LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-06-2003, 12:47 PM   #1
Sonik21
LQ Newbie
 
Registered: Feb 2003
Location: East Coast
Distribution: OpenSuse 11.1 x64,Debian 5.0,PCBSD 7.1
Posts: 22

Rep: Reputation: 15
proftpd using mod_sql help please !


i compiled proftpd 1.2.8 with mod_sql and set it up. i keep getting 421 Service not available Control connection closed by host.


ive tried everything i can think of. and im about to give up if no one has a solution.

im doing tests with the basic mod_sql configuration file that comes with the distro. in its plain state it SHOULD HAVE worked but it didnt. i dont know whats causing it or how to fix it. has anyone actually gotten proftpd to use a mysql databse for user authentication ???
 
Old 03-07-2003, 05:33 AM   #2
Sonik21
LQ Newbie
 
Registered: Feb 2003
Location: East Coast
Distribution: OpenSuse 11.1 x64,Debian 5.0,PCBSD 7.1
Posts: 22

Original Poster
Rep: Reputation: 15
anyone ?
 
Old 03-13-2003, 09:51 AM   #3
TechBrat
LQ Newbie
 
Registered: Mar 2003
Distribution: Redhat7.x/8.x/FreeBSD4.x
Posts: 19

Rep: Reputation: 0
OK,

I shared your pain. I had the same problem a while back actually and if I remember, it all turned out to be issues in the proftpd.conf. I've had it running on FreeBSD 4.x as well as several RH systems.

I installed it recently on a new box with a newer version on a RH7.x system with MySQL 3.x installed. I compiled with this: -

tar xvzf proftpd-1.2.8rc2.tar.gz
cd proftpd-1.2.8rc2
./configure --with-modules=mod_sql:mod_sql_mysql \
--with-includes=/usr/local/include \
--with-libraries=/usr/local/lib/mysql
make
make install

The following /etc/proftpd.conf file allows PAM auth on ip#1 and MySQL based auth on IP#2. File follows...

"Names have been changed to protect the innocent."

#----------------START----------------
# listen for each (additional) address explicitly that is
# specified (via Bind and Port) in a VirtualHost definition
#
SocketBindTight on
Port 0

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# such as xinetd)
MaxInstances 30

# Performance: skip DNS resolution when we process the logs...
UseReverseDNS on

# Turn off Ident lookups
IdentLookups off

# Set the maximum number of seconds a data connection is allowed
# to "stall" before being aborted.
TimeoutStalled 300

# Where do we put the pid files?
ScoreboardFile /usr/local/var/proftpd.pid

#
# Allow FXP
#
AllowForeignAddress on
PassivePorts 49152 65534

Classes on
Class default limit 5
Class internet limit 2
Class local limit 3
Class internet ip 0.0.0.0/0
Class internet ip 192.168.99.99/24
Class local ip 127.0.0.1/24
Class local ip 192.168.0.0/24

SystemLog /var/log/proftpd.log

# Do not allow to pass printf-Formats (security! see documentation!):
#AllowFilter "^[a-zA-Z0-9@~ /,_.-]*$"
DenyFilter "%"

#
# Logging options
#
TransferLog /var/log/proftpd.xferlog

# Some logging formats
#
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"

# Log file/dir access
ExtendedLog /var/log/proftpd.access_log WRITE,READ write

# Record all logins
ExtendedLog /var/log/proftpd.auth_log AUTH auth

# Paranoia logging level....
ExtendedLog /var/log/proftpd.paranoid_log ALL default

# To disable use of system-wide password file
PersistentPasswd off

###############################################################
<Virtualhost 192.168.0.1>
#
# PAM Auth for IP #1
#
ServerName "Standard PAM Auth FTP"

# Define this if you want to prevent your server from displaying what FTP
# server and version you are using.
ServerIdent on "Ready."

#Time out parameters
TimeoutIdle 600
TimeoutNoTransfer 600
TimeoutLogin 300

# Get FXP working...hopefully
AllowForeignAddress on

# Port 21 is the standard FTP port.
Port 21

# Set the user and group that the server normally runs at.
User root
Group root

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022

# Setting this to 'on' makes PAM the final authority on what gets
# authenticated. Turning this off will tell PAM to allow other
# authentication modules compiled into ProFTPD a chance at the user.
AuthPAMAuthoritative On

# This is the PAM configuration file that will be referenced when
# authenticating. It can be set globally and/or per VirtualHost.
# The default is 'ftp'. Note: all PAM configuration files must be in
# /etc/pam.d
AuthPAMConfig ftp

# Enable resuming of downloads and uploads
AllowOverwrite On
AllowStoreRestart on
AllowRetrieveRestart on

# Don't let people pass % characters to the server and to protect against DoS attacks (Bugzilla ID 1066)
DenyFilter (\*.*/)|%

