LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   pure-ftpd virtual user issue (https://www.linuxquestions.org/questions/linux-server-73/pure-ftpd-virtual-user-issue-4175463928/)

mbnoimi 05-29-2013 06:19 AM
pure-ftpd virtual user issue
 
All virtual users of pure-ftpd can't login although I configured them without any error message!

Login error message:
Code:
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 10 allowed.
220-Local time is now 13:01. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 5 minutes of inactivity.
      USER test
331 User test OK. Password required
      PASS (password not shown)
530 Login authentication failed
Here's pure-ftpd configurations:
Code:
mbnoimi-pc conf # apt-get install pure-ftpd
mbnoimi-pc conf # cd /etc/pure-ftpd/conf/
mbnoimi-pc conf # echo yes > ChrootEveryone
mbnoimi-pc conf # echo yes > CreateHomeDir
mbnoimi-pc conf # echo 10 > MaxClientsNumber
mbnoimi-pc conf # echo 3 > MaxClientsPerIP
mbnoimi-pc conf # echo yes > NoAnonymous
mbnoimi-pc conf # echo no > DisplayDotFiles
mbnoimi-pc conf # echo yes > DontResolve
mbnoimi-pc conf # echo 5 > MaxIdleTime
mbnoimi-pc conf # echo yes > PAMAuthentication
mbnoimi-pc conf # echo no > AnonymousCanCreateDirs
mbnoimi-pc conf # echo 007 007 > Umask
mbnoimi-pc conf # echo yes > ProhibitDotFilesWrite
mbnoimi-pc conf # echo yes > ProhibitDotFilesRead
mbnoimi-pc conf # echo no > AutoRename
mbnoimi-pc conf # echo yes > NoChmod
mbnoimi-pc conf # echo no > KeepAllFiles
mbnoimi-pc conf # echo 0 > TLS
mbnoimi-pc conf # /etc/init.d/pure-ftpd restart
Restarting ftp server: Running: /usr/sbin/pure-ftpd -l pam -j -x -X -C 3 -Y 0 -H -I 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
mbnoimi-pc pure-ftpd # ls auth/
65unix  70pam
mbnoimi-pc pure-ftpd # cat auth/65unix
no
mbnoimi-pc pure-ftpd # cat auth/70pam
yes
mbnoimi-pc pure-ftpd # cat pureftpd.passwd
test:$1$O1zF99b0$oH7S4lxScfwMoPpyvBywr.:119:130::/home/ftpusers/./::::::::::::
mbnoimi-pc pure-ftpd #
http://imageshack.us/a/img24/5412/pureadminusers001.png

mbnoimi 06-01-2013 09:16 PM
Bump

bathory 06-02-2013 01:34 AM
Hi,

There is no "-lpuredb:/etc/pureftpd.pdb" among the other runtime options.
As this looks like a debian box, have a look at this howto for details

Regards

mbnoimi 06-02-2013 02:01 AM
Quote:
There is no "-lpuredb:/etc/pureftpd.pdb" among the other runtime options.
How can I add it?
I tried to add it through but nothing changed!
Code:
mbnoimi@mbnoimi-pc ~ $ sudo pure-pw mkdb
mbnoimi@mbnoimi-pc ~ $ sudo pure-pw list
test                /home/ftpusers/./     
mbnoimi@mbnoimi-pc ~ $ ls -R /etc/pure-ftpd/
/etc/pure-ftpd/:
auth  conf  db  pureftpd-dir-aliases  pureftpd.passwd  pureftpd.pdb

/etc/pure-ftpd/auth:
65unix  70pam

/etc/pure-ftpd/conf:
AltLog                  AutoRename      CreateHomeDir    DontResolve  KeepAllFiles      MaxClientsPerIP  MinUID      NoChmod            ProhibitDotFilesRead  PureDB  Umask
AnonymousCanCreateDirs  ChrootEveryone  DisplayDotFiles  FSCharset    MaxClientsNumber  MaxIdleTime      NoAnonymous  PAMAuthentication  ProhibitDotFilesWrite  TLS    UnixAuthentication

mbnoimi 06-02-2013 02:24 AM
Quote:
Originally Posted by bathory (Post 4963873)
have a look at this howto for details
I took a look and applied what it says but I got nothing!!!
Code:
mbnoimi-pc mbnoimi # pure-pw useradd test1 -u ftpuser -d /home/ftpusers/test1
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw show test1

