LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-20-2011, 05:36 PM   #1
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Rep: Reputation: 0
Making vsftpd work on Slackware13...


I'm really struggling to get vsftpd to work on my virtual server.

I've installed it and uncommented out the vsftpd line in inetd.conf

I've played around with vsftpd.conf and even reduced it to the following minimal file, (which I found somewhere!):

anonymous_enable=YES
local_enable=YES
write_enable=NO
listen=NO

I've checked to make sure it's running with netstat, and restarted inetd after changing the conf files.

I'm not sure what else I should try! When I try and connect to it with a remote ftp client it won't even get to username stage.

I'm using the vsftpd package and installing with pkgtool. I don't have an ftp client installed or any compilers as I'm trying to keep the installation as minimal as possible.

I've also got Apache installed and running, along with mysql and php.

Does anyone have any ideas on what's going wrong?


Many thanks,


John
 
Old 04-20-2011, 06:25 PM   #2
mRgOBLIN
Slackware Contributor
 
Registered: Jun 2002
Location: New Zealand
Distribution: Slackware
Posts: 999

Rep: Reputation: 231Reputation: 231Reputation: 231
Firewall blocking it perhaps?

Another possibility is tcpwrappers.. does /etc/hosts.deny have anything in it?

If you don't have an ftp client you could try
Code:
 telnet localhost 21
On the machine itself

Last edited by mRgOBLIN; 04-20-2011 at 06:26 PM.
 
Old 04-20-2011, 06:53 PM   #3
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks mRgOBLIN,

I've checked hosts.deny and it's pretty spartan, and what little there is in there is all commented out anyway.

My Slackware install is very, very basic! Just installed the slackware telnet client and tried that, and got the following:

sh-3.1# telnet localhost 21
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

I'm at a bit of a loss as to why it won't work. I am a bit of a newbie, but have managed to get everything else I need for a working web server sorted (apache, mysql, php), only to fail at the last hurdle on the ftp server! I've done extensive googling and forum trawling and cannot seem to find any answers on it.

vsftpd doesn't have any dependencies does it? - although I guess if it did and I were missing any packages I'd get some form of error when starting inetd?


Many thanks,


John
 
Old 04-20-2011, 07:00 PM   #4
mRgOBLIN
Slackware Contributor
 
Registered: Jun 2002
Location: New Zealand
Distribution: Slackware
Posts: 999

Rep: Reputation: 231Reputation: 231Reputation: 231
Try these.. (as root)

Code:
fuser -v 21/tcp
This should highlight any dependency problems.
Code:
ldd $(which vsftpd)
 
Old 04-21-2011, 07:23 AM   #5
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Originally Posted by jm_5
I'm not sure what else I should try! When I try and connect to it with a remote ftp client it won't even get to username stage.
When you say remote, do you mean a client on your LAN or a client out on the internet? The reason I'm asking is that the different scenarios might need some different port forwarding. Have a read through this on the difference between active and passive FTP to see what ports you might need to open.
 
Old 04-21-2011, 07:59 AM   #6
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks mRgOBLIN,

Tried these and got the below:

Code:
sh-3.1# fuser -v 21/tcp

                     USER        PID ACCESS COMMAND
21/tcp:              root      13875 F.... inetd
Code:
sh-3.1# ldd $(which vsftpd)
        linux-gate.so.1 =>  (0xffffe000)
        libnsl.so.1 => /lib/libnsl.so.1 (0xf76cf000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0xf769d000)
        libdl.so.2 => /lib/libdl.so.2 (0xf7699000)
        libresolv.so.2 => /lib/libresolv.so.2 (0xf7683000)
        libutil.so.1 => /lib/libutil.so.1 (0xf767f000)
        libcap.so.2 => /lib/libcap.so.2 (0xf767a000)
        libssl.so.0 => /usr/lib/libssl.so.0 (0xf7633000)
        libcrypto.so.0 => /usr/lib/libcrypto.so.0 (0xf74e7000)
        libc.so.6 => /lib/libc.so.6 (0xf7384000)
        /lib/ld-linux.so.2 (0xf76ee000)
        libattr.so.1 => /lib/libattr.so.1 (0xf737f000)
The dependencies all seem to be fine.

Is there anything out of the ordinary about any of the output above?


Many thanks,


John
 
Old 04-21-2011, 08:03 AM   #7
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Hangdog42 - thanks for that, will have a read through that and see if the problem is there.

It's a virtual server in a data center somewhere. Am trying to use it with an FTP client on my desktop at home, so don't have LAN access unfortunately.