<Limit SITE_CHMOD>
AllowAll
</Limit>

RequireValidShell on

# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite on
</Directory>

#
# FXP Abilities
#
AllowForeignAddress on

</Virtualhost>

###############################################################
<Virtualhost 192.168.0.2>
#
# MySQL Auth for IP #2
#
ServerName "MySQL Auth FTP Site"
ServerAdmin support@mydomain.com

#
# Debug Level
# emerg, alert, crit (empfohlen), error, warn. notice, info, debug
#
SyslogLevel info

#
# uncomment, if you want to hide the servers name:
#
ServerIdent on "MySQL Auth FTP User Server"
DeferWelcome on
DefaultServer on

#
# Display
#
#DisplayLogin /messages/ftp.motd
#DisplayConnect /net/messages/ftp.pre
#DisplayFirstChdir index.txt

HiddenStor off
DirFakeUser on ftp
DirFakeGroup on ftp
DirFakeMode 0000

# Enable PAM for authentication...
#
AuthPAM off

# Setting this directive to on will cause authentication to fail
# if PAM authentication fails. The default setting, off, allows
# other modules and directives such as AuthUserFile and friends
# to authenticate users.
#
# AuthPAMAuthoritative on

# This directive allows you to specify the PAM service name used
# in authentication (default is "proftpd" on SuSE Linux).
# You have to setup the service in the /etc/pam.d/<other_name>.
#
#AuthPAMConfig <other_name>

# Port 21 is the standard FTP port.
Port 21

#------------------------mysql Module: 4.x

SQLAuthTypes BackEnd Empty
# Use the below line for cleartext mysql passwords rather than PASSWORD() based ones
#SQLAuthTypes Plaintext Empty
SQLAuthenticate on
SQLConnectInfo root@localhost mydbusername mydbpassword PERSESSION
SQLDefaultGID 48
SQLDefaultUID 48
SQLMinUserGID 48
SQLMinUserUID 48

SQLUserInfo members username password ftp_uid ftp_gid ftp_homedir NULL
SQLGroupInfo members_group ftp_groupname ftp_gid members

#------------------------mysql

# Umask 022 is a good standard umask to prevent new dirs
# and files from being group and world writable.
Umask 022


# Set the user and group that the server normally runs at.
User apache
Group apache

# Maximum User/Host configuration
MaxClientsPerHost 2 "Sorry, we only allow %m connections per host!"
MaxClients 50 "The maximum number of clients has been reached. Please try again soon."

#
# Restartability
#
AllowStoreRestart on
AllowRetrieveRestart on

AllowOverwrite On

#DefaultQuota 50000000
#
# Do a chroot for web-users (i.e. public or www group), but
# do not change root if the user is also in the users group...
#
DefaultRoot ~

#
# Limit login attempts
#
MaxLoginAttempts 3

#
# Users needs a valid shell
#
RequireValidShell off
AllowForeignAddress off
</VirtualHost>
#----------------END----------------

BTW, ftp_uid and ftp_gid are basically ignored as they're hardcoded to apache (48) in the configuration. I suggest keeping authentication as "backend" as it authenticates via the MYSQL PASSWORD() function very nicely.

ProFTPD with MySQL rocks. Good Luck.

TechBrat Out.
 
Old 03-13-2003, 09:54 AM   #4
TechBrat
LQ Newbie
 
Registered: Mar 2003
Distribution: Redhat7.x/8.x/FreeBSD4.x
Posts: 19

Rep: Reputation: 0
BTW, remember that proftpd can be run from the shell rather than as a daemon with massive amounts of debugging (-d9??) turned on.

TechBrat Out.
 
Old 05-07-2003, 11:56 AM   #5
Lord Vader
LQ Newbie
 
Registered: May 2003
Location: Ohio
Distribution: rh 9
Posts: 1

Rep: Reputation: 0
RH9-proftpd 1.8.2-mod sql

Hello,

using the 1.8.2 source I compiled proftpd on my rh 9 box. When I try to get to ftp localhost i get the 421 error and /usr/sbin/proftpd -n -d9 produces error deleting scoreboardfile - invalid argument.

Permissions are fine so I'm wondering what else is going wrong.

BTW, I also need to use the mod_sql for SQL Authentication.

TIA

Matthew.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
proftpd: proftpd startup failed tumana Linux - Newbie 14 06-17-2012 12:06 PM
Proftpd + mod_sql error & question MrEase Linux - Software 0 08-28-2005 02:24 PM
Disabling the chroot in proftpd and enabling root logins on ssh/proftpd jon_k Linux - Software 1 06-16-2004 11:27 AM
proftpd 1.2.8 with mod_sql -> make error on suse 8.1 CIMSW Linux - Software 1 09-15-2003 11:18 AM
proftpd --- need help? could someone post a working proftpd.conf i could look at ZooRoPa Linux - Networking 1 04-02-2003 07:56 PM


All times are GMT -5. The time now is 01:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration