LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-16-2005, 06:56 PM   #1
Sagara Sanosuke
LQ Newbie
 
Registered: Jun 2004
Location: Texas, US
Distribution: Mandrake 8.2
Posts: 9

Rep: Reputation: 0
Unhappy Proftpd tutorial config not working


Ok, right now I'm just trying to get an anonymous ftp server to work. Once I have that working I'd like to make it a passive server with users that I can define and set directories visible to certain users or group of users. The thing is I'm baffled as to why this isnt working for me.

What I've got is Mandrake 8.2 installed on one of my machines along with proftpd-1.2.5-0 and a winXp machine, both connected to a hub. Within the /home I have the ftp user home driectory, and their permissions are set up like this:
Code:
drwxr-xr-x    4 ftp      ftp          4096 May 16 07:29 ftp/

[root@tachikoma ftp]# ls -l
total 8
dr-xr-x---    2 ftp      ftp          4096 May 16 07:29 download/
drwxr-x---    2 ftp      ftp          4096 May 16 07:29 upload/
I followed the tutorial on setting up a ftp server. I copied and pasted the config file from there:
Code:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "ProFTPD Default Installation"
ServerType                      standalone
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    30

# Set the user and group under which the server will run.
User                            nobody
Group                           nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
<Directory />
  AllowOverwrite                on
</Directory>

# A basic anonymous configuration, no upload directories.  If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
  User                          ftp
  Group                         ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                    10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>
</Anonymous>
When I started the service I didn't get any error messages. I goto my Xp machine and use smart ftp to try and connect, but it fails:

Code:
   Resolving host name <edited>...
    Connecting to (<edited>) ->  IP: <edited> PORT: 21
    Connected to (<edited>) -> Time = 0ms
    Socket connected waiting for login sequence.
Compiled-in modules:
  mod_core.c
  mod_auth.c
  mod_xfer.c
  mod_site.c
  mod_ls.c
  mod_unixpw.c
  mod_log.c
  mod_linuxprivs.c
  mod_ratio.c
  mod_readme.c
  mod_pam.c
  mod_quota.c
  mod_ldap.c
  mod_wrap.c
    Cannot login waiting to retry (30s)...
Going back to the linux box and tring to connect via the console, came up with something looking like this:
Code:
[root@tachikoma ftp]# ftp <edited>
Connected to <edited>.
Compiled-in modules:
ftp> ls
Not connected.
ftp> connect 192.168.1.2
?Invalid command
ftp> quit
I did some searching, found another config example and edited it slightly. This is how that one looks:
Code:
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "ProFTPD Default Installation"
ServerType                      standalone
DefaultServer                   on

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances                    30

# Limit the maximum number of anonymous logins
MaxClients                      1

# Set the user and group under which the server will run.
User                            nobody
Group                           nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

<Directory />
  Umask 022 022
  AllowOverwrite off
  <Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD >
    DenyAll
  </Limit>
</Directory>

<Directory /download/*>
  Umask  022 022
  AllowOverwrite off
  <Limit MKD XMKD RNRF RNTO DELE RMD XRMD STOR>
    DenyAll
  </Limit>
</Directory>

<Directory /upload/*>
  Umask 022 022
  AllowOverwrite on
  <Limit MKD XMKD RNRF RNTO DELE RMD XRMD STOR>
    AllowAll
  </Limit>
<Directory>
This one yeilds this when I try to restart the service.
Code:
[root@tachikoma ftp]# service -f proftpd
Shutting down proftpd:                                          [FAILED]
Starting proftpd:  - Fatal: <Directory>: missing arguments
                                                                [FAILED]
Am I missing something critical here? I'm at my wits end and really not sure where to go. Any help is appreacted.
 
Old 05-16-2005, 07:48 PM   #2
michaelsanford
Member
 
Registered: Feb 2005
Location: Ottawa/Montréal
Distribution: Slackware + Darwin (MacOS X)
Posts: 468

Rep: Reputation: 30
I'm not completely sure but I believe Directory takes absolute path names, so /upload/* and /download/* are assumed to mean /upload instead of /ftp/upload which is what you probably mean. It might also explain your error message.

So, try changing them to absolute path names and see if that helps.

That's just a guess though.

N.B., Just as a point of quasi-security I would change the banner from "ProFTPd Default Installation" to something else. It's just that seeing "Default anything" in any banner is a hacker's dream come true
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
PCMCIA, What kind of card? Config. tutorial? pfak Linux - Hardware 2 01-09-2005 02:30 PM
Help with ProFTPd config WNxSquee Linux - Software 5 01-06-2004 07:36 AM
help with proftpd config mconnors Linux - General 5 09-26-2003 04:16 PM
help w/ proftpd config Nefarious Linux - Software 3 04-15-2003 09:50 PM
proftpd --- need help? could someone post a working proftpd.conf i could look at ZooRoPa Linux - Networking 1 04-02-2003 07:56 PM


All times are GMT -5. The time now is 09:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration