vsftpd permissions

Discussion in 'Installation/Configuration' started by malinens, Jan 26, 2008.

  1. malinens

    malinens New Member

    Why all file permissions are set to 600 and folder permissions are set to 700 when I am uploading something :confused:
    I must manually change permissions after uplaoding files :(
     
    Last edited: Jan 26, 2008
  2. falko

    falko Super Moderator

    What's in /etc/vsftpd.conf?
     
  3. malinens

    malinens New Member

    Code:
    # Example config file /etc/vsftpd.conf
    #
    # The default compiled in settings are fairly paranoid. This sample file
    # loosens things up a bit, to make the ftp daemon more usable.
    # Please see vsftpd.conf.5 for all compiled in defaults.
    #
    # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
    # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
    # capabilities.
    #
    #
    # Run standalone?  vsftpd can run either from an inetd or as a standalone
    # daemon started from an initscript.
    listen=YES
    #
    # Run standalone with IPv6?
    # Like the listen parameter, except vsftpd will listen on an IPv6 socket
    # instead of an IPv4 one. This parameter and the listen parameter are mutually
    # exclusive.
    #listen_ipv6=YES
    #
    # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
    anonymous_enable=YES
    #
    # Uncomment this to allow local users to log in.
    local_enable=YES
    #
    # Uncomment this to enable any form of FTP write command.
    write_enable=YES
    #
    # Default umask for local users is 077. You may wish to change this to 022,
    # if your users expect that (022 is used by most other ftpd's)
    #local_umask=022
    #
    # Uncomment this to allow the anonymous FTP user to upload files. This only
    # has an effect if the above global write enable is activated. Also, you will
    # obviously need to create a directory writable by the FTP user.
    #anon_upload_enable=YES
    #
    # Uncomment this if you want the anonymous FTP user to be able to create
    # new directories.
    #anon_mkdir_write_enable=YES
    #
    # Activate directory messages - messages given to remote users when they
    # go into a certain directory.
    dirmessage_enable=YES
    #
    # Activate logging of uploads/downloads.
    xferlog_enable=YES
    #
    # Make sure PORT transfer connections originate from port 20 (ftp-data).
    connect_from_port_20=YES
    #
    # If you want, you can arrange for uploaded anonymous files to be owned by
    # a different user. Note! Using "root" for uploaded files is not
    # recommended!
    #chown_uploads=YES
    #chown_username=whoever
    #
    # You may override where the log file goes if you like. The default is shown
    # below.
    #xferlog_file=/var/log/vsftpd.log
    #
    # If you want, you can have your log file in standard ftpd xferlog format
    #xferlog_std_format=YES
    #
    # You may change the default value for timing out an idle session.
    #idle_session_timeout=600
    #
    # You may change the default value for timing out a data connection.
    #data_connection_timeout=120
    #
    # It is recommended that you define on your system a unique user which the
    # ftp server can use as a totally isolated and unprivileged user.
    #nopriv_user=ftpsecure
    #
    # Enable this and the server will recognise asynchronous ABOR requests. Not
    # recommended for security (the code is non-trivial). Not enabling it,
    # however, may confuse older FTP clients.
    #async_abor_enable=YES
    #
    # By default the server will pretend to allow ASCII mode but in fact ignore
    # the request. Turn on the below options to have the server actually do ASCII
    # mangling on files when in ASCII mode.
    # Beware that on some FTP servers, ASCII support allows a denial of service
    # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
    # predicted this attack and has always been safe, reporting the size of the
    # raw file.
    # ASCII mangling is a horrible feature of the protocol.
    #ascii_upload_enable=YES
    #ascii_download_enable=YES
    #
    # You may fully customise the login banner string:
    #ftpd_banner=Welcome to blah FTP service.
    #
    # You may specify a file of disallowed anonymous e-mail addresses. Apparently
    # useful for combatting certain DoS attacks.
    #deny_email_enable=YES
    # (default follows)
    #banned_email_file=/etc/vsftpd.banned_emails
    #
    # You may restrict local users to their home directories.  See the FAQ for
    # the possible risks in this before using chroot_local_user or
    # chroot_list_enable below.
    #chroot_local_user=YES
    #
    # You may specify an explicit list of local users to chroot() to their home
    # directory. If chroot_local_user is YES, then this list becomes a list of
    # users to NOT chroot().
    #chroot_list_enable=YES
    # (default follows)
    #chroot_list_file=/etc/vsftpd.chroot_list
    #
    # You may activate the "-R" option to the builtin ls. This is disabled by
    # default to avoid remote users being able to cause excessive I/O on large
    # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
    # the presence of the "-R" option, so there is a strong case for enabling it.
    #ls_recurse_enable=YES
    #
    #
    # Debian customization
    #
    # Some of vsftpd's settings don't fit the Debian filesystem layout by
    # default.  These settings are more Debian-friendly.
    #
    # This option should be the name of a directory which is empty.  Also, the
    # directory should not be writable by the ftp user. This directory is used
    # as a secure chroot() jail at times vsftpd does not require filesystem
    # access.
    secure_chroot_dir=/var/run/vsftpd
    #
    # This string is the name of the PAM service vsftpd will use.
    pam_service_name=vsftpd
    #
    # This option specifies the location of the RSA certificate to use for SSL
    # encrypted connections.
    rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    # This option specifies the location of the RSA key to use for SSL
    # encrypted connections.
    rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
    
