[solved] Cant add ftp users to a domain - francodacosta - 03-27-2009 05:40 AM
I'm having some problems setting up ftp accounts for a domain
I can see the users created on the database, but they can not login
I get an "No such user found." on proftpd debug
Can some one help me figuring this out ?
thanks
proftpd debug
Code:
stamina-hosting.com (127.0.0.1[127.0.0.1]) - AuthOrder in effect, resetting auth module order
stamina-hosting.com (127.0.0.1[127.0.0.1]) - connected - local : 127.0.0.1:21
stamina-hosting.com (127.0.0.1[127.0.0.1]) - connected - remote : 127.0.0.1:33719
stamina-hosting.com (127.0.0.1[127.0.0.1]) - FTP session opened.
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH GSSAPI' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'AUTH GSSAPI' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'AUTH GSSAPI' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH GSSAPI' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH GSSAPI' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'AUTH KERBEROS_V4' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'AUTH KERBEROS_V4' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'AUTH KERBEROS_V4' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH KERBEROS_V4' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'AUTH KERBEROS_V4' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'USER teste@auto-usados.com' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'USER teste@auto-usados.com' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'USER teste@auto-usados.com' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'USER teste@auto-usados.com' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'USER teste@auto-usados.com' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'USER teste@auto-usados.com' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - USER teste@auto-usados.com (Login failed): No such user found.
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_tls
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching PRE_CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching CMD command 'SYST' to mod_core
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching POST_CMD command 'SYST' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'SYST' to mod_sql
stamina-hosting.com (127.0.0.1[127.0.0.1]) - dispatching LOG_CMD command 'SYST' to mod_log
proftpd sql log
Code:
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> sql_pre_pass
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_getgroups
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for user 'teste@auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering mysql cmd_escapestring
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 4
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting mysql cmd_escapestring
Mar 26 19:34:32 mod_sql/4.2.2[4477]: : entering mysql cmd_select
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 5
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting mysql cmd_open
Mar 26 19:34:32 mod_sql/4.2.2[4477]: query "SELECT groupname, gid, members FROM ftp_group WHERE (members = 'teste@auto-usados.com' OR members LIKE 'teste@auto-usados.com,%' OR members LIKE '%,teste@auto-usados.com' OR members LIKE '%,teste@auto-usados.com,%')"
Mar 26 19:34:32 mod_sql/4.2.2[4477]: entering mysql cmd_close
Mar 26 19:34:32 mod_sql/4.2.2[4477]: connection 'default' count is now 4
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting mysql cmd_close
Mar 26 19:34:32 mod_sql/4.2.2[4477]: exiting mysql cmd_select
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_getgroups
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< sql_pre_pass
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_endpwent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_endpwent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_endgrent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_endgrent
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_getpwnam
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for user 'teste@auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_getpwnam
Mar 26 19:34:32 mod_sql/4.2.2[4477]: >>> cmd_gid2name
Mar 26 19:34:32 mod_sql/4.2.2[4477]: cache hit for group 'auto-usados.com'
Mar 26 19:34:32 mod_sql/4.2.2[4477]: <<< cmd_gid2name
Mar 26 19:36:11 mod_sql/4.2.2[4477]: entering mysql cmd_exit
Mar 26 19:36:11 mod_sql/4.2.2[4477]: entering mysql cmd_close
Mar 26 19:36:11 mod_sql/4.2.2[4477]: connection 'default' closed
Mar 26 19:36:11 mod_sql/4.2.2[4477]: connection 'default' count is now 0
Mar 26 19:36:11 mod_sql/4.2.2[4477]: exiting mysql cmd_close
Mar 26 19:36:11 mod_sql/4.2.2[4477]: exiting mysql cmd_exit
proftpd.conf
Code:
# ispCP Ï (OMEGA) a Virtual Hosting Control System
#
# @copyright 2001-2006 by moleSoftware GmbH
# @copyright 2006-2008 by ispCP | http://isp-control.net
# @version SVN: $Id$
# @link http://isp-control.net
# @author ispCP Team
#
# @license
# This program is free software; you can redistribute it and/or modify it under
# the terms of the MPL General Public License as published by the Free Software
# Foundation; either version 1.1 of the License, or (at your option) any later
# version.
# You should have received a copy of the MPL Mozilla Public License along with
# this program; if not, write to the Open Source Initiative (OSI)
# http://opensource.org | osi@opensource.org
#
################################################################################
<IfModule mod_dso.c>
LoadModule mod_sql.c
LoadModule mod_sql_mysql.c
LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c
LoadModule mod_quotatab_sql.c
</IfModule>
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off
ServerName "ftp.stamina-hosting.com"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
AllowOverwrite on
UseReverseDNS off
IdentLookups off
AllowStoreRestart on
AllowForeignAddress on
LogFormat traff "%b %u"
TimeoutLogin 120
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
#DisplayFirstChdir message
ListOptions "-l"
#LsDefaultOptions "-l"
DenyFilter \*.*/
DefaultRoot ~
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd off
# Port 21 is the standard FTP port.
Port 21
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
#PassivePorts 49152 65534
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User nobody
Group nobody
# Normally, we want files to be overwriteable.
<Directory /*>
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
HideNoAccess on
</Directory>
<Limit ALL>
IgnoreHidden on
</Limit>
# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
# UseSendFile off
<Global>
RootLogin off
TransferLog /var/log/proftpd/xferlog
ExtendedLog /var/log/proftpd/ftp_traff.log read,write traff
PathDenyFilter "\.quota$"
</Global>
#
# SSL via TLS
#
#<IfModule mod_tls.c>
# TLSEngine off # on for use of TLS
# TLSLog /var/log/proftpd/ftp_ssl.log # where to log to
# TLSProtocol SSLv23 # SSLv23 or TLSv1
# TLSOptions NoCertRequest # either to request the certificate or not
# TLSRSACertificateFile /etc/proftpd/ssl.crt # SSL certfile
# TLSRSACertificateKeyFile /etc/proftpd/ssl.key # SSL keyfile
# TLSVerifyClient off # client verification
#</IfModule>
#
# ISPCP Quota management;
#
<IfModule mod_quotatab.c>
QuotaEngine on
QuotaShowQuotas on
QuotaDisplayUnits Mb
SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
QuotaLock /var/run/proftpd/tally.lock
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
</IfModule>
<IfModule mod_ratio.c>
Ratios on
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>
# Use pam to authenticate (default) and be authoritative
AuthPAMConfig proftpd
AuthOrder mod_sql.c mod_auth_pam.c* mod_auth_unix.c
# ispCP SQL Managment
SQLBackend mysql
SQLAuthTypes Crypt
SQLAuthenticate on
SQLConnectInfo ispcp@localhost vftp password
SQLUserInfo ftp_users userid passwd uid gid homedir shell
SQLGroupInfo ftp_group groupname gid members
SQLMinUserUID 2000
SQLMinUserGID 2000
SQLLOGFILE /var/log/proftpd.sql.log
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayFirstChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>
Include /etc/proftpd/ispcp/*
RE: [solved] Cant add ftp users to a domain - francodacosta - 03-27-2009 10:24 AM
Solved!!!
The default configuration was using PAM to authenticate logins so I disabled PAM
<IfModule mod_auth_pam.c>
AuthPAM off
</IfModule>
RE: [solved] Cant add ftp users to a domain - dirckx - 03-30-2009 08:17 AM
i think i have this problem 2
i can only login on the server via member (root) accounts of linux
when i try login via a account that i have made i get a 530 error
can some one exactly say where to edit the files and/or what files to get this working?
Thankyou
|