proftpd Fatal Error on start
I'm running Apache as a web server, and I just installed and configured proftpd so that I can control who uploads things to my computer. When I start the service (/usr/local/etc/proftpd.conf - I installed as user) it gives me
Code:
- Fatal: DefaultServer: DefaultServer has already been set. Code:
ServerName "ProFTPD Default Installation" And on a similar note, how do I create users with access rights for the FTP service? i.e. I know I set the service to run under my username, but is there a setting (I couldn't find one) to list usernames and passwords, along with permissions just for proftpd? Thanks very much, Laura |
ProFTPD should be run as user/group nobody. It's better for security.
Second: Maybe it's already running, if so, either kill the server (check with ps -aux) and then restart, or simply restart. As for users, it uses the regular users on your system. So create them as you would any user, simply give them less priviledges than you would a user on your system, such as use rbash as their default shell, confine then with DefaultRoot and so on. :) For more info on things I've mentioned either post back (I'll be glad to clarify) or search this site, proftpd is actually covered quite well here. Cool |
No, it's not running already, and I get the same error message when I try restarting it.
How do I confine users with DefaultRoot? I assume that's the setting mentioned in the proftpd.conf file. I have it set to one folder - the one I want to be common to all users' uploads, which is fine. However, does making that their default root folder actually confine them there, or just make that the starting point? I really don't want them anywhere else in my system. thanks! ~Laura |
If your DefaultRoot looks like this in your proftpd.conf file:
DefaultRoot ~ Then they will be confined to their home directory and all subdir. If it looks like: DefaultRoot /var/www/ftpuploads Then they will be confined there. I'd also change their home directory in /etc/passwd or /etc/shadow (depending on what you are using) to the home of which you want them confined, then if they try to access another directory with something like ssh then, assuming you are using rbash or something similar, they will be confined there as well. Check your inetd/xinetd settings to see if you already have an FTP server defined and/or running that you don't want. Something like wu-ftp or whatever might have already been installed and setup, and maybe this will show you. Cool |
Slight misunderstanding here, I think....I don't want them each confined to their home directory...Id' rather they didn't even have one. I want each user to be able to upload things via ftp to one directory on my hard drive, i.e. /var/www/Uploads. I want them all have access to this directory, and none other (not even ~).
|
Then that's fine, just use the specific DefaultRoot:
DefaultRoot /var/www/Uploads The other option I was referring to was in case you wanted them to be confined there, and others (maybe anonymous or yourself) to start in a home directory of some sort. In that case you should set the DefaultRoot to ~ (which means home directory) and then edit their home directories in /etc/passwd to reflect /var/www/Uploads then that's where they will start. Either way should work, it just depends on what 'else' you might be doing with ftp that should determine which method you use. Cool |
Ah, I see. Sorry about the misunderstanding :)
About that "Default Server" error...poring through the posts and FAQs makes me think that Apache and proFTPD are fighting for control of the DefaultServer title... someone else has posted his proftpd.conf file (http://www.linuxquestions.org/questi...threadid=33724) and they have 'ServerType inetd'...does that just mean that xinetd starts the server on startup?...I've only got a vague idea of what I'm groping towards here, sorry, but what I'm trying to say is: What sets the Default Server? And how can I change it so that I can have more than one server running at the same time (i.e. Apache and proFTPD)? |
...And if xinetd is supposed to start the ftp server, as the proFTPD FAQ seemed to suggest, how do I go about telling xinetd that it should do that??
|
Post it up. xinetd or inetd are dependant upon which distro you are using. If you look at the files themselves, usually you can suss out what part you need to edit to work with your FTP server. For example, mine:
Code:
# File Transfer Protocol (FTP) server: :) Cool |
bother.
/etc/inetd.conf doesn't exist (in fact, it doesn't exist anywhere on the system) and although xinetd.conf does, all it has in it is this: Code:
# |
Assuming your sidebar info is correct, check the Mandrake Control Center for info on what services are started up, and there might even be an option there to set "defaults". Although....
IF ps -aux (as root) isn't returning anything "FTP looking" then I'd suspect something else might be going on, check that first and let me know what you think. I'll start thinking outside this box if that's the case ;) Cool |
AAAAARGH...I'm positive that I'm making this harder than it should be.
I got proFTPD started by commenting out the line about DefaultServer, and it didn't seem to complain. However, I couldn't actually connect and see a directory listing (either with an ftp client or my browser). Once the username/password dialog popped up, but after I entered them it just sat there 'waiting for response'. I uninstalled proFTPD, and installed vsftpd...it instills itself in xinetd, and I've restarted xinetd each time I change the config file. Even with the default configuration (ftp://vsftpd.beasts.org/users/cevans...TE/vsftpd.conf) I get the same thing, though...a client or browser just sits there and tries to connect. All I should have to do is ftp://myip:21, correct?? Or what else do I have to enable?? |
Update:
from the commandline, Code:
ftp localhost.localdomain What reasons could there be for it not working through a client, though? I can't even think how to explain ftp commands to some of the users for this thing :-/ |
yeah...hmmmmmmm......127.0.0.1 works fine, but the actual IP returns "no Server available to handle request on <myhostname.mydomain>"
netstat -l gives me: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:32768 *:* LISTEN tcp 0 0 *:6753 *:* LISTEN tcp 0 0 localhost.localdo:45549 *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:x11 *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 *:ipp *:* LISTEN udp 0 0 *:32768 *:* udp 0 0 *:sunrpc *:* udp 0 0 *:631 *:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 3370 /tmp/.font-unix/fs-1 unix 2 [ ACC ] STREAM LISTENING 4989 /tmp/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 352820 /tmp/gaim_laura.24235 unix 2 [ ACC ] STREAM LISTENING 3242 /dev/gpmctl So I know it's listening. Why it's not responding, though, is the mystery. |
ok, progress:
Connecting over port 20 (what vsftp listens over (?!), according to the config file) gives me "Connection refused." Using 2 terminals, I tried this: Terminal 1: nc -l -p 20 128.226.198.93 20 Terminal 2: ftp 128.226.198.93 20 Terminal 1: nc -l -p 20 128.226.198.93 20 invalid connection to [128.226.198.93] from (UNKNOWN) [128.226.198.93] 46801 What else is there besides a firewall (iptables is stopped) that could block port 20?? |
All times are GMT -5. The time now is 09:44 PM. |