf

I have following the Perfect Setup for CentOS 5, and including some security options. (from line 10-13 in the code shown above)

I hope someone knows the problem, and thanks in advance!

[edit] And with an FTP program it doesn't work too [/edit]

till 31st October 2007 23:30

Please post the output of:

netstat -tap

kvdd 1st November 2007 08:07

Hi till, here it is:
Code:

[root@server01 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address              Foreign Address            State      PID/Program name
tcp        0      0 *:cycleserv2                *:*                        LISTEN      1862/rpc.statd
tcp        0      0 *:mysql                    *:*                        LISTEN      2247/mysqld
tcp        0      0 *:sunrpc                    *:*                        LISTEN      1823/portmap
tcp        0      0 *:hosts2-ns                *:*                        LISTEN      21053/ispconfig_htt
tcp        0      0 *:ftp                      *:*                        LISTEN      23324/proftpd: (acc
tcp        0      0 192.168.2.89:domain        *:*                        LISTEN      23211/named
tcp        0      0 server01.localhost:domain  *:*                        LISTEN      23211/named
tcp        0      0 localhost.localdomai:domain *:*                        LISTEN      23211/named
tcp        0      0 localhost.localdomain:ipp  *:*                        LISTEN      2108/cupsd
tcp        0      0 *:smtp                      *:*                        LISTEN      27026/master
tcp        0      0 localhost.localdomain:rndc  *:*                        LISTEN      23211/named
tcp        0      0 *:afs3-callback            *:*                        LISTEN      15702/nxagent
tcp        0      0 localhost.localdomain:53737 localhost.localdomain:ssh  ESTABLISHED 15499/ssh
tcp        0      0 *:imaps                    *:*                        LISTEN      2285/dovecot
tcp        0      0 *:pop3s                    *:*                        LISTEN      2285/dovecot
tcp        0      0 *:pop3                      *:*                        LISTEN      2285/dovecot
tcp        0      0 *:imap                      *:*                        LISTEN      2285/dovecot
tcp        0      0 *:http                      *:*                        LISTEN      21096/httpd
tcp        0      0 *:ssh                      *:*                        LISTEN      2127/sshd
tcp        0      0 localhost6.localdomain:rndc *:*                        LISTEN      23211/named
tcp        0      0 *:afs3-callback            *:*                        LISTEN      15702/nxagent
tcp        0      0 *:https                    *:*                        LISTEN      21096/httpd
tcp        0      0 localhost.localdomain:ssh  localhost.localdomain:53737 ESTABLISHED 15501/sshd: root@no
tcp        0    148 ::ffff:192.168.2.89:ssh    ::ffff:192.168.2.100:afrog  ESTABLISHED 1140/0

I hope you see wrong things ;)
Thanks in advance!

erebus 1st November 2007 10:13

Your FTP appears to run and listening for connections. That's good.

What about checking your logs for errors? Run something like that and check for possible causes:

Code:

# cat /var/log/messages|grep proftpd|less
I assume that by saying "it is not working" you mean that the username/password combination appears invalid (so you cannot login at all). Check in the logs using the above command for what exactly proftpd is complaining about, and we 'll see.

kvdd 1st November 2007 11:36

Quote:

Originally Posted by erebus
Your FTP appears to run and listening for connections. That's good.

What about checking your logs for errors? Run something like that and check for possible causes:

Code:

# cat /var/log/messages|grep proftpd|less
I assume that by saying "it is not working" you mean that the username/password combination appears invalid (so you cannot login at all). Check in the logs using the above command for what exactly proftpd is complaining about, and we 'll see.

Yes, thats right :) not working means, the user can't login / the username/password is not valid.

I have put that commando to see the log:
Code:

[root@server01 ~]# cat /var/log/messages|grep proftpd|less
Oct 31 20:21:16 server01 proftpd[22732]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:17 server01 proftpd[22733]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:17 server01 proftpd[22733]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22734]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22734]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22735]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22735]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22740]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22740]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:19 server01 proftpd[22743]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22743]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:19 server01 proftpd[22746]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22747]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22746]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:19 server01 proftpd[22747]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:19 server01 proftpd[22748]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22748]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:20 server01 proftpd[22749]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:20 server01 proftpd[22750]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:20 server01 proftpd[22749]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:20 server01 proftpd[22750]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:27:16 server01 proftpd[22370]: localhost.localdomain - ProFTPD killed (signal 15)
Oct 31 20:27:16 server01 proftpd[22370]: localhost.localdomain - ProFTPD 1.3.0a standalone mode SHUTDOWN
Oct 31 20:27:17 server01 proftpd[23324]: localhost.localdomain - ProFTPD 1.3.0a (stable) (built za okt 27 12:06:53 CEST 2007) standalone mode
 STARTUP
Oct 31 20:27:22 server01 proftpd[23359]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:27:22 server01 proftpd[23359]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:27:22 server01 proftpd[23366]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:27:22 server01 proftpd[23366]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:28:49 server01 proftpd[23502]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:28:49 server01 proftpd[23502]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:28:49 server01 proftpd[23511]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:28:49 server01 proftpd[23511]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:49:16 server01 proftpd[24720]: localhost.localdomain - Failed binding to 0.0.0.0, port 21: Address already in use
Oct 31 21:49:16 server01 proftpd[24720]: localhost.localdomain - Check the ServerType directive to ensure you are configured correctly.
Oct 31 21:49:54 server01 proftpd[24779]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:49:54 server01 proftpd[24779]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:49:54 server01 proftpd[24786]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:49:54 server01 proftpd[24786]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:52:20 server01 proftpd[25053]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:52:20 server01 proftpd[25053]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session closed.
Nov  1 09:17:52 server01 proftpd[3312]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:17:52 server01 proftpd[3312]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:17:53 server01 proftpd[3319]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:17:53 server01 proftpd[3319]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:19:27 server01 proftpd[3452]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:19:27 server01 proftpd[3452]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:19:27 server01 proftpd[3457]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:19:27 server01 proftpd[3457]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'

As we can see, the user Klant3 is not a user. I can say, I have use the right pass/username for the user. But the error says there IS not a user :) stange!

Must I add the users with a different methode or something?
[edit] The restart that you see in the log is done by myself, not done by ProFTP or something [/edit]

till 1st November 2007 12:03

ISPConfig users begin normaly with web[ID]_. Also FTP users are case sensitive and the Users are always lowercase, so I guess your FTP is fine but you just used a non existing username. Have a look at the user settings under user & email and check how exactly the username is written.

erebus 1st November 2007 12:12

Ok probably you have misunderstood the way ISPConfig's users work.

ISPConfig do not create users like the one you are trying to use -- that is why proftpd complains about not being existed.

Check your /etc/passwd to see your real users on your system:

Code:

# cat /etc/passwd|less

kvdd 1st November 2007 12:29

Quote:

Originally Posted by erebus
Ok probably you have misunderstood the way ISPConfig's users work.

ISPConfig do not create users like the one you are trying to use -- that is why proftpd complains about not being existed.

Check your /etc/passwd to see your real users on your system:

Code:

# cat /etc/passwd|less

ISPConfig makes no users for ProFTP when I add an user? I have to make twice accounts when I add one user for ISPConfig? (1 for ISPC and 1 for FTP useage?)

Here is the log:
Code:

[root@server01 ~]# cat /etc/passwd|less
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
nx:x:100:101::/var/lib/nxserver/home:/usr/bin/nxserver
admispconfig:x:102:102:Administrator ISPConfig:/home/admispconfig:/bin/bash
web4_anonftp:x:12004:12004::/var/www/web4/ftp:/bin/false
web6_anonftp:x:12006:12006::/var/www/web6/ftp:/bin/false
~
~
~
~
(END)


erebus 1st November 2007 12:54

No.

ISPConfig's users, are system users. That means they have both FTP access and a virtual mail account assigned to them. I.e. you create the user 'info' for the domain.com. If you pay attention the the user's creation page, you 'll see that your real user name is not just 'info' but something like 'web4_info'. That is your real username which you must use to login to your ftp server.

In you passwd file, seems like only anonymous FTP users are created (with no password). Do you really have created normal users? Check twice.

Also a useful notice: You can only have ONE user as administrator per domain (tick the administrator box when creating the user). This user is the root user for this domain -- meaning that when logging to the FTP server it will have access for everything in there. If you login as a plain user to your FTP, you will only have access to your personal folder -- not the root folder of the site, so if you upload content it will not be visible from www.domain.com but from www.domain.com/user/web4_info/web/.

kvdd 1st November 2007 20:52

Quote:

Originally Posted by till
ISPConfig users begin normaly with web[ID]_. Also FTP users are case sensitive and the Users are always lowercase, so I guess your FTP is fine but you just used a non existing username. Have a look at the user settings under user & email and check how exactly the username is written.

Thanks, that did it. I haven't seen the whole User & Email tab with its button "New". Shame on me! :rolleyes:

Quote:

Originally Posted by erebus
No.

ISPConfig's users, are system users. That means they have both FTP access and a virtual mail account assigned to them. I.e. you create the user 'info' for the domain.com. If you pay attention the the user's creation page, you 'll see that your real user name is not just 'info' but something like 'web4_info'. That is your real username which you must use to login to your ftp server.

In you passwd file, seems like only anonymous FTP users are created (with no password). Do you really have created normal users? Check twice.

Also a useful notice: You can only have ONE user as administrator per domain (tick the administrator box when creating the user). This user is the root user for this domain -- meaning that when logging to the FTP server it will have access for everything in there. If you login as a plain user to your FTP, you will only have access to your personal folder -- not the root folder of the site, so if you upload content it will not be visible from www.domain.com but from www.domain.com/user/web4_info/web/.

Thanks I've tab the "Administrator" on and I saw what it does. When log in as that user, and then try to make a new user with the administrator box filled, it say's the administrator is already created. Thanks!

Topic resolved.


All times are GMT +2. The time now is 01:41.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.