Many thanks,


John
 
Old 04-21-2011, 09:12 AM   #8
+Alan Hicks+
Member
 
Registered: Feb 2005
Distribution: Slackware
Posts: 72

Rep: Reputation: 55
Can you connect to it via localhost? Try running your FTP client on the same box as the FTP server. If that works, paste the output of the following command run on the server:

tcpdump -i eth0 -n tcp port 21

And while that's running, attempt to connect to the FTP service from another box. That will tell us if the server is ever seeing the connection attempt.
 
Old 04-22-2011, 01:37 PM   #9
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks guys, had a look through these things and still not quite sure why it's not working.

Doesn't Slackware come with all ports open as default?

I've got a very minimal installation, so don't have iptables installed.

Alan, I've tried that, so hopefully getting somewhere!

Code:
sh-3.1# lftp localhost
lftp localhost:~>
Then this is what the server gets whilst I try to connect using filezilla from my laptop:

Code:
sh-3.1# tcpdump -i eth0 -n tcp port 21
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
18:23:08.256306 IP 78.149.176.zzz.10021 > xxx.xxx.xxx.xxx.21: Flags [S], seq 30252024, win 8192, options [mss 1392,nop,nop,sackOK], length 0
18:23:08.256402 IP xxx.xxx.xxx.xxx.21 > 78.149.176.zzz.10021: Flags [S.], seq 4175829794, ack 30252025, win 5840, options [mss 1460,nop,nop,sackOK], length 0
18:23:08.319500 IP 78.149.176.zzz.10021 > xxx.xxx.xxx.xxx.21: Flags [.], ack 1, win 16704, length 0
18:23:08.322951 IP xxx.xxx.xxx.xxx.21 > 78.149.176.zzz.10021: Flags [F.], seq 1, ack 1, win 5840, length 0
18:23:08.443439 IP 78.149.176.zzz.10021 > xxx.xxx.xxx.xxx.21: Flags [.], ack 2, win 16704, length 0
18:23:08.728192 IP 78.149.176.zzz.10021 > xxx.xxx.xxx.xxx.21: Flags [F.], seq 1, ack 2, win 16704, length 0
18:23:08.728248 IP xxx.xxx.xxx.xxx.21 > 78.149.176.zzz.10021: Flags [.], ack 2, win 5840, length 0
That's one iteration, before the connection gets closed and it tries to reconnect.

I've blanked out ip addresses, I hope that's ok. xxx is the server.


Many thanks,


John
 
Old 04-22-2011, 04:42 PM   #10
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Originally Posted by jm_5
Doesn't Slackware come with all ports open as default?
There is no default firewall if that is what you mean.

Have you looked in the log files to see if vsftpd is complaining about anything?

Quote:
Originally Posted by jm_5
Then this is what the server gets whilst I try to connect using filezilla from my laptop
When I've used filezilla as a client, I've had to force it to use passive mode (I think the default is to let it choose) otherwise it wouldn't connect. Have you tried a different FTP client or maybe forcing filezilla to use passive mode?
 
Old 05-05-2011, 03:53 PM   #11
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks for your help Hangdog, I've struggled with this on and off for the last couple of weeks reading on forums and manpages etc, and still not having any joy!

There are no vsftpd Log files visible in /var/log as would be expected. I've played around with vsftpd.conf some more and expanded it to include the following, but to no avail:

Code:
anonymous_enable=YES
local_enable=YES
write_enable=NO
listen=NO

xferlog_enable=YES
xferlog_std_format=YES
dual_log_enable=YES
I've also tried making Filezilla use passive mode, and also to connect with another ftp client - this fails as before, however shows up on the server with tcpdump as it does with Filezilla. So basically exactly the same behaviour as Filezilla.

I'm about ready to give up on it, however I figure it must work one way or another + once it's done I won't have to worry about it, and it would be really handy to get it working.


Many thanks,


John
 
Old 05-06-2011, 01:37 PM   #12
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
OK, lets start with some basics (and I know you've done some of this already, but lets make sure). First, use netstat -pantu and make sure that inetd is listening on port 21. Also look at the output of iptables -L -n and make sure that there isn't a firewall in place.

Otherwise, looking at your vsftpd.conf, I think it may be a bit too spartan. Just for giggles, here is mine, and at least on my rig it definitely works with inetd. In particular, I'm worried that the connect_from_port_20=YES line is missing. Also, vsftpd leave a record of connections in /var/log/secure. You might look in there to see if there is even a connection made.


Code:
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
# anonymous_enable=YES
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Welcome to my FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
ls_recurse_enable=YES
#
# When "listen" directive is enabled, vsftpd runs in standalone mode (rather
# than from inetd) and listens on IPv4 sockets. To use vsftpd in standalone
# mode rather than with inetd, either change the line below to 'listen=YES'
# or comment it out. This directive cannot be used in conjunction with the
# listen_ipv6 directive.
listen=NO
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
#
#TDP Additions
#
chroot_local_user=YES
pasv_min_port=50000
pasv_max_port=51000
 
Old 05-07-2011, 09:17 AM   #13
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks Hangdog.

I've changed the vsftpd.conf file to the same as yours.

iptables is not installed - when I try and run it it just says command not found.

var/log/secure is totally blank, and the other log files don't even exist - not sure why?

Code:
sh-3.1# netstat -pantu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:37              0.0.0.0:*               LISTEN      1660/inetd
tcp        0      0 0.0.0.0:113             0.0.0.0:*               LISTEN      1660/inetd
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      1660/inetd
tcp6       0      0 :::80                   :::*                    LISTEN      1223/httpd
udp        0      0 0.0.0.0:512             0.0.0.0:*                           1660/inetd
udp        0      0 0.0.0.0:37              0.0.0.0:*                           1660/inetd

Then when I try and connect it changes to the following:

Code:
sh-3.1# netstat -pantu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:37              0.0.0.0:*               LISTEN      1638/inetd
tcp        0      0 0.0.0.0:113             0.0.0.0:*               LISTEN      1638/inetd
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      1638/inetd
tcp        0      0 xxx.xxx.xx.xxx:21       xx.149.183.15:13333     TIME_WAIT   -
tcp        0      0 xxx.xxx.xx.xxx:21       xx.149.183.15:13331     TIME_WAIT   -
tcp6       0      0 :::80                   :::*                    LISTEN      1223/httpd
udp        0      0 0.0.0.0:512             0.0.0.0:*                           1638/inetd
udp        0      0 0.0.0.0:37              0.0.0.0:*                           1638/inetd
I've put a couple of x's in the ip addresses, hope that's ok.

Thanks,


John

Last edited by jm_5; 05-07-2011 at 09:19 AM.
 
Old 05-08-2011, 07:01 AM   #14
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Originally Posted by jm_5
iptables is not installed - when I try and run it it just says command not found.
That is really weird. Did you do a full install of Slackware or did you remove packages? Iptables is one of the core commands and the fact that it isn't there (I'm assuming you were root when trying to run it), suggests something wrong with the install. If you weren't root, that would explain this because it is in /usr/sbin, which isn't in a normal users PATH.

Quote:
Originally Posted by jm_5
var/log/secure is totally blank, and the other log files don't even exist - not sure why?
Um, you have no files in /var/log? If so, this is really looking like something went horribly wrong on install.

Quote:
Originally Posted by jm_5
Then when I try and connect it changes to the following:
Just to make sure, when you make changes to vsftpd.conf, do you restart inted?
 
Old 05-08-2011, 03:03 PM   #15
jm_5
LQ Newbie
 
Registered: Apr 2011
Posts: 13

Original Poster
Rep: Reputation: 0
Hi Hangdog,

Thanks for your reply.

It's a very minimal install of Slackware offered by my VPS hosting provider.

So it comes with very little out the box - anything I needed, I had to add the packages required together with any dependencies.

Have managed to get Apache, MySQL and PHP working without any problems, but VSFTPD is proving a bit of a stumbling block! I've installed it from the vsftpd package in the n disk set (http://www.mirrorservice.org/sites/f...0/slackware/n/).

I am running all commands as root, so iptables definitely isn't installed. Do I need it?

There are files in var/log for other things, but nothing for VSFTPD, eg xferlog and vsftpd.log

Yeah, am restarting inetd each time. The code snippets in my last post were cut and pasted in wrong order, so please don't pay any attention to process ids, as I've just noticed that they don't really tally up!


Many thanks,


John
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Cannot boot slackware13, even with the slackware13 created flashdrive yanfaun Slackware 59 02-13-2011 06:40 PM
slackware13 + slackbuilds.org: thunar-archive-plugin won't work wingevil Slackware 3 10-03-2009 04:07 PM
DHCP doesn't work on slackware13.0 zyli2006 Slackware 26 09-11-2009 11:38 PM
can't get vsftpd to work properly alfredofernandeza Linux - Server 2 12-12-2006 11:27 PM
Why wont VSFTPD work right? kd7isf Linux - Newbie 13 11-06-2005 11:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration