ProFTP and Postfix

MasterC · 10-20-2002, 03:14 PM

Hi!

I've been running proftp for a while, no problems, and I pretty much have figured out a few of the things to get users to login and stuff.

I read some docs on anonymous FTP and it was working fine for a while. I removed the ftp user in /etc/ftpusers and really haven't had a problem until now.

So, just the other day I installed postfix, and I did everything according to the README/INSTALL files there, and I don't remember tweaking anything in /etc/ftpusers

But ever since then, I haven't been able to allow anonymous ftp users to view files via anonymous ftp.

Any suggestions on things to check, do you need more info?

Here's the site:
ftp://masterc.no-ip.org

And I am running Slack8.1 with a pretty basic setup, not a whole lot of mod's to most of the system files.

Thanks for any ideas/suggestions or obvious pointers.

Cool

MasterC · 10-21-2002, 12:02 PM

Any suggestions at all? It is possible it was coincidence that I put postfix on the same time this started happening, so any suggestions on just how to get anonymous working?

Thanks

MasterC · 10-22-2002, 08:39 AM

Ok, how's about just pointing me towards something to try? I wouldn't even know where to start on this now. I have checked /etc/proftpd.conf /etc/ftpusers

and that is my exhaustion of places to look. I am guessing I must be missing something in them, but I don't know what.

Thanks for ANY suggestion(s)

Cool

MasterC · 10-22-2002, 07:26 PM

MasterC · 10-23-2002, 01:40 PM

Last bump, I understand if nobody has any ideas, no worries. Just trying to grasp for any ideas.

Thanks for at least reading this, if I ever get it worked out, I will report back (probably something little I am just not noticing).

Cool

artman62 · 10-23-2002, 08:25 PM

Did you try the proftpd.org website. Could you post your proftpd.conf file?

MasterC · 10-23-2002, 11:40 PM

Yes, and sure

Here it is:

Code:

# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.

#ServerName "ProFTP MasterC Style"
#ServerType standalone
ServerType inetd
DefaultServer on
DefaultRoot ~

# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog /var/log/proftpd.log
TransferLog /var/log/xferlog

# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
RequireValidShell off
User ftp
Group ftp
# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit the maximum number of anonymous logins
MaxClients 50

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>

# An upload directory that allows storing files but not retrieving
# or creating directories.
# <Directory incoming/*>
# <Limit READ>
# DenyAll
# </Limit>
#
# <Limit STOR>
# AllowAll
# </Limit>
# </Directory>

</Anonymous>

Ok, well I hope that helps

Thanks for any suggestions from there

Cool

Mik · 10-24-2002, 04:26 AM

I can't even ping that ip number so I don't know what error message the ftp server gives. I think my ip must be blocked by your firewall because I can ping it through another host.

Anyways here is some things which you might want to check:

- Check error messages when connecting in /var/log files. Often can give you clues of where to look for the error.
- Make sure the user and group ftp exists in passwd and groups files
- Make sure the user ftp has a valid shell which exists in the /etc/shells file. Unless you set the following directive in the proftpd.conf file:
RequireValidShell off
I see you set the RequireValidShell directive in the anonymous section. I have it in the global section since I also have users which I want to allow login through ftp but not through a shell. But that shouldn't make a difference.
- Make sure the user ftp has proper access to the directory which you set in the Anonymous section, in your case the ftp home directory.

That's all I can think of at the moment to check. This is ofcourse assuming that connecting with a normal user does work and it's only the anonymous that doesn't. If you also have problems logging in with normal users there is a whole bunch of other things you should check.

MasterC · 10-24-2002, 03:32 PM

Ok, cool, thanks for the suggestions

I will check the perm's on the directories and other things as well. I usually get anonymous connected successfully, but home NULL "" doesn't exist.

So I am guessing from that that I have a problem with defining a chrooted home for ftp/anon users. Before it went automatically to /home/ftp and that worked fine, but like you said maybe I changed perms at some point, and now they can't enter the directory. I will check that first thing when I get home.

Thanks again for the ideas

MasterC · 10-24-2002, 10:33 PM

You sir, are the man! I don't think you have not successfully answered any question that you responded to of mine. Thank you very much. It was a perm's problem, and a stupidly overlooked ::: problem in /etc/passwd for my ftp user.

Thank you again, very much!