ispCP - Board - Support
[solved] Cant add ftp users to a domain - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: [solved] Cant add ftp users to a domain (/thread-6212.html)



[solved] Cant add ftp users to a domain - francodacosta - 03-27-2009 05:40 AM

I'm having some problems setting up ftp accounts for a domain

I can see the users created on the database, but they can not login

I get an "No such user found." on proftpd debug


Can some one help me figuring this out ?

thanks


proftpd debug
Code:
stamina-hosting.com (127.0.0.1[127.0.0.1]) - AuthOrder in effect, resetting auth module order
stamina-hosting.com (127.0.0.1[127.0.0.1]) - connected - local  : 127.0.0.1:21
stamina-hosting.com (127.0.0.1[127.0.0.1]) - connected - remote : 127.0.0.1:33719
stamina-hosting.com (127.0.0.1[127.0.0.1]) - FTP session opened.
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'AUTH GSSAPI' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'AUTH GSSAPI' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH GSSAPI' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH GSSAPI' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'AUTH KERBEROS_V4' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'AUTH KERBEROS_V4' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH KERBEROS_V4' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH KERBEROS_V4' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'USER teste@auto-usados.com' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'USER teste@auto-usados.com' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'USER teste@auto-usados.com' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'USER teste@auto-usados.com' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'USER teste@auto-usados.com' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - USER teste@auto-usados.com (Login failed): No such user found.
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'SYST' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'SYST' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'SYST' to mod_log

proftpd sql log
Code:
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> sql_pre_pass
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_getgroups
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for user 'teste@auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering   mysql cmd_escapestring
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering   mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 4
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting    mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting    mysql cmd_escapestring
Mar 26 19:34:32 mod_sql/4.2.2[4477]: : entering         mysql cmd_select
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering   mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 5
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting    mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: query "SELECT groupname, gid, members FROM ftp_group WHERE (members = 'teste@auto-usados.com' OR members LIKE 'teste@auto-usados.com,%' OR members LIKE '%,teste@auto-usados.com' OR members LIKE '%,teste@auto-usados.com,%')"
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering   mysql cmd_close
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 4
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting    mysql cmd_close
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting    mysql cmd_select
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_getgroups
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< sql_pre_pass
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_endpwent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_endpwent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_endgrent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_endgrent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_getpwnam
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for user 'teste@auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_getpwnam
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_gid2name
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_gid2name
Mar 26 19:36:11 mod_sql/4.2.2[4477]: entering   mysql cmd_exit
Mar 26 19:36:11 mod_sql/4.2.2[4477]: entering   mysql cmd_close
Mar 26 19:36:11 mod_sql/4.2.2[4477]: connection 'default' closed
Mar 26 19:36:11 mod_sql/4.2.2[4477]: connection 'default' count is now 0
Mar 26 19:36:11 mod_sql/4.2.2[4477]: exiting    mysql cmd_close
Mar 26 19:36:11 mod_sql/4.2.2[4477]: exiting    mysql cmd_exit

proftpd.conf
Code:
# ispCP Ï (OMEGA) a Virtual Hosting Control System
#
# @copyright    2001-2006 by moleSoftware GmbH
# @copyright    2006-2008 by ispCP | http://isp-control.net
# @version              SVN: $Id$
# @link                 http://isp-control.net
# @author               ispCP Team
#
# @license
#   This program is free software; you can redistribute it and/or modify it under
#   the terms of the MPL General Public License as published by the Free Software
#   Foundation; either version 1.1 of the License, or (at your option) any later
#   version.
#   You should have received a copy of the MPL Mozilla Public License along with
#   this program; if not, write to the Open Source Initiative (OSI)
#   http://opensource.org | osi@opensource.org
#
################################################################################​

<IfModule mod_dso.c>
  LoadModule mod_sql.c
  LoadModule mod_sql_mysql.c
  LoadModule mod_quotatab.c
  LoadModule mod_quotatab_file.c
  LoadModule mod_quotatab_sql.c
</IfModule>

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6                    off

ServerName                 "ftp.stamina-hosting.com"
ServerType                 standalone
DeferWelcome               off

MultilineRFC2228           on
DefaultServer              on
ShowSymlinks               on

AllowOverwrite             on
UseReverseDNS              off
IdentLookups               off
AllowStoreRestart          on
AllowForeignAddress        on

LogFormat                  traff "%b %u"

TimeoutLogin               120
TimeoutNoTransfer          600
TimeoutStalled             600
TimeoutIdle                1200

DisplayLogin               welcome.msg
#DisplayFirstChdir          message

ListOptions                "-l"
#LsDefaultOptions           "-l"

DenyFilter                 \*.*/

DefaultRoot                ~

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd         off

# Port 21 is the standard FTP port.
Port                       21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
#PassivePorts               49152 65534

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances               30

# Set the user and group that the server normally runs at.
User                       nobody
Group                      nobody

# Normally, we want files to be overwriteable.

<Directory /*>
  # Umask 022 is a good standard umask to prevent new files and dirs
  # (second parm) from being group and world writable.
  Umask                    022  022
  # Normally, we want files to be overwriteable.
  AllowOverwrite           on
  HideNoAccess             on
</Directory>

<Limit ALL>
  IgnoreHidden             on
</Limit>

# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile               off

<Global>
  RootLogin                off
  TransferLog              /var/log/proftpd/xferlog
  ExtendedLog              /var/log/proftpd/ftp_traff.log read,write traff
  PathDenyFilter           "\.quota$"
</Global>

#
# SSL via TLS
#
#<IfModule mod_tls.c>
#  TLSEngine                off                           # on for use of TLS
#  TLSLog                   /var/log/proftpd/ftp_ssl.log  # where to log to
#  TLSProtocol              SSLv23                        # SSLv23 or TLSv1
#  TLSOptions               NoCertRequest                 # either to request the certificate or not
#  TLSRSACertificateFile    /etc/proftpd/ssl.crt          # SSL certfile
#  TLSRSACertificateKeyFile /etc/proftpd/ssl.key          # SSL keyfile
#  TLSVerifyClient          off                           # client verification
#</IfModule>

#
# ISPCP Quota management;
#
<IfModule mod_quotatab.c>
  QuotaEngine              on
  QuotaShowQuotas          on
  QuotaDisplayUnits        Mb

  SQLNamedQuery            get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
  SQLNamedQuery            get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
  SQLNamedQuery            update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
  SQLNamedQuery            insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies

  QuotaLock                /var/run/proftpd/tally.lock
  QuotaLimitTable          sql:/get-quota-limit
  QuotaTallyTable          sql:/get-quota-tally/update-quota-tally/insert-quota-tally
</IfModule>

<IfModule mod_ratio.c>
  Ratios                   on
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
  DelayEngine              on
</IfModule>

<IfModule mod_ctrls.c>
  ControlsEngine           on
  ControlsMaxClients       2
  ControlsLog              /var/log/proftpd/controls.log
  ControlsInterval         5
  ControlsSocket           /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
  AdminControlsEngine      on
</IfModule>

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig              proftpd
AuthOrder                  mod_sql.c mod_auth_pam.c* mod_auth_unix.c

# ispCP SQL Managment
SQLBackend                 mysql
SQLAuthTypes               Crypt
SQLAuthenticate            on
SQLConnectInfo             ispcp@localhost vftp password
SQLUserInfo                ftp_users userid passwd uid gid homedir shell
SQLGroupInfo               ftp_group groupname gid members
SQLMinUserUID              2000
SQLMinUserGID              2000
SQLLOGFILE /var/log/proftpd.sql.log

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
#   User                   ftp
#   Group                  nogroup
#   # We want clients to be able to login with "anonymous" as well as "ftp"
#   UserAlias              anonymous ftp
#   # Cosmetic changes, all files belongs to ftp user
#   DirFakeUser            on ftp
#   DirFakeGroup           on ftp
#
#   RequireValidShell      off
#
#   # Limit the maximum number of anonymous logins
#   MaxClients             10
#
#   # We want 'welcome.msg' displayed at login, and '.message' displayed
#   # in each newly chdired directory.
#   DisplayLogin           welcome.msg
#   DisplayFirstChdir      .message
#
#   # Limit WRITE everywhere in the anonymous chroot
#   <Directory *>
#     <Limit WRITE>
#       DenyAll
#     </Limit>
#   </Directory>
#
#   # Uncomment this if you're brave.
#   # <Directory incoming>
#   #   # Umask 022 is a good standard umask to prevent new files and dirs
#   #   # (second parm) from being group and world writable.
#   #   Umask              022  022
#   #   <Limit READ WRITE>
#   #     DenyAll
#   #   </Limit>
#   #   <Limit STOR>
#   #     AllowAll
#   #   </Limit>
#   # </Directory>
#
# </Anonymous>
Include /etc/proftpd/ispcp/*



RE: [solved] Cant add ftp users to a domain - francodacosta - 03-27-2009 10:24 AM

Solved!!!

The default configuration was using PAM to authenticate logins so I disabled PAM

<IfModule mod_auth_pam.c>
AuthPAM off
</IfModule>


RE: [solved] Cant add ftp users to a domain - dirckx - 03-30-2009 08:17 AM

i think i have this problem 2

i can only login on the server via member (root) accounts of linux

when i try login via a account that i have made i get a 530 error

can some one exactly say where to edit the files and/or what files to get this working?

Thankyou