Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st October 2007, 21:39
kvdd kvdd is offline
Junior Member
 
Join Date: Oct 2007
Posts: 11
Thanks: 3
Thanked 0 Times in 0 Posts
Default Users can't acces their folders with Web-FTP

What I have done:

- Create a user called Klant1 and give them the normal rights, no Shell Acces, limited space and so on. This is not working!
- Create a user called Klant3 and give them all the rights including Shell Acces and anonymous acces. Not working too!
- Find this and this topic on this forum, but that is not exacly my problem (the first) and the second didn't solve the problem.

I have looked in my proftpd.conf, but everything is looking good in my eyes:
Code:
# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"ProFTPD Default Installation"
ServerType			standalone
DefaultServer			on

#Added for security reasons:
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."

# Port 21 is the standard FTP port.
Port				21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask				022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances			30

# Set the user and group under which the server will run.
User				nobody
Group				nobody

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite		on

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
  DenyAll
</Limit>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
  User				ftp
  Group				ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias			anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients			10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin			welcome.msg
  DisplayFirstChdir		.message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>


Include /etc/proftpd_ispconfig.conf
I have following the Perfect Setup for CentOS 5, and including some security options. (from line 10-13 in the code shown above)

I hope someone knows the problem, and thanks in advance!

[edit] And with an FTP program it doesn't work too [/edit]

Last edited by kvdd; 31st October 2007 at 22:56.
Reply With Quote
Sponsored Links
  #2  
Old 31st October 2007, 23:30
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,796
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Please post the output of:

netstat -tap
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 1st November 2007, 08:07
kvdd kvdd is offline
Junior Member
 
Join Date: Oct 2007
Posts: 11
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Hi till, here it is:
Code:
[root@server01 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 *:cycleserv2                *:*                         LISTEN      1862/rpc.statd
tcp        0      0 *:mysql                     *:*                         LISTEN      2247/mysqld
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1823/portmap
tcp        0      0 *:hosts2-ns                 *:*                         LISTEN      21053/ispconfig_htt
tcp        0      0 *:ftp                       *:*                         LISTEN      23324/proftpd: (acc
tcp        0      0 192.168.2.89:domain         *:*                         LISTEN      23211/named
tcp        0      0 server01.localhost:domain   *:*                         LISTEN      23211/named
tcp        0      0 localhost.localdomai:domain *:*                         LISTEN      23211/named
tcp        0      0 localhost.localdomain:ipp   *:*                         LISTEN      2108/cupsd
tcp        0      0 *:smtp                      *:*                         LISTEN      27026/master
tcp        0      0 localhost.localdomain:rndc  *:*                         LISTEN      23211/named
tcp        0      0 *:afs3-callback             *:*                         LISTEN      15702/nxagent
tcp        0      0 localhost.localdomain:53737 localhost.localdomain:ssh   ESTABLISHED 15499/ssh
tcp        0      0 *:imaps                     *:*                         LISTEN      2285/dovecot
tcp        0      0 *:pop3s                     *:*                         LISTEN      2285/dovecot
tcp        0      0 *:pop3                      *:*                         LISTEN      2285/dovecot
tcp        0      0 *:imap                      *:*                         LISTEN      2285/dovecot
tcp        0      0 *:http                      *:*                         LISTEN      21096/httpd
tcp        0      0 *:ssh                       *:*                         LISTEN      2127/sshd
tcp        0      0 localhost6.localdomain:rndc *:*                         LISTEN      23211/named
tcp        0      0 *:afs3-callback             *:*                         LISTEN      15702/nxagent
tcp        0      0 *:https                     *:*                         LISTEN      21096/httpd
tcp        0      0 localhost.localdomain:ssh   localhost.localdomain:53737 ESTABLISHED 15501/sshd: root@no
tcp        0    148 ::ffff:192.168.2.89:ssh     ::ffff:192.168.2.100:afrog  ESTABLISHED 1140/0
I hope you see wrong things
Thanks in advance!
Reply With Quote
  #4  
Old 1st November 2007, 10:13
erebus erebus is offline
Member
 
Join Date: Sep 2007
Posts: 63
Thanks: 10
Thanked 9 Times in 9 Posts
Default

Your FTP appears to run and listening for connections. That's good.

What about checking your logs for errors? Run something like that and check for possible causes:

Code:
# cat /var/log/messages|grep proftpd|less
I assume that by saying "it is not working" you mean that the username/password combination appears invalid (so you cannot login at all). Check in the logs using the above command for what exactly proftpd is complaining about, and we 'll see.
Reply With Quote
  #5  
Old 1st November 2007, 11:36
kvdd kvdd is offline
Junior Member
 
Join Date: Oct 2007
Posts: 11
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by erebus
Your FTP appears to run and listening for connections. That's good.

What about checking your logs for errors? Run something like that and check for possible causes:

Code:
# cat /var/log/messages|grep proftpd|less
I assume that by saying "it is not working" you mean that the username/password combination appears invalid (so you cannot login at all). Check in the logs using the above command for what exactly proftpd is complaining about, and we 'll see.
Yes, thats right not working means, the user can't login / the username/password is not valid.

I have put that commando to see the log:
Code:
[root@server01 ~]# cat /var/log/messages|grep proftpd|less
Oct 31 20:21:16 server01 proftpd[22732]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:17 server01 proftpd[22733]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:17 server01 proftpd[22733]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22734]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22734]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22735]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22735]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:18 server01 proftpd[22740]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:18 server01 proftpd[22740]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:19 server01 proftpd[22743]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22743]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session closed.
Oct 31 20:21:19 server01 proftpd[22746]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22747]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22746]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:19 server01 proftpd[22747]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:19 server01 proftpd[22748]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:19 server01 proftpd[22748]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:20 server01 proftpd[22749]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:20 server01 proftpd[22750]: server01.localhost (192.168.2.100[192.168.2.100]) - FTP session opened.
Oct 31 20:21:20 server01 proftpd[22749]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:21:20 server01 proftpd[22750]: server01.localhost (192.168.2.100[192.168.2.100]) - no such user 'Klant1'
Oct 31 20:27:16 server01 proftpd[22370]: localhost.localdomain - ProFTPD killed (signal 15)
Oct 31 20:27:16 server01 proftpd[22370]: localhost.localdomain - ProFTPD 1.3.0a standalone mode SHUTDOWN
Oct 31 20:27:17 server01 proftpd[23324]: localhost.localdomain - ProFTPD 1.3.0a (stable) (built za okt 27 12:06:53 CEST 2007) standalone mode
 STARTUP
Oct 31 20:27:22 server01 proftpd[23359]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:27:22 server01 proftpd[23359]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:27:22 server01 proftpd[23366]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:27:22 server01 proftpd[23366]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:28:49 server01 proftpd[23502]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:28:49 server01 proftpd[23502]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 20:28:49 server01 proftpd[23511]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 20:28:49 server01 proftpd[23511]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:49:16 server01 proftpd[24720]: localhost.localdomain - Failed binding to 0.0.0.0, port 21: Address already in use
Oct 31 21:49:16 server01 proftpd[24720]: localhost.localdomain - Check the ServerType directive to ensure you are configured correctly.
Oct 31 21:49:54 server01 proftpd[24779]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:49:54 server01 proftpd[24779]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:49:54 server01 proftpd[24786]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:49:54 server01 proftpd[24786]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Oct 31 21:52:20 server01 proftpd[25053]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Oct 31 21:52:20 server01 proftpd[25053]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session closed.
Nov  1 09:17:52 server01 proftpd[3312]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:17:52 server01 proftpd[3312]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:17:53 server01 proftpd[3319]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:17:53 server01 proftpd[3319]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:19:27 server01 proftpd[3452]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:19:27 server01 proftpd[3452]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
Nov  1 09:19:27 server01 proftpd[3457]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov  1 09:19:27 server01 proftpd[3457]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - no such user 'Klant3'
As we can see, the user Klant3 is not a user. I can say, I have use the right pass/username for the user. But the error says there IS not a user stange!

Must I add the users with a different methode or something?
[edit] The restart that you see in the log is done by myself, not done by ProFTP or something [/edit]

Last edited by kvdd; 1st November 2007 at 11:39.
Reply With Quote
  #6  
Old 1st November 2007, 12:03
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,796
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

ISPConfig users begin normaly with web[ID]_. Also FTP users are case sensitive and the Users are always lowercase, so I guess your FTP is fine but you just used a non existing username. Have a look at the user settings under user & email and check how exactly the username is written.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
kvdd (1st November 2007)
  #7  
Old 1st November 2007, 12:12
erebus erebus is offline
Member
 
Join Date: Sep 2007
Posts: 63
Thanks: 10
Thanked 9 Times in 9 Posts
Default

Ok probably you have misunderstood the way ISPConfig's users work.

ISPConfig do not create users like the one you are trying to use -- that is why proftpd complains about not being existed.

Check your /etc/passwd to see your real users on your system:

Code:
# cat /etc/passwd|less
Reply With Quote
  #8  
Old 1st November 2007, 12:29
kvdd kvdd is offline
Junior Member
 
Join Date: Oct 2007
Posts: 11
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by erebus
Ok probably you have misunderstood the way ISPConfig's users work.

ISPConfig do not create users like the one you are trying to use -- that is why proftpd complains about not being existed.

Check your /etc/passwd to see your real users on your system:

Code:
# cat /etc/passwd|less
ISPConfig makes no users for ProFTP when I add an user? I have to make twice accounts when I add one user for ISPConfig? (1 for ISPC and 1 for FTP useage?)

Here is the log:
Code:
[root@server01 ~]# cat /etc/passwd|less
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
dovecot:x:97:97:dovecot:/usr/libexec/dovecot:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
nx:x:100:101::/var/lib/nxserver/home:/usr/bin/nxserver
admispconfig:x:102:102:Administrator ISPConfig:/home/admispconfig:/bin/bash
web4_anonftp:x:12004:12004::/var/www/web4/ftp:/bin/false
web6_anonftp:x:12006:12006::/var/www/web6/ftp:/bin/false
~
~
~
~
(END)
Reply With Quote
  #9  
Old 1st November 2007, 12:54
erebus erebus is offline
Member
 
Join Date: Sep 2007
Posts: 63
Thanks: 10
Thanked 9 Times in 9 Posts
Default

No.

ISPConfig's users, are system users. That means they have both FTP access and a virtual mail account assigned to them. I.e. you create the user 'info' for the domain.com. If you pay attention the the user's creation page, you 'll see that your real user name is not just 'info' but something like 'web4_info'. That is your real username which you must use to login to your ftp server.

In you passwd file, seems like only anonymous FTP users are created (with no password). Do you really have created normal users? Check twice.

Also a useful notice: You can only have ONE user as administrator per domain (tick the administrator box when creating the user). This user is the root user for this domain -- meaning that when logging to the FTP server it will have access for everything in there. If you login as a plain user to your FTP, you will only have access to your personal folder -- not the root folder of the site, so if you upload content it will not be visible from www.domain.com but from www.domain.com/user/web4_info/web/.
Reply With Quote
The Following User Says Thank You to erebus For This Useful Post:
kvdd (1st November 2007)
  #10  
Old 1st November 2007, 20:52
kvdd kvdd is offline
Junior Member
 
Join Date: Oct 2007
Posts: 11
Thanks: 3
Thanked 0 Times in 0 Posts
 
Default

Quote:
Originally Posted by till
ISPConfig users begin normaly with web[ID]_. Also FTP users are case sensitive and the Users are always lowercase, so I guess your FTP is fine but you just used a non existing username. Have a look at the user settings under user & email and check how exactly the username is written.
Thanks, that did it. I haven't seen the whole User & Email tab with its button "New". Shame on me!

Quote:
Originally Posted by erebus
No.

ISPConfig's users, are system users. That means they have both FTP access and a virtual mail account assigned to them. I.e. you create the user 'info' for the domain.com. If you pay attention the the user's creation page, you 'll see that your real user name is not just 'info' but something like 'web4_info'. That is your real username which you must use to login to your ftp server.

In you passwd file, seems like only anonymous FTP users are created (with no password). Do you really have created normal users? Check twice.

Also a useful notice: You can only have ONE user as administrator per domain (tick the administrator box when creating the user). This user is the root user for this domain -- meaning that when logging to the FTP server it will have access for everything in there. If you login as a plain user to your FTP, you will only have access to your personal folder -- not the root folder of the site, so if you upload content it will not be visible from www.domain.com but from www.domain.com/user/web4_info/web/.
Thanks I've tab the "Administrator" on and I saw what it does. When log in as that user, and then try to make a new user with the administrator box filled, it say's the administrator is already created. Thanks!

Topic resolved.

Last edited by kvdd; 1st November 2007 at 22:34.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP user can access whole web folders Y2K.bug Installation/Configuration 2 16th February 2007 20:14
Junk mail and spamassassin... sthompson Installation/Configuration 4 27th December 2006 17:11
FTP Error joshabts Installation/Configuration 3 4th November 2006 17:19
WEB UI FTP not working gimhan90 Installation/Configuration 2 16th March 2006 09:03
Website users? ctroyp General 25 6th January 2006 19:02


All times are GMT +2. The time now is 00:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.