Jorge Bastos | 29 Aug 22:16 2014
Picon

Re: [Proftpd-user] Cannot create directories named "lib" on the root

Ok solved, configuration updated for newer versions J

 

Thanks.

 

From: Jorge Bastos [mailto:mysql.jorge <at> decimal.pt]
Sent: sexta-feira, 29 de Agosto de 2014 15:40
To: proftp-user <at> lists.sourceforge.net
Subject: Re: [Proftpd-user] Cannot create directories named "lib" on the root

 

Hi,

 

Hum understand..just don’t see the reason for virtual users (mysql db),

I’ll dig into this a bit more later tonight,

 

From: Maarten Broekman [mailto:maarten.broekman <at> endurance.com]
Sent: sexta-feira, 29 de Agosto de 2014 11:19
To: proftp-user <at> lists.sourceforge.net
Subject: Re: [Proftpd-user] Cannot create directories named "lib" on the root

 

If you turn off RLimitChroot (assuming you had it turned on), that will allow lib and etc to be created as directories.  I ran into the issue as well.  TJ pointed out the following bug that addresses it:  http://bugs.proftpd.org/show_bug.cgi?id=4018

 

--Maarten

 

On Fri, Aug 29, 2014 at 5:36 AM, Jorge Bastos <mysql.jorge <at> decimal.pt> wrote:

> On 2014-08-29 10:56, Jorge Bastos wrote:
> > Any idea?
>
> Directory permissions?

No.

Previous versions work as expected.


------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html



 

--

Maarten Broekman

Endurance International Group

vDeck Senior Linux Systems Administrator / PCI ISA

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Maarten Broekman | 29 Aug 12:18 2014

Re: [Proftpd-user] Cannot create directories named "lib" on the root

If you turn off RLimitChroot (assuming you had it turned on), that will allow lib and etc to be created as directories.  I ran into the issue as well.  TJ pointed out the following bug that addresses it:  http://bugs.proftpd.org/show_bug.cgi?id=4018

--Maarten


On Fri, Aug 29, 2014 at 5:36 AM, Jorge Bastos <mysql.jorge <at> decimal.pt> wrote:
> On 2014-08-29 10:56, Jorge Bastos wrote:
> > Any idea?
>
> Directory permissions?

No.

Previous versions work as expected.


------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html



--
Maarten Broekman
Endurance International Group
vDeck Senior Linux Systems Administrator / PCI ISA
------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Jorge Bastos | 29 Aug 10:56 2014
Picon

[Proftpd-user] Cannot create directories named "lib" on the root

Hi TJ,

 

I was testing 1.3.6-rc1, and cannot create on the root of the FTP directories named “lib”, get a:

 

Command:       MKD lib

Response:       550 lib: Permission denied

Command:       MKD /lib

Response:       550 /lib: Permission denied

 

I have nothing on proftpd.conf to block that.

Any idea?

 

Thanks in advanced,

Jorge Bastos

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
J. W. | 21 Aug 19:07 2014
Picon

[Proftpd-user] where to download?

http://www.proftpd.org/ shows that proftpd version 1.3.5 is available, but I cannot find where to download it. It's not on sourceforge or github. The info for CVS downloads says that it has the latest code and not necessarily a stable version. Is there a snapshot of the 1.3.5 code somewhere that I can download?
 
Thanks,
 
Joel
------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Hajo Locke | 20 Aug 15:56 2014
Picon
Picon

[Proftpd-user] mod_dnsbl local whitelist

Hello,

we use mod_dnsbl to block some hosts which trying to connect. But some 
of our servers should not block these IPs, although using same rbl-server.
Is there a possibility of a local whitelist?

Thanks,
Hajo

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

Ping Luo | 12 Aug 22:33 2014
Picon

[Proftpd-user] Force GID and UID

I would like to use some directives like the ones in mod_ldap (LDAPForceDefaultGID/LDAPForceDefailtUID) and mod_sql (SQLDefaultGID/SQLDefaultUID ) that force UID and GID to a specific value. However, I cannot use mod_ldap or mod_sql to authenticate users. Is there a way to force UID/GID without using these two modules?

Thanks.
------------------------------------------------------------------------------
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Ping Luo | 8 Aug 19:18 2014
Picon

[Proftpd-user] sftp and kerberos

I need to run proftp with sftp and kerberos authentication. I have found a post  dated back to 2010 asking for similar thing


 

Is there any progress on this issue?

Ping






------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Ping Luo | 7 Aug 23:08 2014
Picon

[Proftpd-user] How to use DSO modules in VirtualHost

I am wandering how to use DSO modules in in VirtualHost context. Since all mod_dso directives are valid only in server config, does it mean I cannot use any DSO module in VirtualHost?

Ping
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls. 
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Brendan Putek | 25 Jul 18:46 2014

[Proftpd-user] Using mysql for user auth and holding session in the Scoreboard file or memcache

Hi,

 

We are currently using mod_sql for user authentication, but it is holding open connections to our database for as long as the sftp connection remains active.  We know we can set a timeout, but doing so forces the user to re-authenticate once the database connection has been terminated.  Is there a way to do the auth through mod_sql and then transfer that to a session stored on disk or in memcache.  That would allow us to terminate the database connection, without the user needing to authenticate.

 

Thanks,

Brendan


This email and any attachments may contain confidential and proprietary information of Blackboard that is for the sole use of the intended recipient. If you are not the intended recipient, disclosure, copying, re-distribution or other use of any of this information is strictly prohibited. Please immediately notify the sender and delete this transmission if you received this email in error.
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Dat Head | 24 Jul 00:03 2014
Picon

[Proftpd-user] is mod_wrap2 not ipv6 aware?

we have been using proftpd 1.3.4a for quite some time now and never could get ipv6 to work correctly, so decided to upgrade to 1.3.5 and still it doesn't work

if in hosts.allow i put this (not what we want) it works fine:
  proftpd: ALL

if i put this it works to localhost (ipv4) only:
  proftpd: 127.0.0.1 [::1]

if i put this nothing works:
  proftpd: [::1] 127.0.0.1

this is just a simplified breakdown to try and debug, so basically what i'm seeing is any time wrap2 encounters a v6 addr anything including it AND AFTER it fails (any v4 BEFORE it works ok)

doesn't work w/o the square brackets either (we have to use them for all other services in hosts.allow so figure libwrap uses them and the other services
work ok with v6)

Connected to ::1 (::1).
220 ::1 FTP server ready
331 Anonymous login ok, send your complete email address as your password
530 Access denied <=== I imagine this is from wrap2
Login failed.
421 Service not available, remote server has closed connection

setting debug level to 10 doesn't show me anything more than at level 0 which is:

014-07-23 21:40:00,312 foobar.com proftpd[10885] : FTP session opened.
2014-07-23 21:40:00,314 foobar.com proftpd[10885] : FTP session closed.

this is what I have in proftpd.conf:

## wrap2 - note: wrap(1) denies hosts that don't reverse DNS lookup, so have to use wrap2
LoadModule                      mod_wrap2.c
LoadModule                      mod_wrap2_file.c
WrapEngine                      on
# wraplog is verbose, only use for debugging
WrapLog                         /var/log/proftpd-wrap2.log
WrapTables                      file:/etc/hosts.allow file:/etc/hosts.deny

and this is what is in proftpd-wrap2.log:

2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table daemon list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   proftpd
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table client list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   127.0.0.1
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   [
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table options list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   :1]
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: daemon matches 'proftpd'
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: bad IPv6 address syntax: '['

*** doesn't work w/o the [ ] either ***

there is no doc for wrap2, just wrap and it is very brief

2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: checking deny table rules
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table daemon list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   ALL
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table client list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   ALL <at> ALL
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: daemon matches 'ALL'
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: client matches 'ALL <at> ALL'
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: 'UseReverseDNS off' in effect, NOT resolving ::1 to DNS name for comparison
2014-07-23 21:45:32,133 mod_wrap2/2.0.6[11109]: refused connection from anonymous <at> ::1
it looks like here it is mis-parsing?:

2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   [
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]: table options list:
2014-07-23 21:45:32,038 mod_wrap2/2.0.6[11109]:   :1]



------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
Chris Lasater | 1 Jul 22:05 2014
Picon

[Proftpd-user] Mod_sql with Mysql

Hi Again,
     I seem to be having some issues with proftpd and mysql.  I compiled 
my own version using the spec file configuration and my own compiled 
version of mysql.  In the past I have tried with the mysql-devel RPM on 
Centos and it did not work either.  I have not seen any error messages 
that stand out and the regular logs just say user not found. I have 
enabled auditing on the mysql server and see no attempt at connecting.  
I can connect using the mysql client with the same credentials with no 
problem.

<IfModule mod_sql_mysql.c>
    SQLConnectInfo               db <at> databaseserver user password
    SQLEngine                    on
    SQLBackend                   mysql
    SQLAuthenticate              users
    SQLAuthTypes                 Plaintext
    SQLDefaultHomedir            /home/user/ftphome/%u
    SQLUserInfo                  account username password uidgid uidgid 
Null Null
    SQLLogFile                   /home/user/logs/proftpd/sql.log
    SQLOptions                   IgnoreConfigfile
</IfModule mos_sql_mysql.c>

[user <at> server ~]$ proftpd -V
Compile-time Settings:
   Version: 1.3.5 (stable)
   Platform: LINUX [Linux 2.6.39-400.24.1.el5uek x86_64]
   Built: Tue Jul 1 2014 14:31:26 EDT
   Built With:
     configure  '--prefix=/home/user/proftpd' '--disable-strip' 
'--enable-ctrls' '--enable-dso' '--enable-facl' '--enable-ipv6' 
'--enable-nls' '--enable-openssl' '--with-lastlog' 
'--with-libraries=/home/techno/apps/mysql/lib64/mysql:/home/techno/apps/openssl/lib' 
'--with-includes=/home/user/mysql/include/mysql:/home/user/openssl/include' 
'--with

shared=mod_ban:mod_ctrls_admin:mod_exec:mod_facl:mod_load:mod_quotatab:mod_quotatab_file:mod_quotatab_radius:mod_quotatab_sql:mod_radius:mod_ratio:mod_readme:mod_rewrite:mod_shaper:mod_site_misc:mod_sql:mod_ldap:mod_sftp:mod_sftp_sql:mod_sql_mysql:mod_wrap2:mod_wrap2_file:mod_wrap2_sql:mod_ifsession' 
'CFLAGS=-m64 -fPIC -O2 -pipe'

   CFLAGS: -m64 -fPIC -O2 -pipe -Wall
   LDFLAGS: -L$(top_srcdir)/lib  -L/home/user/openssl/lib 
-L/home/user/mysql/lib64/mysql
   LIBS: -lacl  -lssl -lcrypto -lssl -lcrypto -lcap -lsupp -lcrypt -ldl

   Files:
     Configuration File:
       /home/user/proftpd/etc/proftpd.conf
     Pid File:
       /home/user/proftpd/var/proftpd.pid
     Scoreboard File:
       /home/user/proftpd/var/proftpd.scoreboard
     Header Directory:
       /home/user/proftpd/include/proftpd
     Shared Module Directory:
       /home/user/proftpd/libexec

   Features:
     - Autoshadow support
     + Controls support
     + curses support
     - Developer support
     + DSO support
     + IPv6 support
     + Largefile support
     + Lastlog support
     - Memcache support
     + ncursesw support
     + NLS support
     + OpenSSL support
     - PCRE support
     + POSIX ACL support
     + Shadow file support
     + Sendfile support
     + Trace support

   Tunable Options:
     PR_TUNABLE_BUFFER_SIZE = 1024
     PR_TUNABLE_DEFAULT_RCVBUFSZ = 8192
     PR_TUNABLE_DEFAULT_SNDBUFSZ = 8192
     PR_TUNABLE_GLOBBING_MAX_MATCHES = 100000
     PR_TUNABLE_GLOBBING_MAX_RECURSION = 8
     PR_TUNABLE_HASH_TABLE_SIZE = 40
     PR_TUNABLE_NEW_POOL_SIZE = 512
     PR_TUNABLE_SCOREBOARD_BUFFER_SIZE = 80
     PR_TUNABLE_SCOREBOARD_SCRUB_TIMER = 30
     PR_TUNABLE_SELECT_TIMEOUT = 30
     PR_TUNABLE_TIMEOUTIDENT = 10
     PR_TUNABLE_TIMEOUTIDLE = 600
     PR_TUNABLE_TIMEOUTLINGER = 30
     PR_TUNABLE_TIMEOUTLOGIN = 300
     PR_TUNABLE_TIMEOUTNOXFER = 300
     PR_TUNABLE_TIMEOUTSTALLED = 3600
     PR_TUNABLE_XFER_SCOREBOARD_UPDATES = 10

[user <at> server ~]$ ldd proftpd/libexec/mod_sql_mysql.so
     linux-vdso.so.1 =>  (0x00007fff6cf0e000)
     libm.so.6 => /lib64/libm.so.6 (0x00007f79085f0000)
     libmysqlclient.so.18 => 
/home/user/mysql/lib64/mysql/libmysqlclient.so.18 (0x00007f7908022000)
     libz.so.1 => /lib64/libz.so.1 (0x00007f7907e0e000)
     libc.so.6 => /lib64/libc.so.6 (0x00007f7907ab5000)
     libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f7907898000)
     libdl.so.2 => /lib64/libdl.so.2 (0x00007f7907694000)
     librt.so.1 => /lib64/librt.so.1 (0x00007f790748b000)
     libstdc++.so.6 => /usr/lib64/libstdc++.so.6 (0x00007f790718a000)
     libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f7906f7c000)
     /lib64/ld-linux-x86-64.so.2 (0x0000003a5a400000)

[techno <at> ucdvap105002 ~]$ proftpd -vv
ProFTPD Version: 1.3.5 (stable)
   Scoreboard Version: 01040003
   Built: Tue Jul 1 2014 14:31:26 EDT

Loaded modules:
   mod_sql_mysql/4.0.8
   mod_sql/4.3
   mod_sftp/0.9.9
   mod_lang/1.0
   mod_ctrls/0.9.5
   mod_cap/1.1
   mod_ident/1.0
   mod_dso/0.5
   mod_facts/0.3
   mod_delay/0.7
   mod_site.c
   mod_log.c
   mod_ls.c
   mod_auth.c
   mod_auth_file/1.0
   mod_auth_unix.c
   mod_rlimit/1.0
   mod_xfer.c
   mod_core.c

sql.log file  (for one attempted connection)

2014-07-01 13:16:30,463 mod_sql/4.3[5046]: defaulting to 'mysql' backend
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: backend module 
'mod_sql_mysql/4.0.8'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: backend api 'mod_sql_api_v1'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: >>> sql_sess_init
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: entering     mysql 
cmd_defineconnection
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:   name: 'default'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:   user: 'proftp'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:   host: 'dbserver'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:     db: 'db'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:   port: '3306'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]:    ttl: '0'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: exiting      mysql 
cmd_defineconnection
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: connection 'default' 
successfully established
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: mod_sql engine     : on
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: negative_cache     : off
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: authenticate       : users
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: usertable          : account
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: userid field       : username
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: password field     : password
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: UID field          : uidgid
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: GID field          : uidgid
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: homedir(default)   : 
'/home/user/ftphome/%u'
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: shell field        : NULL
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: SQLMinUserUID      : 999
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: SQLMinUserGID      : 999
2014-07-01 13:16:30,463 mod_sql/4.3[5046]: <<< sql_sess_init
2014-07-01 13:16:31,001 mod_sql/4.3[5046]: >>> sql_pre_pass

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
ProFTPD Users List   <proftpd-users <at> proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html


Gmane