ProFTPd + MySQL refuses to work

[mongoose643]

Ok - I have scoured the internet and these forums high and low and in between and I cannot figure out the cause or solution to a couple of problems.

First let me give some background:

I'm running Ubuntu 8.04 LTS Server on a Dell desktop. However, I'm also using a Xen virtualized domain inside of that. The Xen virtualized domain is also using Ubuntu 8.04 LTS Server.

I found a tutorial for using proftpd and it suggesting compiling it myself. I tried but it refused to compile properly and threw
cryptic configuration error messages at me.

Next I tried just installing proftpd and trying to follow the same tutorial. That was a mistake that I should have learned to avoid long ago but my hopes and desires overcame me and I did it anyway.

So to try and repair the damage I ran these commands:

Code:

# apt-get remove proftpd
# apt-get autoremove

to make sure unused stuff was out of my way. I then removed files and directories that were left over from the install.

Next I came back to howtoforge and I followed this tutorial to get started since Falko's tutorials always seem to put me on the right track.

http://www.howtoforge.com/virtual-ho...ql-ubuntu-8.04

Note that I am using a terminal on my macbook to test the ftp connection. The macbook and my dell desktop are on the same local network.

Domain0 on the dell server has a static IP of 192.168.1.50. The Xen1 domain on the dell server has a static IP of 192.168.1.61.

I use a plain Linksys Wireless-G router where I have set up port forwarding to the IP 192.168.1.61 for the port range 1-40000 - one to forty thousand.

As noted in the subject, I am trying to use MySQL for credential storage.

Database name: proftp

The only user row I have set up is this:

user: devtest
password: devtest
UID: 5500
GID: 5500
(obviously not secure but I just want something I can type quickly while I get this to work)

The group table has the following single row in it:

name: ftpgroup
GID: 5500
members: ftpuser

Thanks to some misconfigurations and typos on my part it took me a while to get a matching setup but now for the life of me I can't figure out why the following things are happening.

If I reboot the virtualized OS and attempt to connect to it once finishes rebooting I get this output:

Code:

$ ftp devtest@192.168.1.61
Connected to 192.168.1.61.
220 ProFTPD 1.3.1 Server (Debian) [192.168.1.61]
421 Service not available, remote server has closed connection.
ftp: Login failed.
ftp> exit

At this point I check the logfile (which I blanked before rebooting) and here are the contents of the logfile:

Code:

Oct 17 19:22:17 xen1.fakedomain.com proftpd[3537] xen1.fakedomain.com: ProFTPD 1.3.1 (stable) (built Thu Feb 21 04:21:14 UTC 2008) standalone mode STARTUP
Oct 17 19:24:11 xen1.fakedomain.com proftpd[3609] xen1.fakedomain.com (192.168.1.100[192.168.1.100]): FTP session opened.
Oct 17 19:24:11 xen1.fakedomain.com proftpd[3609] xen1.fakedomain.com (192.168.1.100[192.168.1.100]): FTP session closed.

If I then run the following commands (note that I'm running root for sheer convenience after hours upon hours of fighting with this):

Code:

root@xen1:~# /etc/init.d/proftpd stop
 * Stopping ftp server proftpd
   ...done.
root@xen1:~# netstat -pant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:4136            0.0.0.0:*               LISTEN      3585/perl       
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3454/mysqld     
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3558/apache2    
tcp        0      0 192.168.1.61:53         0.0.0.0:*               LISTEN      3329/named      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      3329/named      
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      3329/named      
tcp6       0      0 :::53                   :::*                    LISTEN      3329/named      
tcp6       0      0 :::22                   :::*                    LISTEN      3354/sshd       
tcp6       0      0 ::1:953                 :::*                    LISTEN      3329/named      
tcp6       0      0 192.168.1.61:22         192.168.1.1:51841       ESTABLISHED 3593/0          
root@xen1:~# proftpd
root@xen1:~# netstat -pant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:4136            0.0.0.0:*               LISTEN      3585/perl       
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3454/mysqld     
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3558/apache2    
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      3622/proftpd: (acce
tcp        0      0 192.168.1.61:53         0.0.0.0:*               LISTEN      3329/named      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      3329/named      
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      3329/named      
tcp6       0      0 :::53                   :::*                    LISTEN      3329/named      
tcp6       0      0 :::22                   :::*                    LISTEN      3354/sshd       
tcp6       0      0 ::1:953                 :::*                    LISTEN      3329/named      
tcp6       0     48 192.168.1.61:22         192.168.1.1:51841       ESTABLISHED 3593/0          
root@xen1:~#

Now if I try to connect via FTP again I get this output:

Code:

$ ftp devtest@192.168.1.61
Connected to 192.168.1.61.
220 ProFTPD 1.3.1 Server (ProFTPD Default Installation) [192.168.1.61]
331 Password required for devtest
Password: 
530 Login incorrect.
ftp: Login failed.
ftp> exit
221 Goodbye.

And now the logfile shows this (includes data from earlier):

Code:

ct 17 19:22:17 xen1.fakedomain.com proftpd[3537] xen1.fakedomain.com: ProFTPD 1.3.1 (stable) (built Thu Feb 21 04:21:14 UTC 2008) standalone mode STARTUP
Oct 17 19:24:11 xen1.fakedomain.com proftpd[3609] xen1.fakedomain.com (192.168.1.100[192.168.1.100]): FTP session opened.
Oct 17 19:24:11 xen1.fakedomain.com proftpd[3609] xen1.fakedomain.com (192.168.1.100[192.168.1.100]): FTP session closed.
Oct 17 19:28:36 xen1.fakedomain.com proftpd[3537] xen1.fakedomain.com: ProFTPD killed (signal 15)
Oct 17 19:28:36 xen1.fakedomain.com proftpd[3537] xen1.fakedomain.com: ProFTPD 1.3.1 standalone mode SHUTDOWN

I'm attaching my configuration files to this post. I've also included an exported SQL file for anyone who wants to look over that too. I will not deny that there is a possibility of a really dumb oversight on my part since I have dealing with this for so long today and I'm getting a bit tired and frustrated with it. (The files all have .txt appended to them because the uploader won't accept .conf or .sql files in case anyone is wondering why I did that.)

[EDIT]
I wonder if I am accidentally running two different sets of proftpd. One that uses inetd (contents below) and one that is standalone (though my logfile says otherwise - just attached).

Code:

#<off>
## ftp	stream	tcp	nowait	root	/usr/sbin/tcpd /usr/sbin/proftpd

[mongoose643]

Ok - thank some genius for coming up with virtualization. I took the time to set up a clean slate (totally fresh Xen virtual machine) and tried the tutorial without adding *any* of my own settings or preferences. It worked.

Now to speculate as to why it worked. I believe that when I used 5500 for the UID and GID I messed up when I created the original group and user (Linux user and group not proftp user/group). If I did mess that up then the ftp user/group would not have had the proper permissions to do what it needed to do and therefore authentication failed.

As to why I had the weird situation with having to stop proftpd and start it again I think it definitely was leftover from my previous failed attempts to get a working proftpd install.

This being said I am going to just restore a backup that I made of the original virtual machine prior to me messing around with FTP (I love backups!) and start from there. I feel that I can certainly get it working now.

By the way - I highly recommend Falko's tutorials in general and if you are interested in getting Xen up and running for yourself I think you should use this tutorial:

http://www.howtoforge.com/ubuntu-8.0...u-repositories

After a good 3 days of research and work I created a backup script (that is not quite finished) that will work on the types of virtual machines that the tutorial helps you create. The main missing facility is a way to restore from the backup or to create a virtual machine clone based on a backup.

I have attached the script for anyone who wants to use it (as is with no warranties yadda yadda yadda). Also, use this set of commands to add the script as a bash command and create backups.

Code:

root@xen1 ~# cp xenbak.txt /usr/bin/xenbak.txt
root@xen1 ~# mv /usr/bin/xenbak.txt /usr/bin/xenbak
root@xen1 ~# chmod 0755 /usr/bin/xenbak
root@xen1 ~# apt-get install cdrecord genisoimage

Basically the code above just places the attachment (xenbak.txt) into your /usr/bin directory and renames it to xenbak so that it looks more like a "normal" bash command. Lastly it alters the permissions on the file to that you can actually execute the command.

You need sudo or root permissions to run the xenbak command.

Use this command to backup all the domains (running or not) using default options.

Code:

# xenbak -a

User this command to backup a single domain. (xen1.domain is the "hostname" of your domain. Hostname being whatever you entered for the --hostname=blabla part of the xen-create-image command.)

Code:

# xenbak -d "xen1.domain"

Sometimes you may want to backup a single domain more than once at different stages of configuration or usage. To customize the name of the backup copy use this command.

Code:

# xenbak -d "xen1.domain" -n "xen1.domain.before-ftp"

The following options can also be used to do some useful things (not all options specified inside the script actually do something yet):

-a (Backup all domains)
-c (Create a CD backup. Must put a blank or rewritable disk in the drive before it reaches this stage of the process)
-C (Compress each domain backup into a .tar.gz file - usually required if you want your backup ISO to be small enough to fit on a CD)
-r (Remove previous backups before backing up the domain(s))
-e (Erase the CD in the drive before attempting to write to it)
-j (Automatically eject the disk once the backup is complete.
-E (Spews out a bunch of output that tells you what options you chose.)

Here is the command I use to backup a single domain to a custom named backup and compress it and write it to CD after making sure the disk has been erased. It also ejects the disk once the backup is complete.

Code:

# xenbak -d "xen1.domain" -n "xen1.domain-snapshot1" -cCeErj

I hope this helps someone!

[mongoose643]

The problem was in fact the initial setup of the ftp user and group. However, I still haven't gotten it to boot up into the proftpd that works so I can't say how to fix that.

When I finish the rest of the features for the xenbak script I will create a new script for restoring and cloning from the backups it makes. I will try to remember to come post them here once they're done.