Login              : test1
Password          : $1$EI7InKU0$XF83gt49Z9F4QLtfryxai0
UID                : 119 (ftpuser)
GID                : 130 (ftpgroup)
Directory          : /home/ftpusers/test1/./
Full name          :
Download bandwidth : 0 Kb (unlimited)
Upload  bandwidth : 0 Kb (unlimited)
Max files          : 0 (unlimited)
Max size          : 0 Mb (unlimited)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local  IPs :
Denied  local  IPs :
Allowed client IPs :
Denied  client IPs :
Time restrictions  : 0000-0000 (unlimited)
Max sim sessions  : 0 (unlimited)

mbnoimi-pc mbnoimi # ls -R /home/ftpusers/
/home/ftpusers/:
mbnoimi-pc mbnoimi #
PS
I want to use virtual users

bathory 06-02-2013 02:52 AM
I'm not running Debian, but according to the howto, you need to disable PAM and (maybe) Unix auth
Also you have to create a symlink
Code:
#cd /etc/pure-ftpd/auth
#ln -s ../conf/PureDB 50pure

mbnoimi 06-02-2013 03:02 AM
Quote:
Originally Posted by bathory (Post 4963904)
I'm not running Debian, but according to the howto, you need to disable PAM and (maybe) Unix auth
Also you have to create a symlink
Code:
#cd /etc/pure-ftpd/auth
#ln -s ../conf/PureDB 50pure
Didn't fix the issue :(

bathory 06-02-2013 08:08 AM
Quote:
Originally Posted by mbnoimi (Post 4963908)
Didn't fix the issue :(
Doh.
Try to run it directly from CLI:
Code:
/usr/sbin/pure-ftpd -l -j -x -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
and see what you get

mbnoimi 06-02-2013 03:42 PM
Code:
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -l -j -x -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
421 Unknown authentication method: -j
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -l -x -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
421 Unknown authentication method: -x
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -l -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
421 Unknown authentication method: -X
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -l -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
421 Unknown authentication method: -C
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -l -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
421 Unknown authentication method: -Y
mbnoimi-pc mbnoimi #

bathory 06-03-2013 12:15 AM
My bad. I left an extra -l, sorry
Code:
/usr/sbin/pure-ftpd -j -x -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B

mbnoimi 06-03-2013 12:33 AM
Quote:
Originally Posted by bathory (Post 4964385)
My bad. I left an extra -l, sorry
Code:
/usr/sbin/pure-ftpd -j -x -X -C 3 -Y 0 -H -Ipuredb:/etc/pureftpd.pdb 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
Didn't fix the issue!
Code:
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 10 allowed.
220-Local time is now 07:32. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
      USER test
331 User test OK. Password required
      PASS (password not shown)
530 Login authentication failed

bathory 06-03-2013 01:32 AM
Where is pureftpd.pdb located? Note that you need to use that location in /etc/pure-ftpd/conf/PureDB
Also, are you sure about the user/password? Change it with:
Code:
pure-pw passwd test
pure-pw mkdb
and try to login again

You can also run the server with less options and in debug mode to check virtual users. Use the correct location of pureftpd.pdb below:
Code:
/usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d

mbnoimi 06-03-2013 01:48 AM
Quote:
Where is pureftpd.pdb located? Note that you need to use that location in /etc/pure-ftpd/conf/PureDB
I post it above https://www.linuxquestions.org/quest...8/#post4963881

Quote:
Also, are you sure about the user/password? Change it with:
Yes I'm sure, Any way I change it as you suggested
Code:
mbnoimi-pc mbnoimi # pure-pw passwd test
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw mkdb
Quote:
You can also run the server with less options and in debug mode to check virtual users. Use the correct location of pureftpd.pdb below:
Code:
/usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d
This didn't work!
Code:
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d
Unable to start a standalone server: Address already in use
mbnoimi-pc mbnoimi # /etc/init.d/pure-ftpd stop
Stopping ftp server: pure-ftpd.
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d
Unable to start a standalone server: Address already in use
mbnoimi-pc mbnoimi #

bathory 06-03-2013 02:29 AM
That's what I saw and understood that we're using the wrong file

Quote:
Unable to start a standalone server: Address already in use
If you can't stop it, you can kill it

mbnoimi 06-03-2013 02:38 AM
Quote:
Originally Posted by bathory (Post 4964429)
If you can't stop it, you can kill it
OK I succefully killed it and run it (as shown below) then tried to login once again but nothing changes.
Code:
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d
^Cmbnoimi-pc mbnoimi #

bathory 06-03-2013 07:32 AM
Quote:
Originally Posted by mbnoimi (Post 4964434)
OK I succefully killed it and run it (as shown below) then tried to login once again but nothing changes.
Code:
mbnoimi-pc mbnoimi # /usr/sbin/pure-ftpd -I puredb:/etc/pure-ftpd/pureftpd.pdb -x -E -j -R -d
^Cmbnoimi-pc mbnoimi #
Check the logs under /var/log to see if you get something

mbnoimi 06-03-2013 09:28 AM
There are no details at all!!!
Code:
mbnoimi@mbnoimi-pc /var/log/pure-ftpd $ ls -s
total 0
0 transfer.log

bathory 06-03-2013 12:15 PM
Quote:
Originally Posted by mbnoimi (Post 4964600)
There are no details at all!!!
Code:
mbnoimi@mbnoimi-pc /var/log/pure-ftpd $ ls -s
total 0
0 transfer.log
If you used the command above to start pure-ftpd, then the logs should be under /var/log, as already stated in my previous post.
Dunno what logfile debian uses, but you can check /var/log/messages, /var/log/syslog, /var/log/debug, etc.

pcguyiv 06-03-2013 02:38 PM
Quote:
Originally Posted by mbnoimi (Post 4961259)
...
Here's pure-ftpd configurations:
Code:
mbnoimi-pc conf # apt-get install pure-ftpd
mbnoimi-pc conf # cd /etc/pure-ftpd/conf/
mbnoimi-pc conf # echo yes > ChrootEveryone
mbnoimi-pc conf # echo yes > CreateHomeDir
mbnoimi-pc conf # echo 10 > MaxClientsNumber
mbnoimi-pc conf # echo 3 > MaxClientsPerIP
mbnoimi-pc conf # echo yes > NoAnonymous
mbnoimi-pc conf # echo no > DisplayDotFiles
mbnoimi-pc conf # echo yes > DontResolve
mbnoimi-pc conf # echo 5 > MaxIdleTime
mbnoimi-pc conf # echo yes > PAMAuthentication
mbnoimi-pc conf # echo no > AnonymousCanCreateDirs
mbnoimi-pc conf # echo 007 007 > Umask
mbnoimi-pc conf # echo yes > ProhibitDotFilesWrite
mbnoimi-pc conf # echo yes > ProhibitDotFilesRead
mbnoimi-pc conf # echo no > AutoRename
mbnoimi-pc conf # echo yes > NoChmod
mbnoimi-pc conf # echo no > KeepAllFiles
mbnoimi-pc conf # echo 0 > TLS
http://imageshack.us/a/img24/5412/pureadminusers001.png
I have trimmed your initial configuration information that you have. So far, up to this point, you are doing well.

You may have done all that I am about to share, so if you have, then, I'm not certain what the problem is.

The next step is to go to the auth directory and create a symlink named "50pure" that links to ../conf/PureDB
Code:
root@server auth # ln -sv ../conf/PureDB ./50pure
The next step doesn't involve pure-ftpd so much as it does creating a user with no login credentials and creating the ftp location. This is necessary to give the virtual users something to attach to. (hough you can use any user account, it is best to use one that is completely unprivileged.) You can call this user and group whatever you want but for the sake of the example, I'm calling him ftpuser and likewise, the group will be ftpuser as well.

First, the ftp store with a folder for 3 virtual users:
Code:
root@server ~ # mkdir -p /srv/ftp/vuser{1,2,3}
Next, the generic ftp user account:
Code:
root@server ~ # useradd -U -M -d /srv/ftp -s /dev/null ftpuser
Now, make ftpuser the owner of the ftp stores:
Code:
root@server ~ # chown -R ftpuser:ftpuser /srv/ftp
Now start making the virtual users:
Code:
root@server ~ # pure-pw useradd vuser1 -u ftpuser -g ftpuser -d /srv/ftp/vuser1
Password:
Enter it Again:
root@server ~ # pure-pw useradd vuser2 -u ftpuser -g ftpuser -d /srv/ftp/vuser2
Password:
Enter it Again:
root@server ~ # pure-pw useradd vuser3 -u ftpuser -g ftpuser -d /srv/ftp/vuser3
Password:
Enter it Again:
Now commit those users to the database, and restart the server:
Code:
root@server ~ # pure-pw mkdb
root@server ~ # /etc/init.d/pure-ftpd restart
root@server ~ #

mbnoimi 06-03-2013 02:56 PM
I trid the mentioedn above but I got these issues:
Code:
mbnoimi@mbnoimi-pc ~ $ sudo mkdir -p /srv/ftp/vuser{1,2,3}
mbnoimi@mbnoimi-pc ~ $ sudo useradd -U -M -d /srv/ftp -s /dev/null ftpuser
useradd: user 'ftpuser' already exists
mbnoimi@mbnoimi-pc ~ $ sudo chown -R ftpuser:ftpuser /srv/ftp
chown: invalid group: `ftpuser:ftpuser'
mbnoimi@mbnoimi-pc ~ $ sudo pure-pw useradd vuser1 -u ftpuser -g ftpuser -d /srv/ftp/vuser1
You must give (non-root) uid and gid
mbnoimi@mbnoimi-pc ~ $

pcguyiv 06-03-2013 03:19 PM
Quote:
Originally Posted by mbnoimi (Post 4964770)
I trid the mentioedn above but I got these issues:
Code:
mbnoimi@mbnoimi-pc ~ $ sudo mkdir -p /srv/ftp/vuser{1,2,3}
mbnoimi@mbnoimi-pc ~ $ sudo useradd -U -M -d /srv/ftp -s /dev/null ftpuser
useradd: user 'ftpuser' already exists
mbnoimi@mbnoimi-pc ~ $ sudo chown -R ftpuser:ftpuser /srv/ftp
chown: invalid group: `ftpuser:ftpuser'
mbnoimi@mbnoimi-pc ~ $ sudo pure-pw useradd vuser1 -u ftpuser -g ftpuser -d /srv/ftp/vuser1
You must give (non-root) uid and gid
mbnoimi@mbnoimi-pc ~ $
You've probably already set up ftpuser, so you'll need to modify the account.
Regarding the last (non-root) uid and gid error, most likely it's being caused by the lack of the group, ftpuser, though on rare occasions, you have to actually be root rather than use sudo to put in virtual users attached to non-login accounts. Considering the other errors you are getting, however, the nonexistent group is more likely the issue.

Back to the first issue: You might just check what groups are assigned to ftpuser, and just use one of those instead, or create the ftpuser group and add it as ftpuser's main group.
Code:
root@server ~ # groups ftpuser
ftpgroup  #Just guessing here. It might be something else or not exist at all.#
To add ftpuser as a group and assign it as the primary group that ftpuser belongs to, do the following as root:
Code:
root@server ~ # groupadd ftpuser
root@server ~ # usermod -g ftpuser ftpuser
If you choose to use an existing group, change the user info in the chmod command to ftpuser:ftpgroup (or whatever group ftpuser is assigned to.) Likewise, use that same group name after the -g in the pure-pw useradd command.

Hope that helps.

mbnoimi 06-03-2013 03:38 PM
I did exactly what you said but it didn't work too!!!
PS
As you can see I could run "pure-pw useradd" after adding the group "ftpuser" as you said above.
Code:
mbnoimi-pc mbnoimi # mkdir -p /srv/ftp/vuser{1,2,3}
mbnoimi-pc mbnoimi # useradd -U -M -d /srv/ftp -s /dev/null ftpuser
useradd: user 'ftpuser' already exists
mbnoimi-pc mbnoimi # chown -R ftpuser:ftpuser /srv/ftp
mbnoimi-pc mbnoimi # pure-pw useradd vuser1 -u ftpuser -g ftpuser -d /srv/ftp/vuser1
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw useradd vuser2 -u ftpuser -g ftpuser -d /srv/ftp/vuser2
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw useradd vuser3 -u ftpuser -g ftpuser -d /srv/ftp/vuser3
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw mkdb
mbnoimi-pc mbnoimi # /etc/init.d/pure-ftpd restart
Restarting ftp server: start-stop-daemon: warning: failed to kill 16260: No such process
Running: /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -l pam -j -x -X -C 3 -Y 0 -H -I 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
mbnoimi-pc mbnoimi # groups ftpuser
ftpuser : ftpuser
mbnoimi-pc mbnoimi #

pcguyiv 06-03-2013 08:27 PM
Quote:
Originally Posted by mbnoimi (Post 4964794)
I did exactly what you said but it didn't work too!!!
PS
As you can see I could run "pure-pw useradd" after adding the group "ftpuser" as you said above.
Code:
mbnoimi-pc mbnoimi # mkdir -p /srv/ftp/vuser{1,2,3}
mbnoimi-pc mbnoimi # useradd -U -M -d /srv/ftp -s /dev/null ftpuser
useradd: user 'ftpuser' already exists
mbnoimi-pc mbnoimi # chown -R ftpuser:ftpuser /srv/ftp
mbnoimi-pc mbnoimi # pure-pw useradd vuser1 -u ftpuser -g ftpuser -d /srv/ftp/vuser1
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw useradd vuser2 -u ftpuser -g ftpuser -d /srv/ftp/vuser2
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw useradd vuser3 -u ftpuser -g ftpuser -d /srv/ftp/vuser3
Password:
Enter it again:
mbnoimi-pc mbnoimi # pure-pw mkdb
mbnoimi-pc mbnoimi # /etc/init.d/pure-ftpd restart
Restarting ftp server: start-stop-daemon: warning: failed to kill 16260: No such process
Running: /usr/sbin/pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb -l pam -j -x -X -C 3 -Y 0 -H -I 5 -R -E -u 1000 -U 007:007 -A -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -c 10 -B
mbnoimi-pc mbnoimi # groups ftpuser
ftpuser : ftpuser
mbnoimi-pc mbnoimi #
If I'm understanding correctly by the output from what you have, everything is technically up and running as far as the server is concerned, but when you try to connect from the FTP client is when the errors occur.

mbnoimi 06-03-2013 10:35 PM
Quote:
If I'm understanding correctly by the output from what you have, everything is technically up and running as far as the server is concerned, but when you try to connect from the FTP client is when the errors occur.
Yes, but these errors occur in case login by any virtual user the usual users works fine.

pcguyiv 06-04-2013 08:18 AM
Quote:
Originally Posted by mbnoimi (Post 4964911)
Yes, but these errors occur in case login by any virtual user the usual users works fine.
I'm unfortunately starting to run out of ideas. Have you checked the settings in /etc/default/pure-ftpd-common? Make sure that it looks something like this:
Code:
# Configuration for pure-ftpd
# (this file is sourced by /bin/sh, edit accordingly)

# STANDALONE_OR_INETD
# valid values are "standalone" and "inetd".
# Any change here overrides the setting in debconf.
STANDALONE_OR_INETD=standalone

# VIRTUALCHROOT:
# whether to use binary with virtualchroot support
# valid values are "true" or "false"
# Any change here overrides the setting in debconf.
VIRTUALCHROOT=true

# UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,
# pure-uploadscript will also be run to spawn the program given below
# for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or
# pure-uploadscript(8)

# example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl
UPLOADSCRIPT=

# if set, pure-uploadscript will spawn  running as the
# given uid and gid
UPLOADUID=
UPLOADGID=
Beyond that, I will probably have to defer to someone else.

mbnoimi 06-04-2013 10:12 AM
Thanks a lot for your efforts, I replaced pureftpd with proftpd and find the last one much easier to use (it worked within 10 min)

Thanks once again.


All times are GMT -5. The time now is 07:58 PM.