     
  4. malinens

    malinens New Member

    I have one more problem. I can access ftp through online ftp (net2ftp.com) but I can not login to my ftp account through filezilla.

    I tried to restart vsftpd (SSH):

    Code:
    login as: root
    root@torrentz.lv's password:
    Last login: Tue Jan 29 04:20:10 2008 from balticom-13-41.balticom.lv
    
    Could not connect to database
    Linux server1.torrentz2.oo.lv 2.6.22-14-generic #1 SMP Tue Dec 18 08:02:57 UTC 2                                          007 i686
    
    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.
    root@server1:~# /etc/rc.d/init.d/ispconfig_tcpserver restart
    -bash: /etc/rc.d/init.d/ispconfig_tcpserver: No such file or directory
    root@server1:~# /etc/init.d/ispconfig_tcpserver restart
    Stopping ispconfig_tcpserver
    Starting ispconfig_tcpserver/home/admispconfig/ispconfig/tools/tcpserver/ispconf                                          ig_tcpserver: relocation error: /home/admispconfig/ispconfig/tools/tcpserver/isp                                          config_tcpserver: symbol errno, version GLIBC_2.0 not defined in file libc.so.6                                           with link time reference
    /home/admispconfig/ispconfig/tools/tcpserver/ispconfig_tcpserver: relocation err                                          or: /home/admispconfig/ispconfig/tools/tcpserver/ispconfig_tcpserver: symbol err                                          no, version GLIBC_2.0 not defined in file libc.so.6 with link time reference
    
     
  5. falko

    falko Super Moderator

    Please enable
    Code:
    local_umask=022
    in vsftpd.conf and restart vsftpd.conf.
    What's the output of
    Code:
    netstat -tap
    and
    Code:
    iptables -L
    ?
     
  6. malinens

    malinens New Member

    Code:
    Proto Recv-Q Send-Q Local Address Foreign Address State       PID/Program name
    tcp        0      0 *:63392                 *:*                     LISTEN     29683/LFS.exe
    tcp        0      0 *:nfs                   *:*                     LISTEN     -
    tcp        0      0 *:55938                 *:*                     LISTEN     -
    tcp        0      0 *:42118                 *:*                     LISTEN     5500/rpc.mountd
    tcp        0      0 *:mysql                 *:*                     LISTEN     5096/mysqld
    tcp        0      0 *:netbios-ssn           *:*                     LISTEN     5621/smbd
    tcp        0      0 *:sunrpc                *:*                     LISTEN     4283/portmap
    tcp        0      0 *:www                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz2.o:www 212.0.129.65:27674      SYN_RECV   -
    tcp        0      0 *:webmin                *:*                     LISTEN     6663/perl
    tcp        0      0 *:81                    *:*                     LISTEN     -
    tcp        0      0 *:ftp                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz:domain *:*                     LISTEN     -
    tcp        0      0 server1.torrentz:domain *:*                     LISTEN     -
    tcp        0      0 localhost.locald:domain *:*                     LISTEN     -
    tcp        0      0 *:821                   *:*                     LISTEN     5733/rpc.rquotad
    tcp        0      0 *:46167                 *:*                     LISTEN     4302/rpc.statd
    tcp        0      0 *:3128                  *:*                     LISTEN     5982/(squid)
    tcp        0      0 localhost.lo:postgresql *:*                     LISTEN     5174/postgres
    tcp        0      0 *:smtp                  *:*                     LISTEN     28967/master
    tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     -
    tcp        0      0 *:https                 *:*                     LISTEN     -
    tcp        0      0 *:microsoft-ds          *:*                     LISTEN     5621/smbd
    

    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    When I am trying to connect to my serveri with filezilla (from Windows XP):

    Code:
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER root
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	530 Login incorrect.
    Kluda:	Nevar savienoties ar serveri (could not connect to server)
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER juris
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	[U][B]Could not connect to database[/B][/U]
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER juris
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Kluda:	Savienosanas meginajumu partraucis lietotajs
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER juris
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER juris
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER juris
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER web1_admin
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	[B][U]Could not connect to database[/U][/B]
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER web1_admin
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Gaida, lai atkartotu...
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER web1_admin
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	Could not connect to database
    Kluda:	Nevar savienoties ar serveri
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER root
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	530 Login incorrect.
    Kluda:	Nevar savienoties ar serveri
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER root
    Atbilde:	331 Please specify the password.
    Komanda:	PASS *******
    Atbilde:	530 Login incorrect.
    Kluda:	Nevar savienoties ar serveri
    Status:	Nosaka IP adresi my-domain.com
    Status:	Savienojas ar MY-IP:21...
    Status:	Nodibinats savienojums, gaida sagaidisanas zinojumu...
    Atbilde:	220 (vsFTPd 2.0.5)
    Komanda:	USER root
    Atbilde:	331 Please specify the password.
    Komanda:	PASS ********
    Atbilde:	530 Login incorrect.
    Kluda:	Nevar savienoties ar serveri
     
    Last edited: Jan 30, 2008
  7. malinens

    malinens New Member

    I have reinstalled vsftpd and enabled local_umask=022 and it works!
    thank you very much :)
     
  8. malinens

    malinens New Member

    When I am using net2ftp.com, I can login and all files and folders are correct (chmod 744 and 644).
    I still can not login using filezilla. Filezilla error: could not connect to database.
     
  9. malinens

    malinens New Member

    I have this problem when I am trying to connect using SSH, too:
    Could not connect to database :eek:
     
  10. falko

    falko Super Moderator

    Any errors in your logs? Which distribution are you using?
     
  11. malinens

    malinens New Member

    os: Ubuntu 7.10 desktop edition
    I always get error FAIL LOGIN. I have OK LOGIN when I am connecting to server using net2ftp.com (with the same hostname, login, password)
     
  12. malinens

    malinens New Member

    I gave up with vsftpd.
    Im am trying proftpd now:

    proftpd log:
    Code:
    Jan 12 05:10:18 juris-desktop proftpd[19681] juris-desktop: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) standalone mode STARTUP
    Jan 12 05:10:23 juris-desktop proftpd[19681] juris-desktop: ProFTPD killed (signal 15)
    Jan 12 05:10:23 juris-desktop proftpd[19681] juris-desktop: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Jan 31 22:52:11 server1.torrentz2.oo.lv proftpd[3424] server1.torrentz2.oo.lv: Failed binding to ::, port 21: Address already in use
    Jan 31 22:52:11 server1.torrentz2.oo.lv proftpd[3424] server1.torrentz2.oo.lv: Check the ServerType directive to ensure you are configured correctly.
    Jan 31 23:04:17 server1.torrentz2.oo.lv proftpd[3615] localhost.localdomain: Failed binding to 0.0.0.0, port 21: Address already in use
    Jan 31 23:04:17 server1.torrentz2.oo.lv proftpd[3615] localhost.localdomain: Check the ServerType directive to ensure you are configured correctly.
    
    

    All I want is to create ftp server with one username to edit all directories and files in /var/www, I don't want nothing more :(
     
    Last edited: Jan 31, 2008
  13. falko

    falko Super Moderator

    What's the output of
    Code:
    netstat -tap
    ? What's in /etc/proftpd.conf?
     
  14. malinens

    malinens New Member

    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 *:63392                 *:*                     LISTEN     -
    tcp        0      0 *:nfs                   *:*                     LISTEN     -
    tcp        0      0 *:55938                 *:*                     LISTEN     -
    tcp        0      0 *:42118                 *:*                     LISTEN     5500/rpc.mountd
    tcp        0      0 *:mysql                 *:*                     LISTEN     5096/mysqld
    tcp        0      0 *:netbios-ssn           *:*                     LISTEN     5621/smbd
    tcp        0      0 *:5901                  *:*                     LISTEN     -
    tcp        0      0 *:sunrpc                *:*                     LISTEN     4283/portmap
    tcp        0      0 *:www                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz2.o:www 202.56.4.106:47604      SYN_RECV   -
    tcp        0      0 *:webmin                *:*                     LISTEN     6663/perl
    tcp        0      0 *:x11-1                 *:*                     LISTEN     -
    tcp        0      0 *:81                    *:*                     LISTEN     -
    tcp        0      0 *:ftp                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz:domain *:*                     LISTEN     -
    tcp        0      0 localhost.locald:domain *:*                     LISTEN     -
    tcp        0      0 *:821                   *:*                     LISTEN     5733/rpc.rquotad
    tcp        0      0 *:46167                 *:*                     LISTEN     4302/rpc.statd
    tcp        0      0 *:3128                  *:*                     LISTEN     5982/(squid)
    tcp        0      0 localhost.lo:postgresql *:*                     LISTEN     5174/postgres
    tcp        0      0 *:smtp                  *:*                     LISTEN     -
    tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     -
    tcp        0      0 *:https                 *:*                     LISTEN     -
    tcp        0      0 *:microsoft-ds          *:*                     LISTEN     5621/smbd
    tcp        0      0 server1.torrentz2.o:www 83.136.142.126:2839     TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:ftp balticom-13-41.bal:4215 TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 202.93.36.89:14906      TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www gw.lnt.lv:52864         TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 203.145.134.213:45186   TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www gw.lnt.lv:52865         TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 210.212.163.60:11911    TIME_WAIT  -
    tcp        0      1 server1.torrentz2.o:www 212.93.97.132:17770     FIN_WAIT1  -
    tcp        0      0 server1.torrentz2.o:ftp balticom-13-41.bal:4216 TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www cache1.simpur.net:49040 TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 87.110.157.225:2240     TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 203.145.134.213:48409   TIME_WAIT  -
    tcp        0    532 server1.torrentz2.o:www 202.93.36.89:37904      LAST_ACK   -


    I have default proftpd.conf (only changed ipv6 to OFF)

    When I am trying to connect to server I have this error:
    500 FTP server shut down (Mon Jan 14 16:35:03 2008 , Current connections will be dropped: Mon Jan 14 16:25:03 2008) -- please try again later


    my proftpd.log:
    Code:
    Jan 12 05:10:18 juris-desktop proftpd[19681] juris-desktop: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) standalone mode STAR$
    Jan 12 05:10:23 juris-desktop proftpd[19681] juris-desktop: ProFTPD killed (signal 15)
    Jan 12 05:10:23 juris-desktop proftpd[19681] juris-desktop: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Jan 31 22:52:11 server1.torrentz2.oo.lv proftpd[3424] server1.torrentz2.oo.lv: Failed binding to ::, port 21: Address already in use
    Jan 31 22:52:11 server1.torrentz2.oo.lv proftpd[3424] server1.torrentz2.oo.lv: Check the ServerType directive to ensure you are configured c$
    Jan 31 23:04:17 server1.torrentz2.oo.lv proftpd[3615] localhost.localdomain: Failed binding to 0.0.0.0, port 21: Address already in use
    Jan 31 23:04:17 server1.torrentz2.oo.lv proftpd[3615] localhost.localdomain: Check the ServerType directive to ensure you are configured cor$
    Jan 31 23:36:10 server1.torrentz2.oo.lv proftpd[4134] localhost.localdomain: Failed binding to 0.0.0.0, port 21: Address already in use
    Jan 31 23:36:10 server1.torrentz2.oo.lv proftpd[4134] localhost.localdomain: Check the ServerType directive to ensure you are configured cor$
    Feb 01 18:09:59 server1.torrentz2.oo.lv proftpd[16554] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:09:59 server1.torrentz2.oo.lv proftpd[16554] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:10:30 server1.torrentz2.oo.lv proftpd[16574] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:12:07 server1.torrentz2.oo.lv proftpd[16554] localhost.localdomain: ProFTPD killed (signal 15)
    Feb 01 18:12:07 server1.torrentz2.oo.lv proftpd[16554] localhost.localdomain: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Feb 01 18:12:58 server1.torrentz2.oo.lv proftpd[16821] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:12:58 server1.torrentz2.oo.lv proftpd[16821] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:18:46 server1.torrentz2.oo.lv proftpd[16821] localhost.localdomain: ProFTPD killed (signal 15)
    Feb 01 18:18:46 server1.torrentz2.oo.lv proftpd[16821] localhost.localdomain: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Feb 01 18:18:50 server1.torrentz2.oo.lv proftpd[17240] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:18:50 server1.torrentz2.oo.lv proftpd[17240] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:20:06 server1.torrentz2.oo.lv proftpd[17240] localhost.localdomain: ProFTPD killed (signal 15)
    Feb 01 18:20:06 server1.torrentz2.oo.lv proftpd[17240] localhost.localdomain: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Feb 01 18:33:16 server1.torrentz2.oo.lv proftpd[18028] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:33:16 server1.torrentz2.oo.lv proftpd[18028] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:35:25 server1.torrentz2.oo.lv proftpd[18028] localhost.localdomain: ProFTPD killed (signal 15)
    Feb 01 18:35:25 server1.torrentz2.oo.lv proftpd[18028] localhost.localdomain: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Feb 01 18:35:27 server1.torrentz2.oo.lv proftpd[18102] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:35:27 server1.torrentz2.oo.lv proftpd[18102] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:36:25 server1.torrentz2.oo.lv proftpd[18142] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:36:27 server1.torrentz2.oo.lv proftpd[18147] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:36:32 server1.torrentz2.oo.lv proftpd[18167] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:36:34 server1.torrentz2.oo.lv proftpd[18171] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:38:31 server1.torrentz2.oo.lv proftpd[18102] localhost.localdomain: ProFTPD killed (signal 15)
    Feb 01 18:38:31 server1.torrentz2.oo.lv proftpd[18102] localhost.localdomain: ProFTPD 1.3.0 standalone mode SHUTDOWN
    Feb 01 18:38:31 server1.torrentz2.oo.lv proftpd[18439] localhost.localdomain: ProFTPD 1.3.0 (stable) (built Fri Jun 15 12:52:16 GMT 2007) st$
    Feb 01 18:38:31 server1.torrentz2.oo.lv proftpd[18439] localhost.localdomain: /etc/shutmsg present: all incoming connections will be refused.
    Feb 01 18:38:44 server1.torrentz2.oo.lv proftpd[18448] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:38:56 server1.torrentz2.oo.lv proftpd[18473] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:38:58 server1.torrentz2.oo.lv proftpd[18476] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:39:14 server1.torrentz2.oo.lv proftpd[18579] localhost.localdomain (localhost.localdomain[127.0.0.1]): connection refused (Mon Jan$
    Feb 01 18:39:27 server1.torrentz2.oo.lv proftpd[18583] localhost.localdomain (balticom-13-41.balticom.lv[77.93.13.41]): connection refused ($
    Feb 01 18:39:34 server1.torrentz2.oo.lv proftpd[18584] localhost.localdomain (balticom-13-41.balticom.lv[77.93.13.41]): connection refused ($
    Feb 01 18:46:30 server1.torrentz2.oo.lv proftpd[18914] localhost.localdomain (1-1-1-2a.far.sth.bostream.se[82.182.32.4]): connection refused$
    
     
    Last edited: Feb 1, 2008
  15. falko

    falko Super Moderator

    Port 21 is still in use. Have you tried to reboot the system?
     
  16. malinens

    malinens New Member

    I have vsftpd again now :)
    I have this problem with chmod- when I upload files and folders, chmod for all uploaded folders are 770 and for all uploaded files 660 and I need manually to change CHMOD. How can I fix it?
    vsftpd:
    netstat -tap | grep ftp

    Code:
    tcp        0      0 *:ftp                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz2.o:ftp 89.254.130.118:1442     ESTABLISHED-
    tcp        0      0 server1.torrentz2.o:ftp 89.254.130.118:1442     ESTABLISHED-

    netstat -tap
    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 *:63392                 *:*                     LISTEN     -
    tcp        0      0 *:20000                 *:*                     LISTEN     -
    tcp        0      0 *:nfs                   *:*                     LISTEN     -
    tcp        0      0 *:55938                 *:*                     LISTEN     -
    tcp        0      0 *:42118                 *:*                     LISTEN     5500/rpc.mountd
    tcp        0      0 server1.torrentz2:27015 *:*                     LISTEN     -
    tcp        0      0 *:mysql                 *:*                     LISTEN     5096/mysqld
    tcp        0      0 *:netbios-ssn           *:*                     LISTEN     5621/smbd
    tcp        0      0 *:5901                  *:*                     LISTEN     -
    tcp        0      0 *:sunrpc                *:*                     LISTEN     4283/portmap
    tcp        0      0 *:www                   *:*                     LISTEN     -
    tcp        0      0 server1.torrentz2.o:www infoginimp-wd08.w:39479 SYN_RECV   -
    tcp        0      0 server1.torrentz2.o:www 213.158.194.228:4096    SYN_RECV   -
    tcp        0      0 *:webmin                *:*                     LISTEN     6663/perl
    tcp        0      0 *:81                    *:*                     LISTEN     -
    tcp        0      0 *:x11-1                 *:*                     LISTEN     -
    tcp        0      0 server1.torrentz:domain *:*                     LISTEN     -
    tcp        0      0 localhost.locald:domain *:*                     LISTEN     -
    tcp        0      0 *:ftp                   *:*                     LISTEN     -
    tcp        0      0 *:821                   *:*                     LISTEN     5733/rpc.rquotad
    tcp        0      0 *:46167                 *:*                     LISTEN     4302/rpc.statd
    tcp        0      0 *:3128                  *:*                     LISTEN     5982/(squid)
    tcp        0      0 localhost.lo:postgresql *:*                     LISTEN     5174/postgres
    tcp        0      0 *:smtp                  *:*                     LISTEN     -
    tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     -
    tcp        0      0 *:https                 *:*                     LISTEN     -
    tcp        0      0 *:microsoft-ds          *:*                     LISTEN     5621/smbd
    tcp        0      1 server1.torrentz2.o:www 213.158.194.228:6684    FIN_WAIT1  -
    tcp        0      0 server1.torrentz2.o:www server1.torrentz2:33496 TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www server1.torrentz2:33467 TIME_WAIT  -
    tcp        0      1 server1.torrentz2.o:www apn-77-112-37-6.g:16937 FIN_WAIT1  -
    tcp        0      0 server1.torrentz2.o:www multi.gnt.lv:1097       TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www 125.18.239.135:41421    TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www courage.london.02:35621 TIME_WAIT  -
    tcp       22      0 server1.torrentz2:27015 server1.torrentz2:36123 CLOSE_WAIT -
    tcp        0      0 server1.torrentz2.o:www 213.158.194.228:20913   FIN_WAIT2  -
    tcp        0      0 server1.torrentz2.o:www 202.91.18.245:54264     TIME_WAIT  -
    tcp        0      0 server1.torrentz2.o:www vc-196-207-33-198:32138 ESTABLISHED-
    tcp        0      0 server1.torrentz2.o:www vc-196-207-32-38.:24289 TIME_WAIT  -
    




    vsftpd.conf:

    Code:
    ftp_username=root
    #
    # The default compiled in settings are fairly paranoid. This sample file
    # loosens things up a bit, to make the ftp daemon more usable.
    # Please see vsftpd.conf.5 for all compiled in defaults.
    #
    # READ THIS: This example file is NOT an exhaustive list of vsftpd options.
    # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
    # capabilities.
    #
    #
    # Run standalone?  vsftpd can run either from an inetd or as a standalone
    # daemon started from an initscript.
    listen=YES
    #
    # Run standalone with IPv6?
    # Like the listen parameter, except vsftpd will listen on an IPv6 socket
    # instead of an IPv4 one. This parameter and the listen parameter are mutually
    # exclusive.
    listen_ipv6=NO
    #
    # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
    anonymous_enable=NO
    #
    # Uncomment this to allow local users to log in.
    local_enable=YES
    #
    # Uncomment this to enable any form of FTP write command.
    write_enable=YES
    #
    # Default umask for local users is 077. You may wish to change this to 022,
    # if your users expect that (022 is used by most other ftpd's)
    local_umask=078
    #
    # Uncomment this to allow the anonymous FTP user to upload files. This only
    # has an effect if the above global write enable is activated. Also, you will
    # obviously need to create a directory writable by the FTP user.
    #anon_upload_enable=YES
    #
    # Uncomment this if you want the anonymous FTP user to be able to create
    # new directories.
    #anon_mkdir_write_enable=YES
    #
    # Activate directory messages - messages given to remote users when they
    # go into a certain directory.
    dirmessage_enable=YES
    #
    # Activate logging of uploads/downloads.
    xferlog_enable=YES
    #
    # Make sure PORT transfer connections originate from port 20 (ftp-data).
    connect_from_port_20=YES
    #
    # If you want, you can arrange for uploaded anonymous files to be owned by
    # a different user. Note! Using "root" for uploaded files is not
    # recommended!
    #chown_uploads=YES
    #chown_username=whoever
    #
    # You may override where the log file goes if you like. The default is shown
    # below.
    #xferlog_file=/var/log/vsftpd.log
    #
    # If you want, you can have your log file in standard ftpd xferlog format
    #xferlog_std_format=YES
    #
    # You may change the default value for timing out an idle session.
    idle_session_timeout=600
    #
    # You may change the default value for timing out a data connection.
    data_connection_timeout=120
    #
    # It is recommended that you define on your system a unique user which the
    # ftp server can use as a totally isolated and unprivileged user.
    #nopriv_user=ftpsecure
    #
    # Enable this and the server will recognise asynchronous ABOR requests. Not
    # recommended for security (the code is non-trivial). Not enabling it,
    # however, may confuse older FTP clients.
    #async_abor_enable=YES
    #
    # By default the server will pretend to allow ASCII mode but in fact ignore
    # the request. Turn on the below options to have the server actually do ASCII
    # mangling on files when in ASCII mode.
    # Beware that on some FTP servers, ASCII support allows a denial of service
    # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
    # predicted this attack and has always been safe, reporting the size of the
    # raw file.
    # ASCII mangling is a horrible feature of the protocol.
    #ascii_upload_enable=YES
    #ascii_download_enable=YES
    #
    # You may fully customise the login banner string:
    ftpd_banner=Welcome to torrentz.lv FTP service.
    #
    # You may specify a file of disallowed anonymous e-mail addresses. Apparently
    # useful for combatting certain DoS attacks.
    deny_email_enable=NO
    # (default follows)
    #banned_email_file=/etc/vsftpd.banned_emails
    #
    # You may restrict local users to their home directories.  See the FAQ for
    # the possible risks in this before using chroot_local_user or
    # chroot_list_enable below.
    #chroot_local_user=YES
    #
    # You may specify an explicit list of local users to chroot() to their home
    chroot_local_user=NO
    # users to NOT chroot().
    chroot_list_enable=NO
    # (default follows)
    #chroot_list_file=/etc/vsftpd.chroot_list
    #
    # You may activate the "-R" option to the builtin ls. This is disabled by
    # default to avoid remote users being able to cause excessive I/O on large
    # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
    # the presence of the "-R" option, so there is a strong case for enabling it.
    #ls_recurse_enable=YES
    #
    #
    # Debian customization
    #
    # Some of vsftpd's settings don't fit the Debian filesystem layout by
    # default.  These settings are more Debian-friendly.
    #
    # This option should be the name of a directory which is empty.  Also, the
    # directory should not be writable by the ftp user. This directory is used
    # as a secure chroot() jail at times vsftpd does not require filesystem
    # access.
    secure_chroot_dir=/var/run/vsftpd
    #
    # This string is the name of the PAM service vsftpd will use.
    pam_service_name=vsftpd
    #
    # This option specifies the location of the RSA certificate to use for SSL
    # encrypted connections.
    rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
    # This option specifies the location of the RSA key to use for SSL
    # encrypted connections.
    rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
    force_dot_files=NO
    #hide_file=
    #anon_max_rate=
    #local_max_rate=
    

    why I have vsftpd_127.0.0.1.conf and vsftpd_MY_EXTERNAL_IP.conf?


    my /etc/hosts:
    Code:
    127.0.0.1 localhost.localdomain localhost
    193.46.236.141 server1.torrentz2.oo.lv server1
    
    # The following lines are desirable for IPv6 capable hosts
    ::1     ip6-localhost ip6-loopback server1.torrentz2.oo.lv
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    

    When I try to CHMOD using PHP, I have error: permission denied (this file can be 644, 777, 660 but always the same error...)
     
    Last edited: Feb 25, 2008
  17. falko

    falko Super Moderator

    Please set
    Code:
    local_umask=022
    in your vsftpd.conf. I'd also set
    Code:
    chroot_local_user=YES
    because otherwise FTP users can browse all directories on the server.
     
  18. malinens

    malinens New Member

    Problem solved :)
    Thank you, falko!
    You are the best!
     

Share This Page